I need to run logs to look for viruses

SellieS · April 24, 2016, 11:50:49 AM

I wrote on GardenWeb Computer Help about my problems with MS. It's too much. Impossible to get help at the MS tier one level. They don't know Outlook 16 or MS365. They want to fix my mail and I lose my Outlook calendar and Mail. Put SOME of my pictures in the cloud and some in One Drive. They left multiple One Drive folders. Then they hang up because they realized they made multiples of pictures and can't combine. Just hang up. I can't find anything and probably need to reinstall my yearly MS365 or get out of it. Comcast hates it too and said they have no tools to look at it. I also cannot save any of my documents as docx. There is no choice when I type it from the computer, scan it or copy it. Thus they go in pictures anywhere - the PC or the cloud as PDF. There is something missing

Nothing is synced because Outlook mail no longer works except on PC. ipad and iPhone I will have to call Apple. But need to go as far as I can in looking at problems. Some incoming mail goes to Junk every day though I label it as not junk.

Can u just have me run some logs to see how vulnerable I am. I have no back up system except for One Drive and iCloud which is wrong. The paths don't make sense. How can I back up such a mess?

Do you have my email address? Is there a way I can be notified if you answer or give up?

I know, get me to a nut house.

The log will provide something to work from for MS365.

Corrine · April 24, 2016, 05:39:19 PM

Hi, Ellie.

I doubt that the logs will help track down the issues you are having but I'd be happy to take a look. Please follow the Log Posting Instructions. It may also help if you provide a link to the thread on GardenWeb.

SellieS · April 24, 2016, 11:34:36 PM

Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by ddemi_000 (2016-04-24 19:26:22)
Running from C:\Users\ddemi_000\AppData\Local\Microsoft\Windows\INetCache\IE\OESKBYOW
Windows 8.1 (X64) (2015-06-17 05:16:35)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-93258141-2886678798-44533873-500 - Administrator - Disabled)
ddemi_000 (S-1-5-21-93258141-2886678798-44533873-1005 - Administrator - Enabled) => C:\Users\ddemi_000
Guest (S-1-5-21-93258141-2886678798-44533873-501 - Limited - Disabled)
John (S-1-5-21-93258141-2886678798-44533873-1001 - Administrator - Enabled) => C:\Users\John

