Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - PastyWhiteGuy

Pages: [1] 2 3 ... 6
1
LandzDown Lounge / Cutting the cable cord
« on: July 12, 2018, 02:05:13 AM »
We've got Google cable and with an upcoming rate change, we're trying to find a reliable alternative, preferably one with no hidden grenades. And one with a good record of service.

I'm hoping for a robust conversation with some great thoughts and ideas for a solution.

Thanks in advance.   :)

2
Internet / Re: FF Profile backup
« on: October 29, 2017, 03:07:11 PM »
backup was easy enough. and I'm now updated to the 64 bit FF. Hoping for improvement.

3
Internet / Re: FF Profile backup
« on: October 29, 2017, 02:38:32 PM »
Resolution is today's project.   :)

Thanks for the follow-up.

4
Internet / FF Profile backup
« on: October 22, 2017, 11:39:09 PM »
Greetings.

I'm getting ready to upgrade to the new 64-bit version and have been cautioned that I won't be able to go back to the previous version if needed/desired as the 32-bit profile will have gone away.

I searched what my beloved wife used and found that MozBackup isn't being developed past Windows 7.

Can I get a recommendation and a safe download site please?

5
Thanks. love your answer...to the point as always.

6
I'm late to this discussion (as usual) and totally in the dark (as usual).  :blink:

For the first time on my Windows 8.1 laptop, I found the albino Windows10 marker in my activities tray. It wants to update me.

When I look at properties of my computer, it just says version 8.1, 64-bit. It does not say Home or Pro, just 8.1.

I don't want to presume with this crazy stuff. Because it doesn't SAY "pro", is it a fair presumption that I purchased my laptop with the Home version?

The big question becomes, should I update? I've not seen any pro or con arguments yet, just outrage at being forced to update. I agree with that "forced" part, but would like to know more about what they're trying to do to me or "for me". Thoughts please.

7
Analysis and Malware Removal / Re: asking from tablet
« on: March 10, 2015, 01:47:48 AM »
Okay. I've played a little bit, visited my most-frequented sites and everything seems to be working and working well at this point. I've run the DelFix and here's the log. Again thanks.

Until my next crisis.

# DelFix v10.9 - Logfile created 09/03/2015 at 21:36:03
# Updated 27/02/2015 by Xplode
# Username : DeanZF1 - DEANZF
# Operating System : Windows 8.1  (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\DeanZF1\Desktop\Addition.txt
Deleted : C:\Users\DeanZF1\Desktop\adwcleaner_4.111.exe
Deleted : C:\Users\DeanZF1\Desktop\dds.scr
Deleted : C:\Users\DeanZF1\Desktop\Fixlog.txt
Deleted : C:\Users\DeanZF1\Desktop\FRST64.exe
Deleted : C:\Users\DeanZF1\Desktop\JRT.exe
Deleted : C:\Users\DeanZF1\Desktop\JRT.txt
Deleted : C:\Users\DeanZF1\Desktop\RSITx64.exe
Deleted : C:\Users\DeanZF1\Desktop\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #55 [Windows Update | 02/21/2015 22:31:30]
Deleted : RP #56 [Windows Update | 02/28/2015 19:03:24]
Deleted : RP #57 [Windows Update | 03/07/2015 09:35:16]
Deleted : RP #58 [Restore Operation | 03/08/2015 03:34:52]
Deleted : RP #60 [Restore Point Created by FRST | 03/08/2015 18:48:07]
Deleted : RP #62 [Restore Point Created by FRST | 03/08/2015 19:02:11]
Deleted : RP #64 [Restore Point Created by FRST | 03/09/2015 19:28:54]

New restore point created !

########## - EOF - ##########

8
Analysis and Malware Removal / Re: asking from tablet
« on: March 09, 2015, 06:46:26 PM »
Just ran both FRST and JRT. It will, of course be a few hours of use before I know that it's working correctly or not, but at first blush it seems to be in good shape. Logs follow.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-03-2015 03
Ran by DeanZF1 at 2015-03-09 14:28:51 Run:3
Running from C:\Users\DeanZF1\Desktop
Loaded Profiles: DeanZF1 (Available profiles: DeanZF1)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
Folder:
C:\Program Files\McAfee
end

*****************

Restore point was successfully created.
Processes closed successfully.

