Sorry! I've been having many problems over the last few weeks similar to my last post. My system was fine after fixing it in Dec. I must have clicked on something in the last two months--no idea from which site. I had to reboot several times last week. I was unable to place orders on a website one day last week but fine the next day. There are a few other issues. Also, I was able to perform step 1 and 2 but my error message for step 3 was "account was suspended." Please let me know what to do next--I'm pasting my text/logs below.
3. Please download Security Check by screen317 from here.
Save it to your Desktop.
Double-click SecurityCheck.exe and follow the on-screen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document with the other requested logs.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-06-2016 01
Ran by lisa (administrator) on LISA-VAIO (12-06-2016 21:09:14)
Running from C:\Users\lisa\Downloads
Loaded Profiles: lisa (Available Profiles: lisa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1441792 2010-06-08] (Intel® Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1931024 2010-07-19] (Intel(R) Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE [310312 2015-10-08] (F-Secure Corporation)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (42626)] => C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [187432 2014-10-06] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
Startup: C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2012-10-10]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-2330229276-1937969778-3526454886-1001] => http=127.0.0.1:64550
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{57A09F4D-5472-450A-88FA-CD092971DA04}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: [DhcpNameServer] 68.111.16.25 68.111.16.30
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.aadvantageeshopping.com/s____.htm
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxps://mail.google.com/mail/?rli%3D1h48om17floxd%26rld%3D1&scc=1<mpl=default<mplcache=2&emr=1&osid=1#identifier
URLSearchHook: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 - FCToolbarURLSearchHook Class - {868978c8-95f3-4020-a5cd-5a16d60e36ca} - C:\Program Files (x86)\Dividend Miles Toolbar\Helper.dll ()
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=UP94DF&PC=UP94&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> DB07061EB62D42A98E3853E195D37BEA URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS424
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=UP94DF&PC=UP94&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {7D1ADA97-646B-4957-9BEA-64068431946B} URL = hxxp://delicious.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {F40D307B-5829-4523-B880-8F59A61166A9} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {F9060207-6906-4104-BB79-DE40BBBAEC57} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-05-09] (F-Secure Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-05-09] (F-Secure Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-12] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
DPF: HKLM-x32 {7677E74E-5831-4C9E-A2DD-9B1EF9DF2DB4} hxxps://www.paycomonline.net/v4/doceditor/officeviewer.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F53B7748-643C-4A78-8DBC-01A4855D1A10} hxxps://www.paycomonline.net/v4/doceditor/FoxitPDFSDK_AX_Pro.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default
FF DefaultSearchEngine: Bing
FF DefaultSearchUrl: hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP94DF&PC=UP94&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\lisa\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2330229276-1937969778-3526454886-1001: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\lisa\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-10-19] (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-11-12] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-02-26] (Coupons, Inc.)
FF Extension: RoxioNow Player Plugin - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\extensions\{3112ca9c-de6d-4884-a869-9855de680400} [2012-03-26] [not signed]
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016-05-09]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2016-05-10]
CHR Extension: (Skype) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/Charter Security Suite/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-12-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [408576 2010-06-07] (Red Bend Ltd.) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
R2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [187432 2014-10-06] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-10-08] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] ()
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [911872 2010-06-07] (Intel(R) Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-11-17] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106696 2016-06-04] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [75448 2016-01-12] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2013-02-21] ()
R3 fsni; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\fsni64.sys [110272 2016-05-09] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2015-10-08] ()
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-07-28] ()
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-12 21:09 - 2016-06-12 21:10 - 00028644 _____ C:\Users\lisa\Downloads\FRST.txt
2016-06-12 21:08 - 2016-06-12 21:09 - 00000000 ____D C:\FRST
2016-06-12 21:08 - 2016-06-12 21:08 - 02385408 _____ (Farbar) C:\Users\lisa\Downloads\FRST64.exe
2016-06-12 21:06 - 2016-06-12 21:06 - 01735680 _____ (Farbar) C:\Users\lisa\Downloads\FRST.exe
2016-05-15 22:01 - 2016-04-08 23:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-15 22:01 - 2016-04-08 22:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-15 21:27 - 2016-05-15 21:43 - 00005746 _____ C:\Users\lisa\Documents\Rimmington, Lisa_2015.efx
2016-05-15 21:02 - 2016-04-09 01:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-15 21:02 - 2016-04-09 01:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-15 21:01 - 2016-04-09 01:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-15 21:01 - 2016-04-09 01:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-15 21:01 - 2016-04-09 00:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-15 21:00 - 2016-04-14 08:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-15 21:00 - 2016-04-14 08:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-15 21:00 - 2016-04-09 02:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-15 21:00 - 2016-04-09 02:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-15 21:00 - 2016-04-09 01:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-15 21:00 - 2016-04-06 10:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-15 21:00 - 2016-03-09 13:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-15 21:00 - 2016-03-09 13:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-15 20:58 - 2016-04-23 11:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-15 20:58 - 2016-04-23 00:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-15 20:58 - 2016-04-23 00:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-15 20:58 - 2016-04-22 23:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-15 20:58 - 2016-04-22 23:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-15 20:58 - 2016-04-22 23:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-15 20:58 - 2016-04-22 23:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-15 20:58 - 2016-04-22 23:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-15 20:58 - 2016-04-22 23:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-15 20:58 - 2016-04-22 23:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-15 20:58 - 2016-04-22 23:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-15 20:58 - 2016-04-22 23:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-15 20:58 - 2016-04-22 22:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-15 20:58 - 2016-04-22 22:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-15 20:58 - 2016-04-22 22:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-15 20:58 - 2016-04-22 22:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-15 20:58 - 2016-04-22 22:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-15 20:58 - 2016-04-22 22:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-15 20:58 - 2016-04-22 22:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-15 20:57 - 2016-04-23 12:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-15 20:57 - 2016-04-23 00:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-15 20:57 - 2016-04-23 00:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-15 20:57 - 2016-04-23 00:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-15 20:57 - 2016-04-23 00:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-15 20:57 - 2016-04-22 23:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-15 20:57 - 2016-04-22 23:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-15 20:57 - 2016-04-22 23:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-15 20:57 - 2016-04-22 23:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-15 20:57 - 2016-04-22 23:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-15 20:57 - 2016-04-22 23:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-15 20:57 - 2016-04-22 23:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-15 20:57 - 2016-04-22 23:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-15 20:57 - 2016-04-22 23:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-15 20:57 - 2016-04-22 23:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-15 20:57 - 2016-04-22 23:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-15 20:57 - 2016-04-22 23:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-15 20:57 - 2016-04-22 22:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-15 20:57 - 2016-04-22 22:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-15 20:57 - 2016-04-22 22:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-15 20:57 - 2016-04-22 22:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-15 20:57 - 2016-04-22 22:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-15 20:57 - 2016-04-22 22:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-15 20:57 - 2016-04-22 22:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-15 20:57 - 2016-04-22 22:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-15 20:57 - 2016-04-22 22:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-15 20:57 - 2016-04-22 22:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-15 20:57 - 2016-04-22 22:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-15 20:57 - 2016-04-22 22:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-15 20:57 - 2016-04-22 22:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-15 20:57 - 2016-04-22 22:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-15 20:57 - 2016-04-22 22:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-15 20:56 - 2016-04-23 00:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-15 20:56 - 2016-04-23 00:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-15 