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.232 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9130 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.2.5214 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.2.5426 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.2.5426 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3004 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3004 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4119 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.80.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.53.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-7610 Series Printer Uninstall (HKLM\...\EPSON WF-7610 Series) (Version: - SEIKO EPSON Corporation)
Epson WF-7610 Userâ€™s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-7610 Userâ€™s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Foxit PhantomPDF (HKLM-x32\...\{4E32271C-B55A-4CDF-8DB7-88FD1C45927C}) (Version: 7.0.310.226 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HowToSimplified Internet Explorer Homepage and New Tab (HKU\S-1-5-21-93258141-2886678798-44533873-1005\...\HowToSimplifiedTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
HP Documentation (HKLM-x32\...\{4B4EDB7B-4F54-4B86-8A4A-E1C5803CA374}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.2.8.17 - Hewlett-Packard Company)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-93258141-2886678798-44533873-1005\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.6.0.142 - Symantec Corporation)
NVIDIA Graphics Driver 335.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.58 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Pin It (HKLM-x32\...\Pin It_is1) (Version: 0.0.4 - Pinterest)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.1 - Ruiware)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 15.6.9.0 - WOT Services Oy)
XFINITY Toolbar (HKLM-x32\...\xfin_portal) (Version: 4.7.5.1 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D8DB0F1-47A0-4510-80DF-CBBD7047A869} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {1C2A8D68-04BC-4D7A-A84F-B68A30312B69} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [2013-10-17] ()
Task: {1F12A23C-7FAB-4DAE-BB11-4EDDBE762801} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {2AE9FFF7-AFA6-4285-A215-357513743CB2} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {2E0C7F6C-38BC-4AA4-8A86-35F696827AD7} - System32\Tasks\EPSON WF-7610 Series Update {2ADE5BCA-5B0C-4439-93F9-507FD23A188E} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {39FEBF94-3ED5-4CD3-930E-C149A74F4181} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {48D63521-1C7F-49BE-9DC8-D071D8A5CBC7} - System32\Tasks\EPSON WF-7610 Series Invitation {6FDDEFC2-33F6-4330-958F-247543A92601} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {4B3FB33D-34C0-4FB1-B228-C0313DA73973} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {5723BC9B-4858-42D5-BCCE-4843FF15E9EB} - System32\Tasks\HPCeeScheduleForddemi_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {5B4366A4-2044-4FE4-A339-37114FAF0514} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-93258141-2886678798-44533873-1005 => C:\Users\ddemi_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-12] (Microsoft Corporation)
Task: {5C62A1A9-7440-4A41-8A00-F9354957CE2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {5FB693AC-0B12-4F55-90EF-2E2A79BC3476} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {6D6567FE-B9E7-448E-AA03-B5CA95D03AC9} - System32\Tasks\EPSON WF-7610 Series Update {6FDDEFC2-33F6-4330-958F-247543A92601} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {81305EE1-ED92-46CA-B349-60B65AD943A9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {83FF68E8-23AF-4222-9EAD-FBF527CF2D7C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {96626E09-166A-426E-B755-EF3343DF41A0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {9AB2E418-2C11-4006-8C32-8EEE51BE55E3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-03] (Microsoft Corporation)
Task: {A49C395A-14C0-4424-B8D1-B7655EEE19EC} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2014-05-15] ()
Task: {A4C70D4D-A425-475C-A03C-9320696DD09E} - System32\Tasks\HPCheckDropBoxStatus => c:\hp\HPQWare\DropBox\HPAppDetector.exe [2014-06-03] ()
Task: {B49916BE-6CC1-4BFD-85C0-C82689CF0B49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {C189A742-0C26-4995-9654-0B8970DE2C3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {CAE9E5FA-1289-41DE-B035-4389F589E773} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {CF0D0D7E-FD2A-4A76-BF34-547F645B0615} - System32\Tasks\EPSON WF-7610 Series Invitation {2ADE5BCA-5B0C-4439-93F9-507FD23A188E} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {DC0000ED-6E1E-473A-864D-47B97D5B006C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {EF0718B0-3FA5-4F4D-A1EB-181ADD58B3C8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)
Task: {FFDB3906-D898-46E8-A9D9-95156342EC21} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\EPSON WF-7610 Series Invitation {2ADE5BCA-5B0C-4439-93F9-507FD23A188E}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE
Task: C:\windows\Tasks\EPSON WF-7610 Series Invitation {6FDDEFC2-33F6-4330-958F-247543A92601}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE
Task: C:\windows\Tasks\EPSON WF-7610 Series Update {2ADE5BCA-5B0C-4439-93F9-507FD23A188E}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE:/EXE:{2ADE5BCA-5B0C-4439-93F9-507FD23A188E} /F:UpdateWORKGROUP\DIANA$ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\EPSON WF-7610 Series Update {6FDDEFC2-33F6-4330-958F-247543A92601}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE:/EXE:{6FDDEFC2-33F6-4330-958F-247543A92601} /F:UpdateWORKGROUP\DIANA$ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\HPCeeScheduleForddemi_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\ddemi_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP

