• Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

Chrome wont connect

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
Hi to all,I got a new modem for my wi-fi yesterday and since then I cant connect to the web with Google Chrome there is no problem with IE or Firefox. Thanks in advance for any help.
 

KenB

Administrator
Joined
Oct 19, 2008
Location
Wirral UK
PC Experience
Very Experienced
Hi J-E,

Please confirm that this happening on a Win 8 machine.

Which Anti-Virus are you using?
Have you tried turning the AV off to see if this is the cause of the problem ?
Obviously turn the AV back on again immediately after testing.

Do you have any anti-malware software running in real time?
If so - which one ?
If so - try turning this off [ just to test - then turn back on again immediately ]

===============

Also try this and let me know the results [ I expect no problems but we need to try it :) ]

Start > Search Box > type in .......cmd ........ > right click on the Command Prompt that appears on the left side of screen
Select "Run as Administrator"

At the prompt type: ping 127.0.0.1 - now hit Enter [ space after ping ]
You should get 4 packets sent and no losses

If this is successful try typing : ping www.google.com - hit Enter
Again you should get 4 packets sent and no losses.

It looks like this:

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms


C:\Users\ken>ping www.google.com


Pinging www.google.com [62.24.212.79] with 32 bytes of data:
Reply from 62.24.212.79: bytes=32 time=8ms TTL=62
Reply from 62.24.212.79: bytes=32 time=10ms TTL=62
Reply from 62.24.212.79: bytes=32 time=14ms TTL=62
Reply from 62.24.212.79: bytes=32 time=10ms TTL=62


Ping statistics for 62.24.212.79:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 14ms, Average = 10ms


C:\Users\ken
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
Thanks for your reply, I am running windows 8.1 and the only av is windows defender. I did what you said in the search bar > cmd and it was just as you said it would be.
 

KenB

Administrator
Joined
Oct 19, 2008
Location
Wirral UK
PC Experience
Very Experienced
I also asked you to turn off your AV [ Defender ] to try to connect using Chrome.
Did this make any difference ?

This may help - click here

Don't forget to turn it back on :)
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
Thanks for your reply,I turned windows defender off and tried to open Chrome it is still no go. I wonder if it has anything to do with the new modem(Arris).
 

KenB

Administrator
Joined
Oct 19, 2008
Location
Wirral UK
PC Experience
Very Experienced
I assume that you turned Defender back on ?

Try resetting Chrome.
Open Chrome > top right you will see three vertical dots > click on this.
Click on "Settings"
At the top there is a Search Box ........type in ......Reset.......hit Enter
Now click on "Reset"

You will see a box that explains what will happen if you Reset.

Click "Reset" again.

Let me know how you get on with this.
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
I tried the reset tip and it is still no go,yes I turned windows defender back on.
 

KenB

Administrator
Joined
Oct 19, 2008
Location
Wirral UK
PC Experience
Very Experienced
try the following:

Click on the Chrome Icon
Click on the three vertical dots [top right of screen ]
Settings
In the Search Box at the top type in ..........network .........then click on "Change Proxy Settings"
Click on "LAN Settings" at the bottom
Make sure that "Automatically Detect Settings" is checked and NOT "Use a Proxy ...."

If you have to make a change make sure you click OK to confirm.

Let me know if this helps.
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Jimmy,

There are a couple of things I'd like to look in to if you don't mind....

Note:
There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.

If you are unsure what you're system bit type is..... click Here for help.

For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Double-click the downloaded icon to run the tool. Vista/Windows 7/8/10 users right-click and select Run As Administrator


  • When the tool opens click Yes to disclaimer.


  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.


  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.


please post both reports for me.