20:56 - 2016-04-23 00:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-15 20:56 - 2016-04-22 23:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-15 20:56 - 2016-04-22 23:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-15 20:56 - 2016-04-22 23:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-15 20:56 - 2016-04-22 23:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-15 20:56 - 2016-04-22 23:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-15 20:56 - 2016-04-22 23:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-15 20:56 - 2016-04-22 23:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-15 20:56 - 2016-04-22 23:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-15 20:56 - 2016-04-22 23:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-15 20:56 - 2016-04-22 23:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-15 20:56 - 2016-04-22 23:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-15 20:56 - 2016-04-22 22:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-15 16:51 - 2016-04-09 02:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-15 16:51 - 2016-04-09 01:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-15 16:51 - 2016-04-09 01:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-15 16:51 - 2016-04-09 01:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-15 16:51 - 2016-04-09 01:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-15 16:51 - 2016-04-09 01:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-15 16:50 - 2016-04-09 02:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-15 16:50 - 2016-04-09 02:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-15 16:50 - 2016-04-09 02:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-15 16:50 - 2016-04-09 02:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-15 16:50 - 2016-04-09 01:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-15 16:50 - 2016-04-09 01:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-15 16:50 - 2016-04-09 01:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 00:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-15 16:50 - 2016-04-09 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-15 16:50 - 2016-04-09 00:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-15 16:50 - 2016-04-09 00:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-15 16:50 - 2016-04-09 00:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-15 16:50 - 2016-04-09 00:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-15 16:50 - 2016-04-09 00:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-15 16:50 - 2016-04-09 00:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-15 16:50 - 2016-04-09 00:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-15 16:50 - 2016-04-09 00:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-15 16:50 - 2016-04-09 00:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-15 16:50 - 2016-04-09 00:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-15 16:50 - 2016-04-09 00:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-15 16:50 - 2016-04-09 00:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-15 16:50 - 2016-04-09 00:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-15 16:50 - 2016-04-09 00:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-15 16:50 - 2016-04-09 00:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-15 16:50 - 2016-04-09 00:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 00:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 00:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-15 16:50 - 2016-04-09 00:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-15 16:49 - 2016-05-15 16:49 - 00000000 ____D C:\ProgramData\SmartrakGroup
2016-05-15 16:46 - 2016-05-15 21:50 - 00000000 ____D C:\Users\lisa\Documents\eFile Express 2015
2016-05-15 16:46 - 2016-05-15 16:46 - 00002133 _____ C:\Users\lisa\Desktop\eFile Express 2015.lnk
2016-05-15 16:46 - 2016-05-15 16:46 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFile Express 2015
2016-05-15 16:46 - 2016-05-15 16:46 - 00000000 ____D C:\Program Files (x86)\eFile Express 2015
2016-05-15 16:42 - 2016-05-15 16:43 - 01675000 _____ (Smartrak Group, Inc.) C:\Users\lisa\Downloads\EfxInstM15.exe
2016-05-14 17:02 - 2016-05-14 17:02 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-12 21:08 - 2011-03-26 18:24 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2F03448F-2839-4571-8302-D2CAADEC42D8}
2016-06-12 21:06 - 2016-01-12 22:26 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Skype
2016-06-12 20:56 - 2009-07-13 23:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-12 20:56 - 2009-07-13 23:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-12 20:48 - 2012-09-28 07:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-12 20:48 - 2010-07-27 03:05 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-12 19:43 - 2010-07-27 03:05 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-12 19:29 - 2013-02-21 22:23 - 00003376 _____ C:\Windows\System32\Tasks\Scheduled scanning task
2016-06-12 19:29 - 2013-02-21 22:23 - 00000596 _____ C:\Windows\Tasks\Scheduled scanning task.job
2016-06-12 19:28 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-11 22:14 - 2011-10-10 20:16 - 00000000 ____D C:\Users\lisa\Documents\Resumes
2016-06-08 23:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-06-08 23:26 - 2011-08-31 19:09 - 00000000 ____D C:\Users\lisa\AppData\Local\ElevatedDiagnostics
2016-06-08 19:58 - 2012-10-05 20:16 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-08 19:57 - 2012-10-05 20:16 - 00002102 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-08 06:04 - 2009-07-14 00:13 - 00006234 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-04 13:17 - 2016-01-24 09:43 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-01 20:30 - 2010-07-12 15:26 - 00000000 ____D C:\Windows\Panther
2016-06-01 20:19 - 2015-10-30 04:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-30 21:45 - 2015-04-15 11:56 - 00000000 ____D C:\Users\lisa\AppData\LocalLow\F-Secure
2016-05-29 21:05 - 2011-04-02 22:03 - 00000021 _____ C:\Windows\Model.txt
2016-05-29 21:04 - 2011-04-02 22:01 - 00000000 ____D C:\Update
2016-05-28 06:56 - 2016-01-12 22:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-25 22:16 - 2015-04-09 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-25 22:16 - 2015-04-09 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-16 18:31 - 2009-07-13 23:45 - 00442368 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-16 18:26 - 2014-12-10 04:32 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-16 18:25 - 2010-07-13 13:20 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 22:06 - 2015-06-14 19:48 - 00000000 ____D C:\Users\lisa\Documents\eFile Express 2014
2016-05-15 21:13 - 2015-09-15 19:25 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-15 21:08 - 2013-07-29 03:02 - 00000000 ____D C:\Windows\system32\MRT
2016-05-15 16:24 - 2011-03-26 18:49 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-14 17:02 - 2012-09-28 07:13 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-14 17:02 - 2012-09-28 07:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-14 17:02 - 2012-09-28 07:13 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2016-02-01 20:00 - 2016-02-01 20:00 - 6871040 _____ () C:\Program Files (x86)\GUT7520.tmp
2014-01-12 16:11 - 2014-01-18 08:18 - 0000142 _____ () C:\Users\lisa\AppData\Roaming\WB.CFG
2014-01-12 16:11 - 2014-01-18 08:18 - 0000005 _____ () C:\Users\lisa\AppData\Roaming\WBPU-TTL.DAT
2012-10-19 21:02 - 2012-10-19 21:02 - 0007605 _____ () C:\Users\lisa\AppData\Local\Resmon.ResmonCfg
2011-09-10 09:28 - 2011-09-10 09:28 - 0000000 _____ () C:\Users\lisa\AppData\Local\{2195D532-CD53-4B70-A0F9-3CB7F7DC12C8}
2011-04-10 17:24 - 2011-04-10 17:26 - 0000376 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\lisa\AppData\Local\Temp\dpqkuktb.dll
C:\Users\lisa\AppData\Local\Temp\GLF1DB2.EXE
C:\Users\lisa\AppData\Local\Temp\GLF31C0.EXE
C:\Users\lisa\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\lisa\AppData\Local\Temp\khckwpqw.dll
C:\Users\lisa\AppData\Local\Temp\kmi7r90t.dll
C:\Users\lisa\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-08 23:19
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-06-2016 01
Ran by lisa (2016-06-12 21:10:57)
Running from C:\Users\lisa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-26 23:21:28)
Boot Mode: Normal
==========================================================
==================== Accounts: ========
Hi, Lisa.
1. Please go to C:\Users\lisa\Downloads and move FRST to your desktop, C:\Users\lisa\Desktop.
2. Due to the length of the logs, the Addition.txt log did not post. Please copy/paste that log in your next reply (after moving FRST to your desktop ;) ).
3. The instructions have been updated since the last time you were here. SecurityCheck has been replaced with a new tool:
Please download
Security Analysis (http://rocketgrannie.spywareinfoforum.org/RGSA.exe) and save it to your desktop.
- Close your security software to avoid potential conflicts.
- Double-click RGSA.exe
- Click OK on the copyright-disclaimer
- It will produce a log named SALog.txt on the Desktop or in the same folder from where the tool is run if installed elsewhere.
I thought I verified "additional scan" was posted. I copied/pasted it again. Thank you for the updated Step 3! I included that result too.
Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-06-2016 01
Ran by lisa (2016-06-12 21:10:57)
Running from C:\Users\lisa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-26 23:21:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2330229276-1937969778-3526454886-500 - Administrator - Disabled)
Guest (S-1-5-21-2330229276-1937969778-3526454886-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2330229276-1937969778-3526454886-1002 - Limited - Enabled)
lisa (S-1-5-21-2330229276-1937969778-3526454886-1001 - Administrator - Enabled) => C:\Users\lisa
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Computer Security (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Security (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
AVS Image Converter 1.3.3.146 (HKLM-x32\...\AVS Image Converter_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Charter Security Suite (HKLM-x32\...\F-Secure ServiceEnabler 42626) (Version: 2.21.286.0 - F-Secure Corporation)
Charter Security Suite (x32 Version: 2.21.286.0 - F-Secure Corporation) Hidden
Computer Security 14.121.104.0 (release) (x32 Version: 14.121.104.0 - F-Secure Corporation) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.5) (Version: 5.0.1.5 - Coupons.com Incorporated)
Dividend Miles Toolbar (HKLM-x32\...\Dividend Miles Toolbar) (Version: - )
eFile Express 2010 (HKLM-x32\...\eFile Express 2010) (Version: - )
eFile Express 2011 (HKLM-x32\...\eFile Express 2011) (Version: - )
eFile Express 2014 (HKLM-x32\...\eFile Express 2014) (Version: 2014.0b - Smartrak Group, Inc.)
eFile Express 2015 (HKLM-x32\...\eFile Express 2015) (Version: 2015.0b - Smartrak Group, Inc.)
eMusic Download Manager (HKLM-x32\...\eMusic Download Manager 5.0.5) (Version: 5.0.5 - eMusic.com Inc.)