==================== Loaded Modules (Whitelisted) ==============

2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-30 20:52 - 2016-04-03 04:34 - 00172224 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-03-04 22:17 - 2016-04-22 01:51 - 08919232 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2014-06-11 00:19 - 2014-06-11 00:19 - 00622080 _____ () C:\windows\system32\spool\DRIVERS\x64\3\JobCapsA.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-05 03:02 - 2014-03-31 05:56 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-93258141-2886678798-44533873-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\ddemi_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EpsonCustomerParticipation => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: STacSV => 2
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "AvgUi"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{11A37A3E-070F-42B2-9EEA-A3EB4DD2A0F2}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{A72FAB07-1556-4260-9D00-9A4AD633FA13}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{9F17903B-0DDB-41A6-AB20-C844C5685CD7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{F9BBCB29-C79D-49F3-AF55-E56B8E651C68}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{1EBF3F3D-523C-4AC5-91A3-EF889146C73D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{3744C87E-CA04-4D55-A39C-ECBDF38F76A6}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{8743F5E3-F3EF-4D1C-A70D-839C6C638B41}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{A6BCBC85-1AD6-410E-9B46-89CC3F5C67BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01429F15-54BE-436D-A5EE-008E39FE82A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0D997F41-7D45-45EC-8667-DB5D5796D2CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DD26CC6E-B603-454C-8B7C-B432B9B4A96D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{00ECB261-C9BC-4150-AEF8-672CAF9EBD30}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DF71FE40-1C9C-4941-926F-23E992011976}] => (Allow) C:\Users\ddemi_000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{5BF7F797-5DE7-41FE-B509-5CF5D38BBC21}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{2672FAFA-056E-4C66-8E4E-7ECF565047CA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{5618CDC5-DD2D-4EE7-8BA3-3E5453E0F9D7}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{0F8220E3-5AB9-4788-A7CD-D6274C3FEAD5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{7ECBAABD-5904-4F6F-892F-566FE1527FDE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EC496616-333E-43A1-8DE6-16C13CCB071F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FCE695E-57EF-4124-9813-936774C0A7B4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6BC67717-CFE9-4CE8-AB5C-19AC8614B998}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C96DDA1-1415-4E5A-82A0-6C291918C2EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{CA5AC3EB-5A55-40B7-8A97-1C670BF5BA76}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{3CA3D90D-ED76-46E4-9674-562502391F06}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{843660AF-6BF0-49F8-87E3-59206E215EBA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{C306B816-B9DA-40BB-8100-8E480B09FB19}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{BAD1097A-40AA-4DA1-9AAD-AF5BE3053CDE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B396769F-5E88-4BB1-9193-F305DD527295}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B3C283BD-145A-4BC7-B292-F7E2B173BE8F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{87633A8B-8947-40BC-A1B4-8E8E3044401F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{39E35076-BA8A-4135-8D55-45005F13CCCC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{E9A793F1-8887-434F-B4C6-9C3719F88342}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

09-04-2016 05:43:42 Scheduled Checkpoint
13-04-2016 05:02:02 Windows Update
21-04-2016 05:54:30 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2016 03:21:02 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/24/2016 10:18:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (04/23/2016 03:21:02 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/23/2016 11:24:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.18231, time stamp: 0x56b8c9f1
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18264, time stamp: 0x56e1bd71
Exception code: 0xe06d7363
Fault offset: 0x0000000000008a5c
Faulting process id: 0xd78
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (04/23/2016 05:37:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (04/22/2016 03:21:02 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/22/2016 12:08:48 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (04/22/2016 02:49:49 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DIANA)
Description: Application or service 'Microsoft Office Document Cache Sync Client Interface' could not be shut down.

Error: (04/21/2016 03:21:02 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/21/2016 02:31:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

System errors:
=============
Error: (04/24/2016 02:01:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/24/2016 02:01:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/23/2016 07:11:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/23/2016 07:11:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/22/2016 02:33:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/22/2016 02:33:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/22/2016 12:36:00 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.

Error: (04/21/2016 11:40:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.