========================= Folder: ========================

Directory Not Found
"C:\Program Files\McAfee" => File/Directory not found.
EmptyTemp: => Removed 101.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:29:25 ====

*************************************************

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8.1 x64
Ran by DeanZF1 on Mon 03/09/2015 at 14:37:55.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update plurpush
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util plurpush



~~~ Files

Successfully deleted: [File] C:\windows\prefetch\DRIVERSUPPORT.EXE-7B99C79B.pf
Successfully deleted: [File] C:\windows\prefetch\DRIVERSUPPORT.EXE-8906065D.pf



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\DeanZF1\AppData\Roaming\mozilla\firefox\profiles\4tg6asne.default\minidumps [20 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/09/2015 at 14:40:24.70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Again, many thanks for your many thinks.

9
Analysis and Malware Removal / Re: asking from tablet
« on: March 09, 2015, 01:14:00 AM »
Okay, responses not in order.

On Java. The control panel I have does not have a slider and gave me only two choices, high and very high. There was actually no choice permitted. Stuck in "high" mode.

When I went to Plug-ins for FF, I could plainly see two versions, both 31. Top one was already determined (by Mozilla??) to be a suspected source of problems and is now in "never enable" mode. I did not see a way to get rid of it. In the CP, there was only one Java entry.

I did choose to remove the driver support. On to the two logs. Again, thanks.

# AdwCleaner v4.111 - Logfile created 08/03/2015 at 20:19:18
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : DeanZF1 - DEANZF
# Running from : C:\Users\DeanZF1\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
Folder Deleted : C:\Program Files\003

***** [ Scheduled tasks ] *****

Task Deleted : BrowserSafeguard Update Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.1 (x86 en-US)

[4tg6asne.default\prefs.js] - Line Deleted : user_pref("extensions.aniweather.timeShifted", 828043);

-\\ Google Chrome v40.0.2214.115

[C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [1711 bytes] - [18/03/2014 02:29:08]
AdwCleaner[R1].txt - [1771 bytes] - [18/03/2014 02:36:36]
AdwCleaner[R2].txt - [1831 bytes] - [20/03/2014 01:45:42]
AdwCleaner[R3].txt - [2870 bytes] - [08/03/2015 13:55:06]
AdwCleaner[R4].txt - [2517 bytes] - [08/03/2015 20:17:21]
AdwCleaner[S0].txt - [1883 bytes] - [20/03/2014 01:46:44]
AdwCleaner[S1].txt - [2485 bytes] - [08/03/2015 20:19:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2544  bytes] ##########


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by DeanZF1 (administrator) on DEANZF on 08-03-2015 21:06:02
Running from C:\Users\DeanZF1\Desktop
Loaded Profiles: DeanZF1 (Available profiles: DeanZF1)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-12] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-02-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-02-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2910419722-4152969464-3579386052-1001\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-2910419722-4152969464-3579386052-1001\...\Run: [cdloader] => C:\Users\DeanZF1\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2013-05-06] (magicJack L.P.)
HKU\S-1-5-21-2910419722-4152969464-3579386052-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2910419722-4152969464-3579386052-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-2910419722-4152969464-3579386052-1001\...\MountPoints2: {56965100-c738-11e3-8266-342387fa66be} - "F:\iStudio.exe"
HKU\S-1-5-21-2910419722-4152969464-3579386052-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\DeanZF1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\DeanZF1\AppData\Roaming\Mozilla\Firefox\Profiles\4tg6asne.default
FF Homepage: https://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Weather Forecast - C:\Users\DeanZF1\AppData\Roaming\Mozilla\Firefox\Profiles\4tg6asne.default\Extensions\jid1-aqwHRwQpv3JUMs@jetpack.xpi [2015-01-02]
FF Extension: Lazarus: Form Recovery - C:\Users\DeanZF1\AppData\Roaming\Mozilla\Firefox\Profiles\4tg6asne.default\Extensions\lazarus@interclue.com.xpi [2014-03-10]
FF Extension: OutfoxTV - C:\Users\DeanZF1\AppData\Roaming\Mozilla\Firefox\Profiles\4tg6asne.default\Extensions\outfox@outfox.tv.xpi [2014-04-16]