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.112.309 (release) (x32 Version: 1.51.112.309 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.03.102 (x32 Version: 1.03.102 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.03.207.0 (release) (x32 Version: 1.03.207.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Photo Creations (HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{F4330A8B-3610-4483-975E-69789B70A764}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Help (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Photosmart Plus B210 series Product Improvement Study (HKLM\...\{7C1C9924-3755-483C-87B1-8371B7454B1A}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{4327107B-E95E-415C-9194-458FCED6BF12}) (Version: 13.03.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{0D9917CE-1C77-4B58-A153-DCB5A854ED82}) (Version: 1.2.15.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{6548B189-BEA4-4041-80E0-AEB60548E046}) (Version: 2.03.0005 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
Online Safety 2.115.2786.1676 (x32 Version: 2.115.2786.1676 - F-Secure Corporation) Hidden
OOBE (x32 Version: 3.10.0630 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (x32 Version: 5.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote Play with PlayStation®3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skypeâ,,¢ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
VAIO - Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO Care (HKLM\...\{6EEC3E9C-3479-42EB-B93C-E7DF7927DD82}) (Version: 8.4.4.09181 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (x32 Version: 4.3.0.05310 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (x32 Version: 2.2.00.05120 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.2.0.07020 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{AD3E7141-A22E-40F1-A7A4-55E898AE35E3}) (Version: 12.00.0622 - Sony Corporation)
VAIO Manual (x32 Version: 1.1.0.05280 - Sony Corporation) Hidden
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (x32 Version: 2.1.0.14080 - Sony Corporation) Hidden
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.550.0 - DDNi)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Quick Web Access (x32 Version: 1.3.4.2 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.2.0.16080 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Survey (x32 Version: 6.00.1028 - Sony Corporation) Hidden
VAIO Transfer Support (x32 Version: 1.2.0.06230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VAIO Wireless Wizard (x32 Version: 3.0.0.06230 - Sony) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Video Mover (HKLM-x32\...\Video Mover_is1) (Version: - )
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06B3F245-3ACD-42B4-B635-36B4A3969DD3} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {0A8CE399-673E-4C01-AF67-F68ACE607A61} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-23] (Sony Corporation)
Task: {1061C67D-5C0A-4A38-AD6C-23A22A29A441} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {51842E5E-1EDE-41D8-B814-8B909771E110} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5387BABF-2FB0-4596-AB6E-F1EBEA23C09D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {53DA5D98-877E-4DFA-A0AD-52376515F3B1} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {586179E1-1E56-45D6-9DC2-A224418AFD23} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {5D311927-99AF-4BAC-949E-F730B81C12E3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {60E8562B-7AE8-4547-8613-B03D3BB48A6B} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {62242B98-3C96-4DE4-A157-45A975990C90} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {63560233-994B-4920-B4A5-987D166A1649} - System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {7272BF44-DB88-42E1-B81C-E12CB33A168B} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsav.exe [2016-06-04] (F-Secure Corporation)
Task: {85CD2846-ED71-484B-BF00-F974E632555A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {87A9F6FA-346E-493F-8E59-843705D8E756} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {8E290FFB-00A4-4332-AD58-DBBFD6A7E6E9} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {8FF0A885-3D37-417C-AB1D-980BCB20FB90} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {94E4A480-9EF6-428F-9253-9038823B445A} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {96B11C3D-A2A1-45B7-9598-D229E0A7A7CA} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {99EBA0BA-6B05-4527-8369-A209CDBF7344} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)
Task: {9D64101F-C533-4E51-A529-1BBBCEE0A467} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {9FCEAF38-E18E-4051-A2A0-4F424074C3CF} - System32\Tasks\VAIO® Messenger (lisa) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {AE244010-7CCA-48F0-9931-D48ADD546E22} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {B3EAB967-736C-416F-888D-50AC58CB7DC7} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)
Task: {B9520DC5-45E2-4E15-AE19-9E42F6E5BE19} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {BAC77103-A43D-4911-8DCF-5EFFF353A7B8} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {C11DB1F3-4A7B-420C-9F9E-AFFCFE771B0D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C1F144AE-7706-49CD-9859-4FFAFD43687E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {C8FDBCF6-DC9C-4C60-A047-961744B72262} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {D2CE53FF-C2CB-4E89-9DF2-B741E8A15B4D} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation)
Task: {D47E5996-7CF9-4BB5-ADDE-7B6511217DDB} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {E2A1DA07-8950-426E-A0B2-5F656D30B436} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {E6D101A9-7C94-4360-A4AA-E73356B0BCDE} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {F369EDFB-5A0B-427A-848C-3C1E3C251051} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {F4122E05-6592-4AC2-832F-B22A261B1FCE} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {FD57BD20-5985-4E0A-9845-D9AF6D857AC4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\CHARTE~1\apps\COMPUT~1\ANTI-V~1\fsav.exeX /HARD /POLICY /SCHED /REPORT C:\PROGRA~2\CHARTE~1\apps\COMPUT~1\ANTI-V~1\report.txt
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-07-19 16:48 - 2010-07-19 16:48 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-04-13 18:45 - 2011-04-19 16:31 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2014-04-13 18:45 - 2010-02-09 15:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-04-13 18:45 - 2011-04-19 16:31 - 00150016 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2010-07-19 16:48 - 2010-07-19 16:48 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2015-09-18 09:53 - 2015-09-18 09:53 - 00245912 _____ () C:\Program Files\Sony\VAIO Care\analyzer.dll
2014-04-13 18:42 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-21 22:22 - 2015-10-08 05:20 - 00045608 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\FSAVHRES.ENG
2013-05-15 16:05 - 2013-05-15 16:05 - 00220096 _____ () C:\Program Files (x86)\Charter Security Suite\daas2.dll
2010-07-27 03:30 - 2010-05-31 21:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-07-27 03:30 - 2010-05-31 21:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-02-21 22:27 - 2016-04-20 19:22 - 00093152 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-02-21 22:22 - 2016-06-04 12:07 - 00292832 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Gemini\fsgem.dll
2013-02-21 22:22 - 2015-10-12 20:36 - 00212008 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Spam Control\fsas.dll
2013-02-21 22:22 - 2016-06-04 13:04 - 00932320 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-02-21 22:22 - 2015-10-08 05:20 - 00056360 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.ENG
2014-04-13 18:42 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2014-04-13 18:42 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2014-04-13 18:42 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2014-04-13 18:42 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2014-04-13 18:42 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2015-02-15 05:29 - 2015-02-15 05:29 - 00592936 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
2016-06-08 19:57 - 2016-06-03 20:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-08 19:57 - 2016-06-03 20:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2014-04-13 18:42 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2016-05-17 16:51 - 2016-05-17 16:51 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5d3fdf7962e3a154830b603096be4216\IsdiInterop.ni.dll
2010-07-12 16:29 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 00039936 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudModel.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 00011264 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudClient.dll
2016-06-08 19:57 - 2016-06-03 20:56 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\paycomonline.net -> hxxps://www.paycomonline.net