Error: (04/21/2016 11:11:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/21/2016 11:11:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

CodeIntegrity:
===================================
Date: 2015-12-28 03:51:44.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:51:44.373
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:51:19.700
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:51:19.609
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:51:19.405
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:51:19.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:51:11.317
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:51:11.207
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:50:57.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-28 03:50:57.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz
Percentage of memory in use: 14%
Total physical RAM: 16323.02 MB
Available physical RAM: 13914.68 MB
Total Virtual: 18755.02 MB
Available Virtual: 16225.67 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:914.05 GB) (Free:836.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery Image) (Fixed) (Total:15.98 GB) (Free:2.02 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3E5CDAD3)

Partition: GPT.

==================== End of Addition.txt ============================

SellieS · April 25, 2016, 12:09:09 AM

Result of Security Analysis by Rocket Grannie (x86) version: 16th April 2016
Running from:C:\Users\ddemi_000\AppData\Local\Microsoft\Windows\INetCache\IE\EV7KTPRO (19:41:24 - 04/24/2016)
***---------------------------------------------------------***
Microsoft Windows 8.1 X64
UAC is Enabled!
Internet Explorer 11
Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
***-----------------Anti-Virus - Firewall-------------------***
Windows Defender Disabled - up to Date!
RGSA

Windows Firewall is Enabled!
Searching for any other Firewall
Norton Security Suite
***----------------AntiSpyware - Miscellaneous---------------***
Adobe flash Player Plugin is not installed
CCleaner -- An older version than '5.16' is installed.
Malwarebytes Anti-Malware (version 2.2.1.1043)
WinPatrol (version 33.6)
CCleaner (version 5.11) is *out of Date*

***----------------Analysis Complete-------------------------***

SellieS · April 25, 2016, 12:11:01 AM

Corrine, At GardenWeb I am known as Maggie200. They answer very few of my questions b/c I am not articulate, interesting. Some try. The first current link I am giving you has to do with wifi. Sometimes I have a wifi connection on my ipad an iPhone and other times in setting it says I am disconnected. Because Outlook mail and calendars on my PC have been the focus of numerous techs who made it worse I never have synced my pad and phone. The old Outlook for the apple products is not useable. After spending hours and hours with Tier One techs for almost a year it seems MS can't work with MS365 and Outlook. So I am trying to look in other areas that probably need attention. Here is the link for that conversation: http://ths.gardenweb.com/discussions/3839981/is-my-netgear-wireless-router-working?n=16

This next link is about trying to deal with Comcast and lowering my cost. Here is the link: http://ths.gardenweb.com/discussions/3850916/comcast-x1-is-it-necessary-worth-it-another-learning-curve?n=9

plodr · April 25, 2016, 03:16:53 PM

Corrine, Feel free to split my response into a new thread because it doesn't deal with the work you are trying to do.

After reading the two threads at Gardenweb, let me address some questions.
1. I am with Comcast, actually since 1989, and our bill is close to $153/month. We have the almost lowest level tv tier. I think it is called Digital Starter and internet called Performance. We don't have DVRs because I don't want to pay a monthly fee that keeps climbing up. So your bill is within range.

What has me steamed is we have 4 tv sets in the house. One has the big Comcast box, which is "free" and the other three have a DTA. Those used to be free. Now Comcast charges $3.99/month for each box so we pay close to $12 for them! Unfortunately, if you remove a DTA from a tv, you can't figure out where to get the channels. We bought an LCD for the kitchen, removed the box and discovered trying to find a signal for a channel was an exercise in futility. We returned the tv and went back to the old analog set with the DTA attached.

2. I've been using the same router since 2004. I asked around before I bought and got good advice to buy a Linksys WRT54G. It has been a solid router with no glitches. So anyone that says a router needs to be replaced every few years just didn't get a great one to start.
What is your model? I can tell you how to secure it a bit more so others won't use your wireless signal and perhaps steal some of your bandwidth, if you think that might be the problem.

3. Comcast wants me to get a new modem that is DOCSIS 3. My speeds will increase so they tall me when they call and send letters. Currently we have 6 computers and a tablet that connect to the internet and our download speeds are about 25Mbps. We don't stream Netflix or Hulu so that speed is more than adequate for our computer usage.
I do have a new modem purchased; I haven't been eager to connect because I have to call Comcast with the MAC address of the new modem to connect. Depending how soon they get to it, we might be without internet for a few hours or up to a day.