Thanks
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
Ran by Ray (administrator) on JIMMY (26-05-2017 22:01:47)
Running from C:\Users\Ray\Downloads
Loaded Profiles: Ray (Available Profiles: Ray & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Amazon.com) C:\Users\Ray\Desktop\My Documents\Downloads from Google ETC\ADVWindowsClientService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(johnsadventures.com) C:\Users\Ray\Desktop\My Documents\A New Folder Pictures for switch\John's Background Switcher\BackgroundSwitcher.exe
(Ruiware) C:\Program Files (x86)\Ruiware LLC\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\Run: [BackgroundSwitcher] => C:\Users\Ray\Desktop\My Documents\A New Folder Pictures for switch\John's Background Switcher\BackgroundSwitcher.exe [121688 2016-10-30] (johnsadventures.com)
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2017-03-17] (TomTom)
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware LLC\WinPatrol\WinPatrol.exe [1223560 2017-05-07] (Ruiware)
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\Run: [EasyHideIPVPN] => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\MountPoints2: {6faa9800-2894-11e3-be6d-c81f66038689} - "D:\WD SmartWare.exe" autoplay=true
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk [2017-01-18]
ShortcutTarget: Amazon Unbox.lnk -> C:\Users\Ray\Desktop\My Documents\Downloads from Google ETC\ADVWindowsClientSystemTray.exe (Amazon.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-01-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4630 Series Class Driver.lnk [2017-05-26]
ShortcutTarget: Monitor Ink Alerts - HP Officejet 4630 Series Class Driver.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9-x64 01 C:\WINDOWS\system32\EasyRedirect64.dll [549808 2015-08-15] (EasyTech)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\EasyRedirect64.dll [549808 2015-08-15] (EasyTech)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\EasyRedirect64.dll [549808 2015-08-15] (EasyTech)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\EasyRedirect64.dll [549808 2015-08-15] (EasyTech)
Winsock: Catalog9-x64 15 C:\WINDOWS\system32\EasyRedirect64.dll [549808 2015-08-15] (EasyTech)
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
Tcpip\..\Interfaces\{51C8D340-F890-41D3-9072-A0A4EB2CA895}: [DhcpNameServer] 208.180.42.68 208.180.42.100
Tcpip\..\Interfaces\{8CDBDBFF-A911-4FDE-9D2F-5311E047BB2A}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{A8C40184-0C97-472B-A7BC-59462E7AB2BC}: [DhcpNameServer] 208.180.42.68 208.180.42.100

Internet Explorer:
==================
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
SearchScopes: HKU\S-1-5-21-2801032338-2342425128-3870613798-1001 -> DefaultScope {EA8E9CE8-160E-4200-89F5-5C78A3C55E8F} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=$hspart&hsimp=$hsimp&p={searchTerms}&type=tb_ie_chr-ctbs-tyc-sc
SearchScopes: HKU\S-1-5-21-2801032338-2342425128-3870613798-1001 -> {9E00ED14-DDAB-4086-B889-8ACD884A8ECF} URL =
SearchScopes: HKU\S-1-5-21-2801032338-2342425128-3870613798-1001 -> {EA8E9CE8-160E-4200-89F5-5C78A3C55E8F} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=$hspart&hsimp=$hsimp&p={searchTerms}&type=tb_ie_chr-ctbs-tyc-sc
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-19] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Ant.com browser helper (video detector) -> {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} -> C:\Program Files (x86)\Ant.com\IE add-on\Download.dll [2013-03-05] (Ant.com)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll [2013-03-05] (Ant.com)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-2801032338-2342425128-3870613798-1001 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