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-09-05 19:41 - 2015-11-21 13:22 - 00000357 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9ADB7CF9-BB6A-4F45-8EC4-90A30E833E56}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{82DE0DCF-56DF-4E90-A333-4711A488473E}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{D745888D-C68E-4BFE-843E-2A2996F30E62}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{E08D95BF-36F4-4BC9-B8C1-74FB75245860}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{538244D4-4A97-495F-B12C-59B31C16671B}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{E3302768-E46E-4F83-BA68-B71F36587E2C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{A3DB6DC7-D059-47B5-BE94-3A0C7A7FFBCA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{043DE775-8142-4D31-8FEE-09E7D1C1A221}] => (Allow) svchost.exe
FirewallRules: [{A491B525-F448-40A7-A2F0-1E23F98F5578}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{F42CB48A-DA1E-4C8C-8CF1-F8EAC2C076A1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{8F6EB939-04E3-4B07-AF6C-60A74DD6C88C}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CBFFC972-2E8E-4D8C-BF46-A2D2CE8E38C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{05A8D605-FFDF-4704-A487-E999D2CE3B53}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{03DCBA26-9A22-4F9B-81D1-A5595FCCF494}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C94CEC8-9730-43D0-8DCF-DD2B314807D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4F9E348D-C97F-44AE-87A4-7B04278012FD}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\TroubleShooter.exe
FirewallRules: [{F742E2FC-D88C-4E8F-84CA-808A0BF914D6}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\TroubleShooter.exe
FirewallRules: [{D3B36C2D-285F-4F2C-A496-26D888E3E24E}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\ToolbarUpdate.exe
FirewallRules: [{F77495C6-34D4-4FB7-8AB8-5E5CB2C362DC}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\ToolbarUpdate.exe
FirewallRules: [{54857A7D-2617-4640-A5AE-D0812A85B8EE}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{FD0B0124-E30E-49F0-AADD-FCFD89E263DC}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{46F1DA8E-8ED3-4148-B442-F38DE7EBBEEE}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{858A0B86-84CF-4D65-BA5B-F26E59EACD65}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{86FBE8F2-CDAF-4539-A2D7-940CB9181F79}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{43325B2C-6E7F-4D27-953F-80F0F78D4ADF}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{DE6B9C62-2FB5-4DF2-AD09-E7C80764F875}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{8EC1DD6B-C37A-4983-B6C9-16C26C7580AB}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{B33A009C-4AC5-496E-B118-6070BB112A45}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{F053A2F1-5A66-4DA5-8657-C9ED0DAAE384}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{330DC3A3-48AC-4D32-8184-B80006AF6150}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{3E8DC075-B807-4987-A95C-7561211EE980}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{8FEA550F-FD2E-4832-A529-A422DD1D297A}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{9094DD97-48F8-41FB-BA32-B25431FD631B}] => (Allow) LPort=19540
FirewallRules: [{F1B7FDAA-7D1B-4E08-A753-2A6E5830ED48}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{D775D56F-6E44-4188-BEC4-59F68CCB5F60}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{94F6813A-5ABB-49D9-83C6-55078949D08C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{77E8FA74-67F0-47B6-943C-AD906236F5F2}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{4D577C95-E544-4936-A58F-3785FB6A672C}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{2F2B0482-F3C1-4D8B-8362-159748407DC3}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe
FirewallRules: [{CB772A20-EFBE-411B-8A8F-B388A2101607}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A797DF89-D61E-43B4-9679-465CF57018C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
21-05-2016 08:51:38 Windows Update
24-05-2016 19:52:40 Windows Update
25-05-2016 22:15:26 Windows Update
30-05-2016 11:23:27 Windows Update
04-06-2016 13:11:07 Windows Update
11-06-2016 09:56:36 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/12/2016 08:17:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 479360
Error: (06/12/2016 08:17:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 479360
Error: (06/12/2016 08:17:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/12/2016 07:57:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 290272
Error: (06/12/2016 07:57:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 290272
Error: (06/12/2016 07:57:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/11/2016 08:53:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 354762
Error: (06/11/2016 08:53:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 354762
Error: (06/11/2016 08:53:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/11/2016 08:47:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
System errors:
=============
Error: (06/12/2016 09:11:15 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
Error: (06/12/2016 08:07:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}
Error: (06/12/2016 07:43:45 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
Error: (06/12/2016 07:43:18 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
Error: (06/12/2016 07:34:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel(R) Management & Security Application User Notification Service service hung on starting.
Error: (06/11/2016 10:02:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.223.1196.0).
Error: (06/11/2016 09:57:40 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
Error: (06/11/2016 09:56:59 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume3.
Error: (06/11/2016 09:49:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel(R) Management & Security Application User Notification Service service hung on starting.
Error: (06/11/2016 09:47:17 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Energy Server Service service hung on starting.
CodeIntegrity:
===================================
Date: 2015-09-12 06:34:12.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 65%
Total physical RAM: 3758.1 MB
Available physical RAM: 1307.45 MB
Total Virtual: 7514.38 MB
Available Virtual: 4259.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:287.8 GB) (Free:199.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 6EA98A7E)
Partition 1: (Not Active) - (Size=10.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Result of Security Analysis by Rocket Grannie (x86) Updated: 8th June 2016
Running from:C:\Users\lisa\Downloads (18:45:18 - 06/13/2016)
***---------------------------------------------------------***
Microsoft Windows 7 Home Premium X64 Service Pack 1
UAC is Enabled!
Internet Explorer 11
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
***-----------------Anti-Virus - Firewall-------------------***
Computer Security (Enabled - Up to Date)
Windows Firewall is Enabled!
Searching for any other Firewall
*No other Firewall Installed*
***----------------AntiSpyware - Miscellaneous---------------***
Adobe Flash Player Plugin (version 21.0.0.242)
Java (version 8.73.2) is *out of Date*
Adobe Flash Player ActiveX (version 21.0.0.242)
Google Chrome (version 51)
Microsoft Silverlight (version 5)
Windows Live Essentials -- An older version than (16.4) is installed.
Windows Live Essentials (version 14.0.8117.0416) is *out of Date*
Windows Live Essentials (version 14.0.8117.416) is *out of Date*
***----------------Analysis Complete-------------------------***
You may have missed Corrine's request
Hi, Lisa.
1. Please go to C:\Users\lisa\Downloads and move FRST to your desktop, C:\Users\lisa\Desktop.
Thank you for the additional logs, Lisa.
1. Java is out of date. As I mentioned before, there are very few reasons why Java is needed on a personal computer. See Java, The Never-Ending Saga (http://securitygarden.blogspot.com/p/blog-page_18.html) and if you decide to keep it, please install the latest security updated version, available here: Java SE 8u91 (http://java.com/en/download/).
Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional. If you decide to remove it, uninstall Java 8 Update 73.
2. Please download
AdwCleaner (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner/) by Xplode and save to your Desktop.
- Right-click on AdwCleaner.exe and select Run As Administrator
- The tool will start to update the database, please wait a bit.
- Click on the Scan button.
- AdwCleaner will begin. Please be patient as the scan may take some time to complete.
- After the scan has finished, click on the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
- After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
- Copy and paste the contents of that logfile in your next reply.
- A copy of that logfile will also be saved in the C:\AdwCleaner folder.
3. Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/) to your desktop.
- Disable your protection software now to avoid potential conflicts.
- Right-mouse click it and select "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
I'm unable to update the Java to that version because I use Google Chrome. I think it just updated today. Also, I have attached the logs from steps 2 and 3. I may be unable to perform any other steps until this weekend. Please let me know what else needs to be done. Thank you again!