SellieS · April 25, 2016, 04:19:29 PM

C,
Sorry to add another link. This one has to do with Netgear telling me my 4 year old router needed to be updated at a price. Hence, podr's comment on her router.
Here is the link:

http://ths.gardenweb.com/discussions/3839981/is-my-netgear-wireless-router-working?n=16

BTW, I'm so sorry for bringing this to you again. If you are drowning you morning in coffee, don't do it. Just say no. Is this too much?

Corrine · April 25, 2016, 05:27:40 PM

As long as you don't mind everything in one discussion topic, Ellie, we can keep it all here. Otherwise, I can split the discussions on the router, Comcast, etc. to a separate topic.

As to the logs:

1. Please move FRST from C:\Users\ddemi_000\AppData\Local\Microsoft\Windows\INetCache\IE\OESKBYOW to C:\Users\ddemi_000\Desktop.

2. FRST.txt is missing. Please copy/paste that in your next reply.

3. I suggest you uninstall HowToSimplified Internet Explorer Homepage and New Tab, a potentially unwanted program.

4. MSCONFIG/TASK MANAGER disabled items: From Using System Configuration (msconfig) - Windows Help:

QuoteSystem Configuration is a tool that can help identify problems that might prevent Windows from starting correctly. You can start Windows with common services and startup programs turned off and then turn them back on, one at a time. If a problem doesn't occur when a service is turned off, but does occur when that service is turned on, then the service could be the cause of the problem.

System Configuration is intended to find and isolate problems, but it's not meant as a startup management program. {Bold added}

In other words, MSConfig is useful for troubleshooting but not for managing startup programs. Using MSConfig can lock malware in the registry, only to become apparent should it be restored to normal start up. In addition, there is no automated way of changing the setting. Each has to be done manually, which is what I suggest that you do.

---> Click start, type msconfig in the search box, open msconfig, click on the start up tab. Put a check mark in each entry, reboot the computer. You can then use WinPatrol to disable or remove remove any items from startup that you do not running when you boot the computer. See Start Up Programs: Remove, Add, Disable. A second option is via Task Manager. Instructions here: How To Disable Windows 8.1 Startup Programs.

plodr · April 25, 2016, 07:29:28 PM

First mistake

QuoteComcast said I should call Netgear to find out if WiFi was working

Don't listen to Comcast. I have never called Linksys about my router.
Of course netgear will either want to charge you for advice or sell you another router, which you can probably buy at a lower price elsewhere.

Are all the computers/tablets in your house wireless? If so, that's not good. You should have at least one device wired to the router.

I may have missed it but you did not post the model of the 4 year old Netgear router you use. If you aren't sure, turn it over. Chances are there is a label on the bottom with information. Don't post it publicly just in case there is a password on it.
You can send me a private message in the forum - click My Messages - and type what is on the label. That way what needs to be private will stay private.

Pete! · April 25, 2016, 07:40:42 PM

http://compnetworking.about.com/od/wifihomenetworking/tp/connectiondrop.htm

SellieS · April 26, 2016, 12:11:23 AM

Corrine, I am trying to move the 1st path to my desktop. Struggling. Copied the first path and tried to put it in Desktop. The pointer/computer reacted to that by going into circles. Hit escape without success and went to Task Master. I have stopped the circles (there is a real word other than circles - cycling?) Can I move the first path of your directions by using this key: >

I will have to run Farbar again to get FRST.txt. Can I do that now? When I first did the exercise with the Farbar Recovery Scan Tool I only got shortcuts. Upon reading it over and over I saw what I needed in Farbar to produce the logs. So, I missed FRST.txt on the final run.