FireFox:
========
FF ProfilePath: C:\Users\Ray\AppData\Roaming\TomTom\HOME\Profiles\8hcmhey1.default [2017-03-31]
FF Extension: (Emulator) - C:\Users\Ray\AppData\Roaming\TomTom\HOME\Profiles\8hcmhey1.default\Extensions\Navcore.9.510.1234792@tomtom.com [2017-03-31] [not signed]
FF ProfilePath: C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\1fxv7mmq.default-1482161108706 [2017-05-26]
FF Homepage: Mozilla\Firefox\Profiles\1fxv7mmq.default-1482161108706 -> hxxps://us.yahoo.com?fr=fp-tyc-sc
FF Extension: (Adguard AdBlocker) - C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\1fxv7mmq.default-1482161108706\Extensions\adguardadblocker@adguard.com.xpi [2017-01-14]
FF Extension: (uBlock Origin) - C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\1fxv7mmq.default-1482161108706\Extensions\uBlock0@raymondhill.net.xpi [2017-05-14]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\1fxv7mmq.default-1482161108706\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2017-01-01]
FF Extension: (Adblock Plus) - C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\1fxv7mmq.default-1482161108706\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-2801032338-2342425128-3870613798-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\Ray\AppData\Local\Google\Chrome\User Data\Default [2017-05-26]
CHR Extension: (Docs) - C:\Users\Ray\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-20]
CHR Extension: (Google Drive) - C:\Users\Ray\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-20]
CHR Extension: (YouTube) - C:\Users\Ray\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-20]
CHR Extension: (Gmail) - C:\Users\Ray\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADVService; C:\Users\Ray\Desktop\My Documents\Downloads from Google ETC\ADVWindowsClientService.exe [25704 2011-11-23] (Amazon.com) [File not signed]
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 efavdrv; C:\WINDOWS\SysWOW64\drivers\efavdrv.sys [115008 2017-01-20] (ESET)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [28664 2016-04-29] (Intel Mobile Communications)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-26 22:01 - 2017-05-26 22:02 - 00019418 _____ C:\Users\Ray\Downloads\FRST.txt
2017-05-26 21:58 - 2017-05-26 21:58 - 02429952 _____ (Farbar) C:\Users\Ray\Downloads\FRST64.exe
2017-05-25 11:21 - 2017-05-25 11:21 - 00429095 _____ C:\Users\Ray\Downloads\2016-10-19-document.pdf
2017-05-25 11:15 - 2017-05-25 11:15 - 00428121 _____ C:\Users\Ray\Downloads\2017-05-19-document.pdf
2017-05-25 09:16 - 2017-05-25 09:16 - 00332413 _____ C:\Users\Ray\Desktop\Child Disability Report - Form 3820.htm
2017-05-25 09:16 - 2017-05-25 09:16 - 00000000 ____D C:\Users\Ray\Desktop\Child Disability Report - Form 3820_files
2017-05-24 17:49 - 2017-04-27 09:11 - 00869568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-05-24 17:49 - 2017-04-27 09:11 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-05-24 17:49 - 2017-04-27 09:10 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-05-24 17:49 - 2017-04-27 09:10 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-05-24 17:45 - 2017-04-06 13:37 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-05-24 17:45 - 2017-04-06 13:16 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2017-05-24 17:45 - 2017-04-06 12:50 - 01436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-24 17:45 - 2017-04-06 12:46 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-05-24 17:45 - 2017-04-06 12:46 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-05-24 17:45 - 2017-04-06 12:35 - 01362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-05-24 17:45 - 2017-04-06 12:15 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-05-24 17:45 - 2017-04-06 11:44 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-05-24 17:45 - 2017-04-02 10:49 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-05-24 17:45 - 2017-04-02 09:40 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-24 17:45 - 2017-02-10 15:06 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-05-24 17:45 - 2017-02-01 15:44 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-05-24 17:45 - 2017-02-01 15:42 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-05-22 17:45 - 2017-05-22 17:45 - 00000592 _____ C:\Users\Ray\Downloads\Turn_On_Windows_Defender.reg
2017-05-22 17:40 - 2017-05-22 17:40 - 00000626 _____ C:\Users\Ray\Downloads\Turn_Off_Windows_Defender(1).reg
2017-05-22 17:39 - 2017-05-22 17:39 - 00000626 _____ C:\Users\Ray\Downloads\Turn_Off_Windows_Defender.reg
2017-05-20 17:10 - 2017-05-20 17:10 - 01130328 _____ (Google Inc.) C:\Users\Ray\Downloads\ChromeSetup(4).exe
2017-05-20 17:10 - 2017-05-20 17:10 - 00002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-20 17:10 - 2017-05-20 17:10 - 00002241 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-20 16:58 - 2017-05-20 16:58 - 01130328 _____ (Google Inc.) C:\Users\Ray\Downloads\ChromeSetup(3).exe
2017-05-16 20:43 - 2017-05-16 20:43 - 01510832 _____ (Ruiware) C:\Users\Ray\Downloads\wpsetup(3).exe