# AdwCleaner v5.200 - Logfile created 16/06/2016 at 19:48:58
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : lisa - LISA-VAIO
# Running from : C:\Users\lisa\Downloads\adwcleaner_5.200.exe
# Option : Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\Yahoo!\yset
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo! Companion
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo!\Companion
[-] Folder Deleted : C:\Users\lisa\AppData\Local\YSearchUtil
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Yahoo!\Common\unyt.exe
- File Deleted : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hphehadppenpmajgnkjdcopcfijjegaf
- File Deleted : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTBM.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTNavAssist.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTSingleInstance.DLL
[-] Key Deleted : HKCU\Software\Classes\Toolbar3.CustomInternetSecurityImpl
[-] Key Deleted : HKCU\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.DataStore
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.StringList
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.StringList.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.CacheLoader
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.CacheLoader.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.Clickstream
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.Clickstream.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper.2
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YCAAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YCAAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoSearchAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoSearchAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoUpdaterAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBAutoUpdaterAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBGeneralAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBGeneralAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBSingleInstanceAssistant
[-] Key Deleted : HKLM\SOFTWARE\Classes\ytbbroker.YTBSingleInstanceAssistant.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTBM.YTBMButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTBM.YTBMButton.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EB2BA65E-41F6-4F64-92A6-216CDFFDF577}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E57256D-9F39-4267-AB39-D7813D644C5A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31371420-098D-4C0E-A11E-EBEC2305DD01}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A06AA27-D94B-48C2-BB55-9FD0FF2120E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{46140CE4-76FE-440E-AE88-4C2272BC05C7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F9C4C5C-2BA8-4E00-A697-9F710BB1026B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40A62D1-8FC0-4F03-90C4-0DE03BE73A41}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9A10D86-182A-4946-869B-70C3D109D14D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
[-] Key Deleted : HKCU\Software\Classes\TypeLib\{B944FF5E-EC87-4E1E-8C49-2FF3BC573997}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Jump Flip
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shopathome.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [12589 bytes] - [16/06/2016 19:48:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [12002 bytes] - [16/06/2016 19:42:49]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12737 bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64
Ran by lisa (Administrator) on Thu 06/16/2016 at 20:14:50.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 9
Successfully deleted: C:\Program Files (x86)\GUT7520.tmp (File)
Successfully deleted: C:\Users\lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8J8BIFDI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FXKIDONC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEJM931W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCWVITJH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8J8BIFDI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FXKIDONC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEJM931W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCWVITJH (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 06/16/2016 at 20:24:23.41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Chrome stopped updating Java last year. See https://www.java.com/en/download/faq/chrome.xml. Either uninstall Java or, because you have both Internet Explorer and Firefox installed on your computer, you need to keep Java updated because Java exploits can use old versions of Java, even though that isn't your default browser.
Download
TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
How is your computer now?
It is much better! I must have missed something because last time this happened, it stopped the "checking file system on c://, the type of filing system is NTS" messages every time I boot my computer. I have to cancel within 10 secs or it starts checking my system and is a very long process. Any suggestions? I probably will not be able to follow up again tomorrow. Thank you again!
Hi, Lisa. Yes, it is a very long process. However, you may have bad sectors on your computer or it is possible the hard disk is failing. You need to let chkdsk complete.
To run the internal disk checker program:
- Click Start and select "Computer"
- Right-click C:
- Left-click "Properties"
- Select the "Tools" tab
- In the Error-checking area, click "Check Now"
- Click "Start"
- Check the option to "Automatically fix file system errors" and click Start.
You will receive a message that the operation cannot be performed while the system is in use and ask if you want to check when you restart your computer. Click "Schedule disk check" and then restart the computer, allowing disk check to run at startup.
To find the disk check log that is produced please do the following:
Please download ListChkdskResult (https://dl.dropboxusercontent.com/u/12354842/My%20Tools/ListChkdskResult.exe) by SleepyDude to the desktop.
- Double-click on the icon and click Run
- The log will appear on your desktop as a .txt file and the notepad will open.
Please copy and paste the results in your next reply.
ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013
------< Log generate on 7/10/2016 10:15:37 AM >------
Category: 0
Computer Name: lisa-VAIO
Event Code: 1001
Record Number: 217585
Source Name: Microsoft-Windows-Wininit
Time Written: 07-10-2016 @ 15:06:13
Event Type: Information
User:
Message:
Checking file system on C:
The type of the file system is NTFS.
One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.
CHKDSK is verifying files (stage 1 of 3)...
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x3e2d for possibly 0x4 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x16a7e is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 92798.
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x6478 for possibly 0x4 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x1820c is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 98828.
Attribute record of type 0x80 and instance tag 0x5 is cross linked
starting at 0xfba2c for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x5
in file 0x18467 is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 99431.
Attribute record of type 0x80 and instance tag 0x3 is cross linked
starting at 0xede1c for possibly 0x13 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x3
in file 0x18fc2 is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 102338.
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0xf82e3 for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x191ad is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 102829.
338176 file records processed.
File verification completed.
2206 large file records processed.
0 bad file records processed.
0 EA records processed.
9795 reparse records processed.
CHKDSK is verifying indexes (stage 2 of 3)...
Index entry 3V1K2I08.txt of index $I30 in file 0x620 points to unused file 0x195a5.
Deleting index entry 3V1K2I08.txt in index $I30 of file 1568.
The file reference 0xb3000000013c6d of index entry 3998e6c4-32bc-443f-815c-7e86ffc09f91 of index $I30
with parent 0xbf0 is not the same as 0xb4000000013c6d.
Deleting index entry 3998e6c4-32bc-443f-815c-7e86ffc09f91 in index $I30 of file 3056.
The file reference 0xb3000000013c6d of index entry 3998E6~1 of index $I30
with parent 0xbf0 is not the same as 0xb4000000013c6d.
Deleting index entry 3998E6~1 in index $I30 of file 3056.
Index entry {741887F6-2D2F-11E6-A160-544249F27A4C}.dat of index $I30 in file 0x3726 points to unused file 0x13c6b.
Deleting index entry {741887F6-2D2F-11E6-A160-544249F27A4C}.dat in index $I30 of file 14118.
Index entry {74188~1.DAT of index $I30 in file 0x3726 points to unused file 0x13c6b.
Deleting index entry {74188~1.DAT in index $I30 of file 14118.
Index entry CR6802~1.EXE of index $I30 in file 0xca2f points to unused file 0x1454d.
Deleting index entry CR6802~1.EXE in index $I30 of file 51759.
Index entry Critical_iexplore.exe_4b28c8ba6773278bdde174369e6ccb9db5abc317_164d3745 of index $I30 in file 0xca2f points to unused file 0x1454d.
Deleting index entry Critical_iexplore.exe_4b28c8ba6773278bdde174369e6ccb9db5abc317_164d3745 in index $I30 of file 51759.
439014 index entries processed.
Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
Recovering orphaned file WERAE6~1.XML (34646) into directory file 572.
Recovering orphaned file WERAE68.tmp.version.xml (34646) into directory file 572.
Recovering orphaned file ~DF8E0~1.TMP (92798) into directory file 572.
Recovering orphaned file ~DF8E040870EA2BAE8D.TMP (92798) into directory file 572.
Recovering orphaned file ~DFB5D~1.TMP (93868) into directory file 572.
Recovering orphaned file ~DFB5D37AD60D905818.TMP (93868) into directory file 572.
Recovering orphaned file WERB89~1.XML (99431) into directory file 572.
Recovering orphaned file WERB896.tmp.WERInternalMetadata.xml (99431) into directory file 572.
Recovering orphaned file 7Z8OZ9LL.txt (102769) into directory file 1568.
9 unindexed files scanned.
Recovering orphaned file WER5A8~1.TXT (102829) into directory file 572.
Recovering orphaned file WER5A8D.tmp.appcompat.txt (102829) into directory file 572.
CHKDSK is recovering remaining unindexed files.
3 unindexed files recovered.
CHKDSK is verifying security descriptors (stage 3 of 3)...
338176 file SDs/SIDs processed.
Cleaning up 518 unused index entries from index $SII of file 0x9.
Cleaning up 518 unused index entries from index $SDH of file 0x9.
Cleaning up 518 unused security descriptors.
Security descriptor verification completed.
Inserting data attribute into file 34646.
Inserting data attribute into file 53033.
Inserting data attribute into file 92798.
Inserting data attribute into file 98828.
Inserting data attribute into file 99431.
Inserting data attribute into file 102338.
Inserting data attribute into file 102829.
50427 data files processed.
CHKDSK is verifying Usn Journal...
35177192 USN bytes processed.
Usn Journal verification completed.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.