FF Extension: Textarea Cache - C:\Users\DeanZF1\AppData\Roaming\Mozilla\Firefox\Profiles\4tg6asne.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2014-04-08]
FF Extension: Adblock Plus - C:\Users\DeanZF1\AppData\Roaming\Mozilla\Firefox\Profiles\4tg6asne.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-05]

Chrome:
=======
CHR Profile: C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-19]
CHR Extension: (YouTube) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Google Search) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (Skype Click to Call) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR Extension: (Gmail) - C:\Users\DeanZF1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-07] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-25] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-02-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 13:53 - 2015-03-08 13:34 - 02126848 _____ () C:\Users\DeanZF1\Desktop\adwcleaner_4.111.exe
2015-03-08 13:38 - 2015-03-08 13:38 - 00000000 ____D () C:\Users\DeanZF1\Desktop\FRST-OlderVersion
2015-03-07 23:27 - 2015-03-07 23:27 - 00001213 _____ () C:\Users\DeanZF1\Desktop\checkup.txt
2015-03-07 23:23 - 2015-03-07 23:24 - 00037135 _____ () C:\Users\DeanZF1\Desktop\Addition.txt
2015-03-07 23:22 - 2015-03-08 21:06 - 00018382 _____ () C:\Users\DeanZF1\Desktop\FRST.txt
2015-03-07 23:22 - 2015-03-08 21:06 - 00000000 ____D () C:\FRST
2015-03-07 23:19 - 2015-03-08 13:38 - 02095104 _____ (Farbar) C:\Users\DeanZF1\Desktop\FRST64.exe
2015-03-05 15:52 - 2015-03-05 15:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-28 14:03 - 2014-12-13 16:28 - 00513488 _____ () C:\windows\SysWOW64\locale.nls
2015-02-28 14:03 - 2014-12-13 16:28 - 00513488 _____ () C:\windows\system32\locale.nls
2015-02-28 13:59 - 2015-02-28 13:59 - 00000000 ____D () C:\Users\DeanZF1\Tracing
2015-02-21 17:31 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-21 17:31 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-18 19:14 - 2015-01-15 17:43 - 00563504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-18 19:14 - 2015-01-15 17:43 - 00177984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-18 19:14 - 2015-01-13 23:22 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-02-18 19:14 - 2015-01-13 22:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-02-18 19:14 - 2014-12-19 03:57 - 00788680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-18 19:14 - 2014-12-19 03:25 - 00602776 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-18 19:13 - 2015-01-13 17:11 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-18 19:13 - 2015-01-13 17:04 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-18 19:13 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-18 19:13 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-18 19:13 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-18 19:13 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-18 19:13 - 2015-01-11 21:34 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-18 19:13 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-18 19:13 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-18 19:13 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-18 19:13 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-18 19:13 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-18 19:13 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-18 19:13 - 2015-01-11 20:58 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-02-18 19:13 - 2015-01-11 20:55 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-02-18 19:13 - 2015-01-11 20:51 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-02-18 19:13 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-18 19:13 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-18 19:13 - 2015-01-11 20:48 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-18 19:13 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-18 19:13 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-18 19:13 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-18 19:13 - 2015-01-11 20:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-02-18 19:13 - 2015-01-11 20:30 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-02-18 19:13 - 2015-01-11 20:27 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-02-18 19:13 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-18 19:13 - 2015-01-11 20:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-02-18 19:13 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-18 19:13 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-18 19:13 - 2015-01-11 20:23 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-18 19:13 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-18 19:13 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-18 19:13 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-18 19:13 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-18 19:13 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-18 19:13 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-18 19:13 - 2015-01-10 04:10 - 07472960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-18 19:13 - 2015-01-10 04:10 - 01733440 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-02-18 19:13 - 2015-01-10 03:28 - 01498360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-02-18 19:13 - 2015-01-10 02:00 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-18 19:13 - 2015-01-10 01:38 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-18 19:13 - 2014-12-08 22:45 - 00393728 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-18 19:13 - 2014-12-08 20:56 - 00538624 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-18 19:13 - 2014-12-08 18:12 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml
2015-02-18 19:11 - 2015-01-19 13:42 - 01487976 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-02-18 19:11 - 2015-01-10 03:22 - 04175872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 21:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sru
2015-03-08 20:58 - 2014-03-21 14:06 - 00000000 ____D () C:\Users\DeanZF1\AppData\Roaming\ClassicShell
2015-03-08 20:56 - 2014-03-06 03:29 - 00000000 ____D () C:\Users\DeanZF1\AppData\Roaming\Skype
2015-03-08 20:40 - 2014-05-21 02:07 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 20:32 - 2014-03-05 16:18 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2910419722-4152969464-3579386052-1001
2015-03-08 20:32 - 2013-08-22 09:46 - 00161564 _____ () C:\windows\setupact.log
2015-03-08 20:25 - 2013-10-07 13:27 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-08 20:22 - 2014-04-14 11:42 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 20:22 - 2014-03-31 13:59 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 20:22 - 2014-03-08 13:43 - 00000000 ___DO () C:\Users\DeanZF1\SkyDrive
2015-03-08 20:21 - 2013-08-22 09:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-08 20:20 - 2014-02-14 04:01 - 00006656 _____ () C:\windows\system32\VfService.trf
2015-03-08 20:20 - 2013-08-22 08:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-08 20:19 - 2014-03-18 02:29 - 00000000 ____D () C:\AdwCleaner
2015-03-08 20:19 - 2014-03-06 15:38 - 15113920 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-08 20:14 - 2014-04-14 11:43 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 18:12 - 2014-02-14 03:28 - 01069450 _____ () C:\windows\WindowsUpdate.log
2015-03-08 14:05 - 2014-04-06 08:30 - 00066048 ___SH () C:\Users\DeanZF1\Desktop\Thumbs.db
2015-03-08 11:42 - 2014-02-14 04:02 - 00000000 ____D () C:\ProgramData\Energy Manager
2015-03-07 23:16 - 2014-03-16 21:46 - 00852604 _____ () C:\Users\DeanZF1\Desktop\SecurityCheck.exe
2015-03-07 22:50 - 2014-03-05 16:12 - 00000000 ____D () C:\Users\DeanZF1
2015-03-07 22:39 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\registration
2015-03-07 04:56 - 2014-04-20 13:35 - 00000000 ____D () C:\Users\DeanZF1\Desktop\TEMPPP
2015-03-07 04:41 - 2014-03-07 15:50 - 00000000 ____D () C:\windows\system32\MRT
2015-03-07 04:30 - 2014-03-05 16:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-07 03:36 - 2014-03-07 03:49 - 00000000 ____D () C:\Users\DeanZF1\Documents\WORK
2015-03-05 14:03 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\AppReadiness
2015-03-03 08:17 - 2014-03-21 13:22 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-02-28 14:03 - 2013-08-22 10:20 - 00000000 ____D () C:\windows\CbsTemp
2015-02-28 13:59 - 2014-10-01 20:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-28 13:59 - 2014-03-06 03:29 - 00000000 ____D () C:\ProgramData\Skype
2015-02-22 20:57 - 2014-03-05 17:00 - 00000000 ____D () C:\Users\DeanZF1\AppData\Roaming\Nitro PDF
2015-02-19 23:15 - 2014-04-14 11:43 - 00002245 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 14:04 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\rescache