2017-05-16 20:40 - 2017-04-28 18:44 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-16 20:40 - 2017-04-28 18:44 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-16 18:53 - 2017-04-28 17:15 - 07444824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-16 18:53 - 2017-04-26 10:06 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-05-16 18:53 - 2017-04-16 06:23 - 02176584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-16 18:53 - 2017-04-16 06:23 - 01662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-16 18:53 - 2017-04-16 06:23 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-16 18:53 - 2017-04-16 06:18 - 01135288 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-16 18:53 - 2017-04-16 06:18 - 00803192 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-16 18:53 - 2017-04-16 05:07 - 01566032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-16 18:53 - 2017-04-16 05:07 - 01213792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-16 18:53 - 2017-04-16 05:07 - 00548032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-16 18:53 - 2017-04-16 05:05 - 00612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-16 18:53 - 2017-04-16 04:54 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-16 18:53 - 2017-04-16 04:54 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-16 18:53 - 2017-04-16 04:51 - 02899456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-16 18:53 - 2017-04-16 04:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-05-16 18:53 - 2017-04-16 04:36 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-05-16 18:53 - 2017-04-16 04:35 - 25741312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-16 18:53 - 2017-04-16 04:18 - 05977600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-16 18:53 - 2017-04-16 04:16 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-16 18:53 - 2017-04-16 04:10 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-16 18:53 - 2017-04-16 04:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-16 18:53 - 2017-04-16 04:02 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-16 18:53 - 2017-04-16 04:01 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-16 18:53 - 2017-04-16 04:00 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-16 18:53 - 2017-04-16 04:00 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-05-16 18:53 - 2017-04-16 03:53 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-16 18:53 - 2017-04-16 03:52 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-05-16 18:53 - 2017-04-16 03:49 - 20278272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-16 18:53 - 2017-04-16 03:47 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-05-16 18:53 - 2017-04-16 03:43 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-16 18:53 - 2017-04-16 03:40 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-16 18:53 - 2017-04-16 03:40 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-16 18:53 - 2017-04-16 03:40 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-16 18:53 - 2017-04-16 03:37 - 02132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-16 18:53 - 2017-04-16 03:29 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-16 18:53 - 2017-04-16 03:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-16 18:53 - 2017-04-16 03:23 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-16 18:53 - 2017-04-16 03:22 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-16 18:53 - 2017-04-16 03:22 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-16 18:53 - 2017-04-16 03:17 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-05-16 18:53 - 2017-04-16 03:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-16 18:53 - 2017-04-16 03:10 - 15250944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-16 18:53 - 2017-04-16 03:10 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-16 18:53 - 2017-04-16 03:10 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-16 18:53 - 2017-04-16 03:08 - 04548608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-16 18:53 - 2017-04-16 03:08 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-16 18:53 - 2017-04-16 03:04 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-16 18:53 - 2017-04-16 03:02 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-05-16 18:53 - 2017-04-16 02:53 - 13661184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-16 18:53 - 2017-04-16 02:50 - 01544704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-16 18:53 - 2017-04-16 02:40 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-16 18:53 - 2017-04-16 02:37 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-16 18:53 - 2017-04-16 02:34 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-16 18:53 - 2017-04-16 02:34 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-16 18:53 - 2017-04-09 18:00 - 01548640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-16 18:53 - 2017-04-09 18:00 - 00388448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-16 18:53 - 2017-04-07 19:20 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-05-16 18:53 - 2017-04-07 09:56 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-05-16 18:53 - 2017-04-02 12:41 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-16 18:53 - 2017-04-02 12:41 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-16 18:53 - 2017-03-31 19:16 - 01968408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-16 18:53 - 2017-03-31 17:59 - 01612504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-16 18:53 - 2017-03-14 15:06 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-05-16 18:53 - 2017-03-14 10:26 - 03714560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-16 18:53 - 2017-03-14 10:09 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2017-05-16 18:53 - 2017-03-14 10:08 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-05-16 18:53 - 2017-03-14 10:06 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-05-16 18:53 - 2017-03-13 12:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmitomi.dll