301781335 KB total disk space.
91161164 KB in 208843 files.
130464 KB in 50423 indexes.
0 KB in bad sectors.
451507 KB in use by the system.
65536 KB occupied by the log file.
210038200 KB available on disk.
4096 bytes in each allocation unit.
75445333 total allocation units on disk.
52509550 allocation units available on disk.
Internal Info:
00 29 05 00 d2 f4 03 00 8a 5e 07 00 00 00 00 00 .).......^......
0a 0b 00 00 43 26 00 00 00 00 00 00 00 00 00 00 ....C&..........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Windows has finished checking your disk.
Please wait while your computer restarts.
-----------------------------------------------------------------------
Category: 0
Computer Name: lisa-VAIO
Event Code: 1001
Record Number: 196776
Source Name: Microsoft-Windows-Wininit
Time Written: 12-06-2015 @ 23:51:24
Event Type: Information
User:
Message:
Checking file system on C:
The type of the file system is NTFS.
One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.
CHKDSK is verifying files (stage 1 of 3)...
338176 file records processed.
File verification completed.
1985 large file records processed.
0 bad file records processed.
0 EA records processed.
10048 reparse records processed.
CHKDSK is verifying indexes (stage 2 of 3)...
The index bitmap for index $I30 in file 0x46e66 is invalid or missing.
The index bitmap for index $I30 in file 0x46e66 is invalid or missing.
Correcting error in index $I30 for file 290406.
The index bitmap $I30 is present but there is no corresponding
index allocation attribute in file 0x46e66.
Correcting error in index $I30 for file 290406.
The down pointer of current index entry with length 0xa0 is invalid.
53 0e 05 00 00 00 01 00 a0 00 84 00 01 00 00 00 S...............
66 6e 04 00 00 00 31 00 22 70 56 4c a2 ea d0 01 fn....1."pVL....
40 bd cb 66 d9 c4 d0 01 9a 2a ae 42 81 08 d1 01 @..f.....*.B....
22 70 56 4c a2 ea d0 01 00 10 00 00 00 00 00 00 "pVL............
00 0c 00 00 00 00 00 00 22 00 00 00 00 00 00 00 ........".......
21 01 61 00 70 00 69 00 2d 00 6d 00 73 00 2d 00 !.a.p.i.-.m.s.-.
77 00 69 00 6e 00 2d 00 63 00 6f 00 72 00 65 00 w.i.n.-.c.o.r.e.
2d 00 66 00 69 00 62 00 65 00 72 00 73 00 2d 00 -.f.i.b.e.r.s.-.
6c 00 31 00 2d 00 31 00 2d 00 30 00 2e 00 64 00 l.1.-.1.-.0...d.
6c 00 6c 00 00 00 03 00 ff ff ff ff ff ff ff ff l.l.............
00 00 00 00 00 00 00 00 18 00 00 00 03 00 00 00 ................
Sorting index $I30 in file 290406.
The index bitmap for index $I30 in file 0x46e7b is invalid or missing.
The index bitmap for index $I30 in file 0x46e7b is invalid or missing.
Correcting error in index $I30 for file 290427.
The index bitmap $I30 is present but there is no corresponding
index allocation attribute in file 0x46e7b.
Correcting error in index $I30 for file 290427.
The down pointer of current index entry with length 0xa0 is invalid.
10 0e 05 00 00 00 03 00 a0 00 84 00 01 00 00 00 ................
7b 6e 04 00 00 00 4d 00 2b 28 4c 4b a2 ea d0 01 {n....M.+(LK....
10 df a1 cd a5 c4 d0 01 d7 dd ac 43 81 08 d1 01 ...........C....
2b 28 4c 4b a2 ea d0 01 00 10 00 00 00 00 00 00 +(LK............
00 0c 00 00 00 00 00 00 22 00 00 00 00 00 00 00 ........".......
21 01 61 00 70 00 69 00 2d 00 6d 00 73 00 2d 00 !.a.p.i.-.m.s.-.
77 00 69 00 6e 00 2d 00 63 00 6f 00 72 00 65 00 w.i.n.-.c.o.r.e.
2d 00 66 00 69 00 62 00 65 00 72 00 73 00 2d 00 -.f.i.b.e.r.s.-.
6c 00 31 00 2d 00 31 00 2d 00 30 00 2e 00 64 00 l.1.-.1.-.0...d.
6c 00 6c 00 00 00 03 00 ff ff ff ff ff ff ff ff l.l.............
00 00 00 00 00 00 00 00 18 00 00 00 03 00 00 00 ................
Sorting index $I30 in file 290427.
The index bitmap for index $I30 in file 0x51bbf is invalid or missing.
Correcting error in index $I30 for file 334783.
The index bitmap $I30 is present but there is no corresponding
index allocation attribute in file 0x51bbf.
Correcting error in index $I30 for file 334783.
The down pointer of current index entry with length 0x18 is invalid.
00 00 00 00 00 00 00 00 18 00 00 00 03 00 00 00 ................
ff ff ff ff ff ff ff ff 32 24 05 cd 01 1d d1 01 ........2$......
1c b8 73 ce 01 1d d1 01 ef 53 27 d0 01 1d d1 01 ..s......S'.....
Sorting index $I30 in file 334783.
The index bitmap for index $I30 in file 0x51bc9 is invalid or missing.
Correcting error in index $I30 for file 334793.
The index bitmap $I30 is present but there is no corresponding
index allocation attribute in file 0x51bc9.
Correcting error in index $I30 for file 334793.
The down pointer of current index entry with length 0x18 is invalid.
00 00 00 00 00 00 00 00 18 00 00 00 03 00 00 00 ................
ff ff ff ff ff ff ff ff 32 24 05 cd 01 1d d1 01 ........2$......
1c b8 73 ce 01 1d d1 01 ef 53 27 d0 01 1d d1 01 ..s......S'.....
Sorting index $I30 in file 334793.
433406 index entries processed.
Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
Recovering orphaned file icrav03.rat (22816) into directory file 334783.
Recovering orphaned file ticrf.rat (24328) into directory file 334783.
Recovering orphaned file API-MS~1.DLL (241046) into directory file 290427.
Recovering orphaned file api-ms-win-core-util-l1-1-0.dll (241046) into directory file 290427.
Recovering orphaned file msrating.dll (249039) into directory file 334783.
Recovering orphaned file iesetup.dll (249066) into directory file 334793.
Recovering orphaned file iernonce.dll (288632) into directory file 334793.
Recovering orphaned file ieuinit.inf (292283) into directory file 334793.
Recovering orphaned file ZAPA768.tmp (330526) into directory file 1445.
Recovering orphaned file AP29BC~1.DLL (331239) into directory file 290406.
Recovering orphaned file api-ms-win-core-console-l1-1-0.dll (331239) into directory file 290406.
Recovering orphaned file AP29BC~1.DLL (331243) into directory file 290427.
Recovering orphaned file api-ms-win-core-console-l1-1-0.dll (331243) into directory file 290427.
Recovering orphaned file AP95B6~1.DLL (331245) into directory file 290406.
Recovering orphaned file api-ms-win-core-localization-l1-1-0.dll (331245) into directory file 290406.
Recovering orphaned file AP95B6~1.DLL (331247) into directory file 290427.
Recovering orphaned file api-ms-win-core-localization-l1-1-0.dll (331247) into directory file 290427.
Recovering orphaned file APB625~1.DLL (331265) into directory file 290427.
Recovering orphaned file api-ms-win-security-base-l1-1-0.dll (331265) into directory file 290427.
Recovering orphaned file APCB07~1.DLL (331269) into directory file 290427.
Recovering orphaned file api-ms-win-core-debug-l1-1-0.dll (331269) into directory file 290427.
Recovering orphaned file APCB07~1.DLL (331270) into directory file 290406.
Recovering orphaned file api-ms-win-core-debug-l1-1-0.dll (331270) into directory file 290406.
Recovering orphaned file API-MS~3.DLL (331273) into directory file 290427.
Recovering orphaned file api-ms-win-core-delayload-l1-1-0.dll (331273) into directory file 290427.
Recovering orphaned file API-MS~3.DLL (331274) into directory file 290406.