2015-02-18 19:27 - 2013-08-22 09:44 - 00497536 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-18 19:25 - 2013-10-07 13:23 - 00096818 _____ () C:\windows\PFRO.log
2015-02-18 19:21 - 2014-03-08 14:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-18 19:21 - 2013-08-22 08:25 - 00000167 _____ () C:\windows\win.ini
2015-02-18 19:16 - 2014-03-07 15:50 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-06 16:09 - 2014-04-14 11:43 - 00003892 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 16:09 - 2014-04-14 11:42 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2014-03-10 01:20 - 2014-10-12 20:29 - 0001014 _____ () C:\Users\DeanZF1\AppData\Local\7396d5af-93b3-4d36-bfec-04bbd1449761.dat
2014-02-14 03:37 - 2014-02-14 03:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\DeanZF1\AppData\Local\Temp\Quarantine.exe
C:\Users\DeanZF1\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-06 15:51

==================== End Of Log ============================

yabadiyabadiyabid, that's all folks.

10
Analysis and Malware Removal / Re: asking from tablet
« on: March 08, 2015, 10:01:45 PM »
AdwCleanerR0

# AdwCleaner v3.022 - Report created 18/03/2014 at 02:29:08
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : DeanZF1 - DEANZF
# Running from : C:\Users\DeanZF1\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Folder Found C:\Users\DeanZF1\AppData\Local\Pokki

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Pokki
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\DeanZF1\AppData\Roaming\Mozilla\Firefox\Profiles\4tg6asne.default\prefs.js ]

Line Found : user_pref("extensions.aniweather.timeShifted", 468982);

*************************

AdwCleaner[R0].txt - [1555 octets] - [18/03/2014 02:29:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1615 octets] ##########

11
Analysis and Malware Removal / Re: asking from tablet
« on: March 08, 2015, 06:20:12 PM »
This is actually being written from the affected laptop. Things are indeed better, however...

Okay. I've done most of what you've asked. I started the AdwCleaner app, but scanned it and got to the first screen. It asked me to uncheck what I wanted to keep. EGADS and GADZOOKS!!! There were like six tabs that I could see including some stuff on the registry. I have NO clue as to what I should uncheck.

I do have at least a couple of questions.
  • Windows is trying to update me again. I've not looked, but guessing Windows Defender again.
  • There is some sort of something something that wants to guard my drivers. Something about Driver Support? Is this something that needs to go away?
And so what do I need to look for to delete or what to keep on that list. Is there a way to get you a list without removing them???

Thanks for all you do!  Can I buy you an e-beer??  :cheers:

12
Analysis and Malware Removal / asking from tablet
« on: March 08, 2015, 12:49:54 AM »
 :sos:

Lenovo  laptop win 8.1. I can access yahoo email & google, but nothing else. Ran Malwarebytes, no help. Click on a googlesearch target and it goes nowhere, not even to Landzdown.  :(

I was notified on a restart that ther were updates available. went to CP & Windows Update. Had 2 updates, 1 for Windows Defender, one for malicious software tool. Installed those and it's not been good since. Cannot locate the two KB updates to remove them.

Help Pleaase. Can't attach as cannot access from that computer.

13
Sounds like I just need to byte the bullet and upgrade.  :(

Cheaper to buy the update than Norton's or another computer that would fit the bill.

14
Computer Problems, Questions and Solutions! / Protecting a WinXP Machine
« on: October 13, 2014, 11:32:17 PM »
Hello all,

I have a desktop machine that has WinXP Pro at the moment, SP3.

I frankly cannot afford to load a new OS right now and want to use the machine and it needs to have net access for my purposes (VOIP).

What software do I need to use to protect it until I can upgrade?

15
Analysis and Malware Removal / Re: Adware issue in Win8.1-Lenovo
« on: March 21, 2014, 06:16:25 PM »
back from hunting wascawy wabbits, evil malware and other exciting adventures.  :Win73:

I have a classic start button, winpatrol pro, malwarebytes pro and spyware blaster (nonpro) and the MS firewall.

So far no little PlurPush pop-ups or pop-ins. Corrine's Crew to the resCue again. Y'all are amazing and I'm grateful.  :thumbsup:

Pages: [1] 2 3 ... 6