2017-05-16 18:53 - 2017-03-13 12:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-05-16 18:53 - 2017-03-13 12:25 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-05-16 18:53 - 2017-03-13 12:13 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmitomi.dll
2017-05-16 18:53 - 2017-03-13 12:13 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2017-05-16 18:53 - 2017-03-13 12:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2017-05-16 18:53 - 2017-03-13 12:08 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2017-05-16 18:53 - 2017-03-13 12:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-05-16 18:53 - 2017-03-13 12:07 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-16 18:53 - 2017-03-13 12:06 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-05-16 18:53 - 2017-03-13 11:59 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2017-05-16 18:53 - 2017-03-13 11:59 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2017-05-16 18:53 - 2017-03-13 11:56 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-05-16 18:53 - 2017-03-12 11:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-16 18:53 - 2017-03-10 23:59 - 01763888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-16 18:53 - 2017-03-10 23:56 - 01489608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-16 18:53 - 2017-03-10 23:44 - 00373080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-16 18:53 - 2017-03-10 23:41 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-16 18:53 - 2017-03-10 19:38 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-05-16 18:53 - 2017-03-09 17:08 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-16 18:53 - 2017-03-09 16:52 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-05-16 18:53 - 2017-03-09 15:29 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-16 18:53 - 2017-03-09 15:17 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-05-16 18:53 - 2017-03-07 22:44 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-05-16 18:53 - 2017-03-04 15:24 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-16 18:53 - 2017-03-04 15:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-16 18:53 - 2017-03-04 14:15 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-16 18:53 - 2017-03-04 12:37 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-16 18:53 - 2017-03-03 11:11 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-16 18:53 - 2017-03-03 11:10 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-16 18:53 - 2017-03-03 11:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-16 18:53 - 2017-03-03 11:04 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-16 18:53 - 2017-02-11 14:18 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-16 18:53 - 2017-02-11 13:00 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-05-16 18:53 - 2017-02-11 12:49 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-05-16 18:53 - 2017-02-11 12:42 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-05-16 18:53 - 2017-02-10 10:37 - 00046600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2017-05-16 18:53 - 2017-02-09 11:28 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-16 18:53 - 2017-02-09 11:19 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-16 18:53 - 2017-02-09 11:16 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-16 18:53 - 2017-02-09 10:59 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-05-16 18:53 - 2017-02-09 10:58 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-05-16 18:53 - 2017-02-09 10:58 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-05-16 18:53 - 2017-02-04 16:30 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-05-16 18:53 - 2017-02-04 16:30 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-05-16 18:53 - 2017-02-04 16:30 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-05-16 18:53 - 2017-02-04 16:30 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-05-16 18:53 - 2017-02-04 15:32 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2017-05-16 18:53 - 2017-02-04 15:30 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-05-16 18:53 - 2017-02-04 14:14 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-05-16 18:53 - 2017-02-04 13:53 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2017-05-16 18:53 - 2017-02-04 13:51 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-05-16 18:53 - 2017-02-04 13:50 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-05-16 18:53 - 2017-02-04 13:40 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-05-16 18:53 - 2017-02-04 13:32 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-05-16 18:53 - 2017-02-04 13:19 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2017-05-16 18:53 - 2017-02-04 13:17 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-05-16 18:53 - 2017-02-04 13:10 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-05-16 18:53 - 2017-02-04 13:05 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-05-16 18:53 - 2017-01-21 17:37 