Recovering orphaned file api-ms-win-core-delayload-l1-1-0.dll (331274) into directory file 290406.
Recovering orphaned file AP345C~1.DLL (331277) into directory file 290427.
Recovering orphaned file api-ms-win-core-errorhandling-l1-1-0.dll (331277) into directory file 290427.
Recovering orphaned file APBEA8~1.DLL (331280) into directory file 290427.
Recovering orphaned file AP4F63~1.DLL (331284) into directory file 290406.
Recovering orphaned file api-ms-win-core-handle-l1-1-0.dll (331284) into directory file 290406.
Recovering orphaned file AP4F63~1.DLL (331286) into directory file 290427.
Recovering orphaned file api-ms-win-core-handle-l1-1-0.dll (331286) into directory file 290427.
Recovering orphaned file AP26B7~1.DLL (331289) into directory file 290427.
Recovering orphaned file api-ms-win-core-heap-l1-1-0.dll (331289) into directory file 290427.
Recovering orphaned file AP40C7~1.DLL (331291) into directory file 290406.
Recovering orphaned file api-ms-win-core-interlocked-l1-1-0.dll (331291) into directory file 290406.
Recovering orphaned file AP40C7~1.DLL (331293) into directory file 290427.
Recovering orphaned file api-ms-win-core-interlocked-l1-1-0.dll (331293) into directory file 290427.
Recovering orphaned file APC409~1.DLL (331295) into directory file 290406.
Recovering orphaned file api-ms-win-core-io-l1-1-0.dll (331295) into directory file 290406.
Recovering orphaned file APC409~1.DLL (331297) into directory file 290427.
Recovering orphaned file api-ms-win-core-io-l1-1-0.dll (331297) into directory file 290427.
Recovering orphaned file APD0F3~1.DLL (331299) into directory file 290406.
Recovering orphaned file api-ms-win-core-libraryloader-l1-1-0.dll (331299) into directory file 290406.
Recovering orphaned file APD0F3~1.DLL (331302) into directory file 290427.
Recovering orphaned file api-ms-win-core-libraryloader-l1-1-0.dll (331302) into directory file 290427.
Recovering orphaned file AP25B1~1.DLL (331306) into directory file 290427.
Recovering orphaned file api-ms-win-core-memory-l1-1-0.dll (331306) into directory file 290427.
Recovering orphaned file AP8526~1.DLL (331311) into directory file 290427.
Recovering orphaned file api-ms-win-core-namedpipe-l1-1-0.dll (331311) into directory file 290427.
Recovering orphaned file AP507A~1.DLL (331314) into directory file 290427.
Recovering orphaned file api-ms-win-core-processenvironment-l1-1-0.dll (331314) into directory file 290427.
Recovering orphaned file AP5574~1.DLL (331320) into directory file 290427.
Recovering orphaned file api-ms-win-core-profile-l1-1-0.dll (331320) into directory file 290427.
Recovering orphaned file AP5574~1.DLL (331321) into directory file 290406.
Recovering orphaned file api-ms-win-core-profile-l1-1-0.dll (331321) into directory file 290406.
Recovering orphaned file API-MS~2.DLL (331323) into directory file 290406.
Recovering orphaned file api-ms-win-core-rtlsupport-l1-1-0.dll (331323) into directory file 290406.
Recovering orphaned file API-MS~2.DLL (331325) into directory file 290427.
Recovering orphaned file api-ms-win-core-rtlsupport-l1-1-0.dll (331325) into directory file 290427.
Recovering orphaned file AP743F~1.DLL (331327) into directory file 290406.
Recovering orphaned file api-ms-win-core-string-l1-1-0.dll (331327) into directory file 290406.
Recovering orphaned file AP743F~1.DLL (331329) into directory file 290427.
Recovering orphaned file api-ms-win-core-string-l1-1-0.dll (331329) into directory file 290427.
Recovering orphaned file AP7678~1.DLL (331331) into directory file 290406.
Recovering orphaned file api-ms-win-core-synch-l1-1-0.dll (331331) into directory file 290406.
Recovering orphaned file APAC15~1.DLL (331336) into directory file 290427.
Recovering orphaned file api-ms-win-core-threadpool-l1-1-0.dll (331336) into directory file 290427.
Recovering orphaned file API-MS~1.DLL (331338) into directory file 290406.
Recovering orphaned file api-ms-win-core-util-l1-1-0.dll (331338) into directory file 290406.
Recovering orphaned file AP1910~1.DLL (331340) into directory file 290406.
Recovering orphaned file api-ms-win-core-xstate-l1-1-0.dll (331340) into directory file 290406.
Recovering orphaned file AP1910~1.DLL (331341) into directory file 290427.
Recovering orphaned file api-ms-win-core-xstate-l1-1-0.dll (331341) into directory file 290427.
Recovering orphaned file APB625~1.DLL (331342) into directory file 290406.
Recovering orphaned file api-ms-win-security-base-l1-1-0.dll (331342) into directory file 290406.
Recovering orphaned file AP77CB~1.DLL (331344) into directory file 290427.
Recovering orphaned file api-ms-win-core-datetime-l1-1-0.dll (331344) into directory file 290427.
Recovering orphaned file AP77CB~1.DLL (331345) into directory file 290406.
Recovering orphaned file api-ms-win-core-datetime-l1-1-0.dll (331345) into directory file 290406.
Recovering orphaned file AP345C~1.DLL (331346) into directory file 290406.
Recovering orphaned file api-ms-win-core-errorhandling-l1-1-0.dll (331346) into directory file 290406.
Recovering orphaned file APBEA8~1.DLL (331347) into directory file 290406.
Recovering orphaned file AP87F4~1.DLL (331349) into directory file 290406.
Recovering orphaned file api-ms-win-core-file-l1-1-0.dll (331349) into directory file 290406.
Recovering orphaned file AP87F4~1.DLL (331350) into directory file 290427.
Recovering orphaned file api-ms-win-core-file-l1-1-0.dll (331350) into directory file 290427.
Recovering orphaned file AP26B7~1.DLL (331353) into directory file 290406.
Recovering orphaned file api-ms-win-core-heap-l1-1-0.dll (331353) into directory file 290406.
Recovering orphaned file AP1AAC~1.DLL (331355) into directory file 290427.
Recovering orphaned file api-ms-win-core-localregistry-l1-1-0.dll (331355) into directory file 290427.
Recovering orphaned file AP25B1~1.DLL (331357) into directory file 290406.
Recovering orphaned file api-ms-win-core-memory-l1-1-0.dll (331357) into directory file 290406.
Recovering orphaned file APCB21~1.DLL (331359) into directory file 290406.
Recovering orphaned file api-ms-win-core-misc-l1-1-0.dll (331359) into directory file 290406.
Recovering orphaned file APCB21~1.DLL (331361) into directory file 290427.
Recovering orphaned file api-ms-win-core-misc-l1-1-0.dll (331361) into directory file 290427.
Recovering orphaned file AP8526~1.DLL (331362) into directory file 290406.
Recovering orphaned file api-ms-win-core-namedpipe-l1-1-0.dll (331362) into directory file 290406.
Recovering orphaned file AP507A~1.DLL (331364) into directory file 290406.
Recovering orphaned file api-ms-win-core-processenvironment-l1-1-0.dll (331364) into directory file 290406.
Recovering orphaned file API-MS~4.DLL (331365) into directory file 290406.
Recovering orphaned file api-ms-win-core-processthreads-l1-1-0.dll (331365) into directory file 290406.
Recovering orphaned file API-MS~4.DLL (331367) into directory file 290427.
Recovering orphaned file api-ms-win-core-processthreads-l1-1-0.dll (331367) into directory file 290427.
Recovering orphaned file AP7678~1.DLL (331369) into directory file 290427.
Recovering orphaned file api-ms-win-core-synch-l1-1-0.dll (331369) into directory file 290427.
Recovering orphaned file APFAD9~1.DLL (331371) into directory file 290406.
Recovering orphaned file api-ms-win-core-sysinfo-l1-1-0.dll (331371) into directory file 290406.
Recovering orphaned file APFAD9~1.DLL (331373) into directory file 290427.