I attached two snips to show you the set up of Task Master at this time and my libraries. I always struggled with libraries even on the last computer. I never saw the sense in them as the libraries each contains pic, docs maybe music. I waited a long time to buy a computer and used my iPad. When I came back there is One Drive. It had to fit in the library tiers. I hated coming back into MS with this added on. I had a MS tech set it up as I knew nothing about One Drive, iCloud and don't understand why some things are in there and not others as he or she used it. I know the concept is to save my docs and pics in case my computer crashes. However, I have duplicates of pictures. This may have happened when I synced pics from my iPhone a couple of times. Don't know what the default is/was but I do know now I choose to click on PC and put pics in there. There is a glitch with ddemi_000/? where pics tried to sync to it but a message came up that it doesn't exist. I asked a helpdesk person about the duplication of also the tiers. I was told to just pick one set and I did. So, there is no easy way to gather one set of just pictures. I hate the folders within pictures. A mess that I can undo or would try. When I look at Task Master in the Process(es) mode I saw One Drive listed as the first and 2nd open programs. I can't close them I said to myself as I don't know what that would do and chose IE and got out.

This all will take time. These operations are customized for me and I appreciate the long hours you put in to get them down to my level. I will wait until you get your head out of the oven and can answer and comment on what I need.

SellieS · April 26, 2016, 12:14:41 AM

Here is the Task Manager.

SellieS · April 26, 2016, 12:32:57 AM

Pete, I looked at your link and the reason I may not get wifi in my bedroom from my router in the den is the position of the router. The computer is at the end of the room in front of a window with the router next to it.
I thought it would be easy to check my wifi strength. It hasn't been.

PLDR: I have a PC. It is plugged in. I also have an iPad and iPhone. I will give you what is on the Net gear box.

The model number is WNR2000-100NAS
The S/N is 25G1195X01485.

Yes, Netgear only wanted to upsell me. Would not give me any info on discovering how it is running. Visuals like are the lights on it correctly on or blinking. Very strong, quick comeback to me. " What are you going to do? Let us update it now or do you want to find a router yourself?" Not a help desk. The young woman repeated it over and over. Very shocked at this behavior.
Thank you both for your input.

Corrine · April 26, 2016, 01:59:43 AM

Quote from: SellieS on April 26, 2016, 12:11:23 AM
Corrine, I am trying to move the 1st path to my desktop. Struggling. Copied the first path and tried to put it in Desktop.

I don't want you to move the "path" to your desktop. What you need to do is navigate to C:\Users\ddemi_000\AppData\Local\Microsoft\Windows\INetCache\IE\OESKBYOW and from there move FRST to your desktop, C:\Users\ddemi_000\Desktop. That is also where you will find FRST.txt.

Quote from: SellieS on April 26, 2016, 12:11:23 AM
I will have to run Farbar again to get FRST.txt. Can I do that now? When I first did the exercise with the Farbar Recovery Scan Tool I only got shortcuts. Upon reading it over and over I saw what I needed in Farbar to produce the logs. So, I missed FRST.txt on the final run.

If you need to run FRST again to get FRST.txt, that's fine. However, both logs should have opened when it finished running.

Quote from: SellieS on April 26, 2016, 12:11:23 AM
I attached two snips to show you the set up of Task Master at this time and my libraries.

Your Library setup look normal. I don't understand what the problem is.

As to Task Manager, I mentioned it as an alternative to disabling the files that were disabled by MS Config and shouldn't have been instead of WinPatrol. Personally, I'd use WinPatrol.