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-16 18:53 - 2017-01-21 15:27 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2017-05-16 18:53 - 2017-01-21 15:27 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2017-05-16 18:53 - 2017-01-21 14:40 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2017-05-16 18:53 - 2017-01-21 14:40 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2017-05-16 18:53 - 2017-01-18 22:18 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-05-16 18:53 - 2017-01-18 10:35 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-05-16 18:53 - 2017-01-18 10:34 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-05-16 18:53 - 2017-01-14 16:32 - 00955016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-16 18:53 - 2017-01-14 15:18 - 00787688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-16 18:53 - 2017-01-14 13:49 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-05-16 18:53 - 2017-01-12 12:51 - 00274776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2017-05-16 18:53 - 2017-01-12 12:51 - 00117592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2017-05-16 18:53 - 2017-01-12 02:12 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-05-16 18:53 - 2017-01-11 15:37 - 02345984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-05-16 18:53 - 2017-01-11 15:12 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2017-05-16 18:53 - 2017-01-11 13:28 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-16 18:53 - 2017-01-11 11:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2017-05-16 18:53 - 2017-01-10 18:37 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-05-16 18:53 - 2017-01-10 17:06 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-05-16 18:53 - 2017-01-10 16:46 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-16 18:53 - 2017-01-10 15:20 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-05-16 18:53 - 2017-01-10 15:09 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-16 18:53 - 2017-01-10 15:08 - 01549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-05-16 18:53 - 2017-01-06 13:25 - 02513408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-16 18:53 - 2017-01-06 13:04 - 01495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-16 18:53 - 2017-01-05 14:09 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-05-16 18:53 - 2017-01-05 13:29 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-05-16 18:53 - 2017-01-05 13:13 - 07796224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-16 18:53 - 2017-01-05 12:57 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-16 18:53 - 2016-12-24 21:21 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2017-05-16 18:53 - 2016-12-24 21:14 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-05-16 18:53 - 2016-12-24 20:48 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-05-16 18:53 - 2016-12-24 20:19 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-05-16 18:53 - 2016-12-24 19:39 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-05-16 18:53 - 2016-12-09 04:08 - 00379736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-05-16 18:53 - 2016-11-19 17:24 - 00152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-05-16 18:53 - 2016-11-19 13:22 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-05-16 18:53 - 2016-11-16 17:49 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-05-16 18:53 - 2016-11-12 17:06 - 00738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2017-05-16 18:53 - 2016-11-12 15:38 - 00613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2017-05-16 18:53 - 2016-11-10 22:33 - 01541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-05-16 18:53 - 2016-11-09 13:25 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-05-16 18:53 - 2016-11-05 13:57 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-16 18:53 - 2016-11-05 13:11 - 03606528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-16 18:53 - 2016-11-05 11:56 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-16 18:53 - 2016-11-05 11:46 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-16 18:52 - 2017-02-23 10:50 - 00093360 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-05-16 18:52 - 2017-02-22 10:35 - 01609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-05-16 18:52 - 2017-02-22 10:35 - 01286144 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-05-16 18:52 - 2017-02-22 10:35 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-05-16 18:52 - 2017-02-22 10:35 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-05-16 18:52 - 2017-02-22 10:35 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-05-16 18:52 - 2017-02-22 10:35 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-05-16 18:52 - 2017-02-22 10:35 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-05-16 18:52 - 2017-02-22 10:35 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-05-16 16:00 - 2017-05-16 16:00 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Google
2017-05-11 23:21 - 2017-05-11 23:21 - 00000000 ____D C:\Users\Ray\Desktop\Amazon.com D-JOY Tri-Spinner Fidget Toy Hand Spinner Camouflage, Stress Reducer Relieve Anxiety and Boredom Camo (Starry sky) Toys & Games_files
2017-05-11 23:20 - 2017-05-11 23:21 - 01177986 _____ C:\Users\Ray\Desktop\Amazon.com D-JOY Tri-Spinner Fidget Toy Hand Spinner Camouflage, Stress Reducer Relieve Anxiety and Boredom Camo (Starry sky) Toys & Games.htm