Recovering orphaned file api-ms-win-core-sysinfo-l1-1-0.dll (331373) into directory file 290427.
Recovering orphaned file APAC15~1.DLL (331375) into directory file 290406.
Recovering orphaned file api-ms-win-core-threadpool-l1-1-0.dll (331375) into directory file 290406.
70 unindexed files scanned.
Recovering orphaned file AP1AAC~1.DLL (331377) into directory file 290406.
Recovering orphaned file api-ms-win-core-localregistry-l1-1-0.dll (331377) into directory file 290406.
CHKDSK is recovering remaining unindexed files.
7 unindexed files recovered.
CHKDSK is verifying security descriptors (stage 3 of 3)...
338176 file SDs/SIDs processed.
Cleaning up 1537 unused index entries from index $SII of file 0x9.
Cleaning up 1537 unused index entries from index $SDH of file 0x9.
Cleaning up 1537 unused security descriptors.
Security descriptor verification completed.
Inserting data attribute into file 297597.
47617 data files processed.
CHKDSK is verifying Usn Journal...
34148440 USN bytes processed.
Usn Journal verification completed.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.
301781335 KB total disk space.
86731444 KB in 196296 files.
122664 KB in 47619 indexes.
0 KB in bad sectors.
450147 KB in use by the system.
65536 KB occupied by the log file.
214477080 KB available on disk.
4096 bytes in each allocation unit.
75445333 total allocation units on disk.
53619270 allocation units available on disk.
Internal Info:
00 29 05 00 d5 b8 03 00 8f f7 06 00 00 00 00 00 .)..............
c9 0a 00 00 40 27 00 00 00 00 00 00 00 00 00 00 ....@'..........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Windows has finished checking your disk.
Please wait while your computer restarts.
-----------------------------------------------------------------------
Are you still getting chkdsk at restart?
No, I didn't get the chkdsk at restart. Everything looks and seems good! Thank you again!
That's great!
Let's take care of removing the tools used:
Please download Delfix from here (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix).
Ensure the following boxes are checked:
- Remove disinfection tools
- Create registry backup
- Purge system restore
(https://www.landzdown.com/proxy.php?request=http%3A%2F%2Fwww.hdrcgb.org.uk%2Fg2g%2Fdelfix.jpg&hash=430c0d18b39654835cac5f1633ed1b23348d76f1)
- Click Run
The program will run for a few moments and then notepad will open with a log.
Thank you again! I was going to reply with another update/issue. However, I'm hoping your last step will resolve it. I just downloaded and ran Deflix--I only removed disinfection tools the first time and then completed the last two steps separately by accident. I pasted the notepad results below. However, my computer still keeps running even after I close everything--it gets really hot from continuously running. I have to keep closing or logging off. I don't believe I've ever had this problem before. Is my computer getting too old? Do I need a new computer? This only started in the past week or so. I'll check back later today or tomorrow. Thank you again!
# DelFix v1.013 - Logfile created 17/07/2016 at 09:54:46
# Updated 17/04/2016 by Xplode
# Username : lisa - LISA-VAIO
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\lisa\Desktop\FRST64 (1).exe
Deleted : C:\Users\lisa\Downloads\Addition.txt
Deleted : C:\Users\lisa\Downloads\adwcleaner_5.200.exe
Deleted : C:\Users\lisa\Downloads\FRST.exe
Deleted : C:\Users\lisa\Downloads\FRST.txt
Deleted : C:\Users\lisa\Downloads\FRST64 (2).exe
Deleted : C:\Users\lisa\Downloads\FRST64.exe
Deleted : C:\Users\lisa\Downloads\JRT (1).exe
Deleted : C:\Users\lisa\Downloads\JRT.exe
Deleted : C:\Users\lisa\Downloads\RGSA.exe
Deleted : C:\Users\lisa\Downloads\SALog.txt
Deleted : C:\Users\lisa\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
########## - EOF - ##########
# DelFix v1.013 - Logfile created 17/07/2016 at 09:58:25
# Updated 17/04/2016 by Xplode
# Username : lisa - LISA-VAIO
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Creating registry backup ... OK
~ Cleaning system restore ...
Deleted : RP #752 [Windows Update | 06/23/2016 01:20:31]
Deleted : RP #753 [Windows Update | 06/23/2016 03:37:13]
Deleted : RP #754 [Windows Update | 06/29/2016 00:08:55]
Deleted : RP #755 [Installed VAIO Care Solution Center Update | 07/01/2016 01:22:50]
Deleted : RP #756 [Windows Update | 07/02/2016 11:47:19]
Deleted : RP #757 [Windows Update | 07/06/2016 00:33:53]
Deleted : RP #758 [Windows Update | 07/09/2016 11:32:17]
New restore point created !
########## - EOF - ##########
Hi, Lisa.
No, Delfix is only used for removing the tools used during the cleanup process and ensuring you have a fresh System Restore Point. As to your computer running after you close open files, what setting do you use for Windows Update? (Go to Control Panel\All Control Panel Items\Windows Update\Change settings to see what the setting is under "Important Updates".) Have you installed the July Microsoft Security Updates? Also, are you planning on updating to Windows 10 prior to July 29?
It also may be running hot due to an accumulation of dust around the fans.
I noticed when I took another look at your logs that I forgot to advise you to update Java. It is several updates behind and outdated Java is a security risk. If you don't updated it today, be sure to check for updates when the next scheduled dates are released on July 19, 2016.
I think I figured out why the computer is getting hot. I downloaded Windows 10 in the middle of following the steps to clean my system. Do I need to uninstall it? I cleaned it and dust isn't the issue. It gets hot the most when I'm online. I think I finally updated Java after you gave me the instructions again. Please let me know what I should do. Do I need Windows 10? I didn't have this issue until recently. Thank you! I will not be able to check back until Wed.
According to the Delfix log you posted, it was running hot before you upgraded to Windows 10.
Quote from: lisa20 on July 17, 2016, 03:03:39 PM
However, my computer still keeps running even after I close everything--it gets really hot from continuously running. I have to keep closing or logging off. I don't believe I've ever had this problem before. Is my computer getting too old? Do I need a new computer? This only started in the past week or so. I'll check back later today or tomorrow.
How old is your computer? Is it a desktop or laptop?
Sorry for the delay! My Sony Vaio laptop is 5 yrs old. I actually clicked on the Windows 10 popup that I kept getting to upgrade. It only took a few seconds. Actually on the last day 7/29/16 I found the actual full version and downloaded it--it had a countdown to 7 hrs. I think it took over an hour to install. Finally so far it doesn't seem like it is overheating. Should I run the first 3 steps again to see what the texts show you? I still may have a couple of other issues. I'm not sure. I have more time this week. Thank you again!
Quote from: lisa20 on August 01, 2016, 01:29:25 PM
I still may have a couple of other issues.
I would need to know what the other issues are with your laptop. :)
Hello! I'm having all of the same issues I had when I started. I cannot access or submit orders from websites. I get many "system errors" messages. I cannot access any of my documents from the former Windows application. It tells me to go to settings. There are just too many problems. I will provide you with the same texts after I run the steps again. I need to attempt to resolve more urgent issues if I can access the websites. I feel like accessing my emails slows down my computer tremendously. I'll keep you posted. Thank you!
If you receive the prompt to run chkdsk again, please allow it to do so.
Here is a late update. It doesn't give me an option to run or scan viruses. I think I'll wait and upgrade my computer system. I'm unable to play movies now too. It may just be a compatibility issue or it is too old. I didn't see my computer on the list to update. I still cannot access files. Also, my computer only gets hot depending on which websites I'm on such as Facebook, emails, and other social media or personal websites... I'm busy and just don't have the time to research this again. Thank you again for your help!
Lisa,
Is your antivirus software updating? If not, I strongly advise that you do not do any banking, on-line bill paying or shopping from your computer.
You can't play movies because Windows 10 removes that feature.
If you download and install VLC (free) you get the codecs and the ability to play DVDs again.
http://www.majorgeeks.com/files/details/vlc_media_player.html
VLC is my player of choice in Windows, Linux and Android.