Quote from: SellieS on April 26, 2016, 12:11:23 AM
I always struggled with libraries even on the last computer. I never saw the sense in them as the libraries each contains pic, docs maybe music. I waited a long time to buy a computer and used my iPad. When I came back there is One Drive. It had to fit in the library tiers. I hated coming back into MS with this added on. I had a MS tech set it up as I knew nothing about One Drive, iCloud and don't understand why some things are in there and not others as he or she used it. I know the concept is to save my docs and pics in case my computer crashes. However, I have duplicates of pictures. This may have happened when I synced pics from my iPhone a couple of times. Don't know what the default is/was but I do know now I choose to click on PC and put pics in there. There is a glitch with ddemi_000/? where pics tried to sync to it but a message came up that it doesn't exist. I asked a helpdesk person about the duplication of also the tiers. I was told to just pick one set and I did. So, there is no easy way to gather one set of just pictures. I hate the folders within pictures. A mess that I can undo or would try. When I look at Task Master in the Process(es) mode I saw One Drive listed as the first and 2nd open programs. I can't close them I said to myself as I don't know what that would do and chose IE and got out.

This all will take time. These operations are customized for me and I appreciate the long hours you put in to get them down to my level. I will wait until you get your head out of the oven and can answer and comment on what I need.

The purpose of libraries is to organize your files. In the Photos library, you could have many different folders for separating pictures from different events, screen captures, whatever. With music, some people like to separate different genres so they could create folders for organizing them and even sub folders for artists if they have a large collection. Although written originally for Windows 7, the principal is the same: Working with libraries.

Do you understand what OneDrive is? It wouldn't if you read this Getting started with OneDrive - Windows tutorial for information about OneDrive. Actually, the screen copy shows iCloud processes not OneDrive. When you click OneDrive, it takes you to the cloud storage location. You can store pictures in your Pictures folder on your computer and also back them up to OneDrive. Yes, that means two copies, one set on your computer and one located in OneDrive. If you also store them in iCloud, then you have a third copy.

SellieS · April 26, 2016, 03:45:29 AM

C, I'm so sorry. I'm so stressed out by this that I can't go on. I have spent a year trying to work with Microsoft and the problems mount. Surely, this is not your typical response, I know. I looked in the path you gave me and there was no FRST. On my desktop there are shortcuts for FRST.txt. When I figured out why I wasn't using Farbar correctly I made the logs correctly and must have missed FRST. There is no notepad or log for FRST on the desktop just shortcuts.

And if you opened up the folders in my library you would see the sub folders and the duplications. It can't be correct. You can see there are two One Drive. Folders inside of folders inside of folders. Trying to find anything is very difficult. What I would want for simplicity is a library with pics of the documents then a library or folder open with pictures. I don't need genres. This whole year I have hardly been able to put any documents or pics in this computer. Scanning and copying documents was what I needed for personal use.

One MS tech lost all my months of Outlook Calendars. Another tech found some of the months and rebuilt is using 7 calendars that he put together. I understand why he did it because I colorcode every kind of appt. and every event but he didn't understand categories and used different colors one could dress up a calendar in all blue or pink or yellow. then he left me with 7 calendars and hung up.

I am a 70 year old lady who has had a totally different career, life than this with computers. I spend all hours of of the day calling MS in hopes of getting to the next tier and a person who is trained to work with Outlook and MS 365. All day Sundays. If I get a good person and there have been 2 I cannot get them back. One person gave me his phone in his office and as a Sr. person was frustrated at what I what had been done by techs who say they are 2nd tier, trained experts in Outlook.

Why should I have to know the same thing that a trained computer expert knows? And MS does not give me knowledgeable people. They take over my computer and then hang up and I start over. They don't know it and never have done a log of any sort to find problems to fix what the last guy did. I go to the MS forums and people are asking the same questions to each other without intervention from MS.
The burden of spending the money for a new computer and MS 365 which the MS people don't know how to use is driving me to tears upon tears. Life cannot go on like this. The computer is the only way to communicate with others sometimes at my age and situation.

I only use Task Manager to stop the cycling. I never knew I could do that with Win Patrol. This computer is not stable and I had a hard time getting back here after reading my mail.

Is there a way I can keep calling MS and if I get to a trained person I can show them the directions you have given me? They can take over my computer and use your knowledge where I can't.

I am not a quitter but this is driving me out of my mind.