2017-05-02 22:47 - 2017-05-02 22:47 - 00082664 _____ C:\Users\Ray\Downloads\Fructosamin-to-A1C-conversion-table.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-26 22:01 - 2017-01-31 09:12 - 00000000 ____D C:\FRST
2017-05-26 21:53 - 2013-12-28 20:23 - 00000000 ____D C:\Users\Ray\AppData\Roaming\ClassicShell
2017-05-26 21:51 - 2012-07-26 01:26 - 00000223 _____ C:\WINDOWS\win.ini
2017-05-26 21:00 - 2016-11-18 19:03 - 00000000 ____D C:\Users\Ray\AppData\LocalLow\Mozilla
2017-05-26 13:12 - 2014-09-24 03:15 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-26 13:12 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Inf
2017-05-26 13:11 - 2013-09-24 18:44 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-05-26 13:09 - 2014-10-22 16:38 - 00000000 __RDO C:\Users\Ray\OneDrive
2017-05-26 13:08 - 2014-10-22 16:35 - 00000000 __SHD C:\Users\Ray\IntelGraphicsProfiles
2017-05-26 13:08 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-26 13:08 - 2013-08-22 09:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-05-25 09:25 - 2017-03-03 10:21 - 00000000 ____D C:\Users\Ray\AppData\Local\CrashDumps
2017-05-24 17:49 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-24 17:48 - 2013-12-28 21:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-24 17:47 - 2013-12-28 21:55 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 16:27 - 2013-12-30 01:21 - 00043408 _____ C:\Users\Ray\AppData\Roaming\wklnhst.dat
2017-05-23 16:27 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-05-23 11:33 - 2015-05-18 09:45 - 00000000 ___RD C:\Users\Ray\Desktop\MOST OF THE DESKTOP IN ONE FOLDER
2017-05-23 11:10 - 2015-11-22 19:28 - 00000000 ____D C:\Users\Ray\Desktop\MY SHARED FOLDER
2017-05-22 10:47 - 2013-12-28 19:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2801032338-2342425128-3870613798-1001
2017-05-22 10:23 - 2013-12-29 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-20 17:33 - 2014-01-02 17:07 - 00000000 ____D C:\Users\Ray\AppData\Roaming\vlc
2017-05-20 17:10 - 2017-03-03 05:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-20 16:43 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-20 13:39 - 2016-11-18 16:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-20 13:39 - 2015-08-23 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-20 13:21 - 2013-12-29 19:04 - 00000000 ____D C:\Users\Ray\AppData\LocalLow\ant.com
2017-05-16 20:44 - 2013-12-30 02:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2017-05-16 20:44 - 2013-12-30 02:40 - 00000000 ____D C:\ProgramData\InstallMate
2017-05-16 20:38 - 2016-05-29 14:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-05-16 20:38 - 2016-05-29 14:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-05-16 20:38 - 2013-08-22 10:44 - 00528752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-16 20:33 - 2015-04-15 15:38 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-16 20:33 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-05-16 20:33 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-16 20:33 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-05-16 20:33 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-16 19:03 - 2016-05-29 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-05-14 09:00 - 2016-02-04 11:37 - 00000638 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job
2017-05-11 14:11 - 2016-04-07 07:41 - 00000000 ____D C:\Users\Ray\Desktop\J.R.s Folder
2017-05-09 11:42 - 2016-03-19 21:19 - 00004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-09 11:42 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 11:42 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-28 16:49 - 2017-03-03 05:38 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 16:49 - 2017-03-03 05:38 - 00003202 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2013-12-30 01:21 - 2017-05-23 16:27 - 0043408 _____ () C:\Users\Ray\AppData\Roaming\wklnhst.dat
2016-05-29 20:53 - 2016-05-29 20:53 - 0004608 _____ () C:\Users\Ray\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-05 18:38 - 2016-12-05 18:38 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-01-03 18:45 - 2014-01-03 18:53 - 0000819 _____ () C:\ProgramData\hpzinstall.log
2016-05-29 20:22 - 2016-05-29 20:22 - 0000016 _____ () C:\ProgramData\mntemp
2016-05-29 20:22 - 2016-05-29 20:22 - 0004906 _____ () C:\ProgramData\oqztiqep.adk
2016-08-05 08:17 - 2016-08-05 08:17 - 0000032 _____ () C:\ProgramData\Temp.log
2014-11-30 15:15 - 2014-11-30 15:15 - 0005098 _____ () C:\ProgramData\vczcspay.tpu
2013-09-24 18:44 - 2013-09-24 18:44 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-09-24 18:41 - 2013-09-24 18:42 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-09-24 18:42 - 2013-09-24 18:43 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-09-24 18:40 - 2013-09-24 18:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-09-24 18:43 - 2013-09-24 18:44 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Some files in TEMP:
====================
2017-03-02 19:57 - 2016-08-13 03:40 - 1737080 _____ (Microsoft Corporation) C:\Users\Ray\AppData\Local\Temp\dllnt_dump.dll
2017-04-19 08:49 - 2017-04-19 08:49 - 0739904 _____ (Oracle Corporation) C:\Users\Ray\AppData\Local\Temp\jre-8u131-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-11-27 11:33

==================== End of FRST.txt ============================
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017
Ran by Ray (26-05-2017 22:02:39)
Running from C:\Users\Ray\Downloads
Windows 8.1 (Update) (X64) (2014-10-22 20:35:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2801032338-2342425128-3870613798-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2801032338-2342425128-3870613798-501 - Limited - Disabled)
Ray (S-1-5-21-2801032338-2342425128-3870613798-1001 - Administrator - Enabled) => C:\Users\Ray

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Aimersoft Audio Converter(Build 1.1.41) (HKLM-x32\...\Aimersoft Audio Converter_is1) (Version: - Aimersoft Software)
Aimersoft DVD Creator(Build 1.1.22) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version: - Aimersoft Software)
Aimersoft DVD Ripper(Build 1.1.41) (HKLM-x32\...\Aimersoft DVD Ripper_is1) (Version: - Aimersoft Software)
Aimersoft DVD Studio Pack(Build 1.1.41) (HKLM-x32\...\Aimersoft DVD Studio Pack_is1) (Version: - Aimersoft Software)
Aimersoft Video Converter(Build 1.1.41) (HKLM-x32\...\Aimersoft Video Converter_is1) (Version: - Aimersoft Software)
Amazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.2.0.153 - Amazon.com)
Amazon Unbox Video (x32 Version: 2.2.0.153 - Amazon.com) Hidden
Ant.com IE add-on (HKLM-x32\...\{B905CAA1-D6FF-4D21-8858-F8C610491C0B}) (Version: 2.2.4.1076 - Ant.com)
Any Video Converter 5.7.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Any Video Recorder version 1.0.4 (HKLM-x32\...\{17D86E62-4849-49BC-83D2-FA369CEEA9D9}_is1) (Version: 1.0.4 - anvsoft, Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avery Wizard 4.0 (HKLM-x32\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Chicken Invaders: Revenge of the Yolk (Christmas Edition) v3.20 (HKLM-x32\...\Chicken Invaders: Revenge of the Yolk (Christmas Edition)_is1) (Version: - InterAction studios)
ChrisPC Free VideoTube Downloader 9.3.4 (HKLM-x32\...\{6006089C-84B5-4F18-8113-1234567890DE}_is1) (Version: - Chris P.C. srl)
ChrisPC YTD Downloader MP3 Converter 2.40 (HKLM-x32\...\{6006089C-9ABC-4F18-ABCD-123456789801}_is1) (Version: - Chris P.C. srl)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)
File1 Package Manager (English version) (HKLM-x32\...\{F0805E9F-2F4C-4298-8CDC-83C1D8E4EC91}) (Version: 1.1.100 - Helios Technologies)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free Hide Folder (HKLM-x32\...\Free Hide Folder) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Officejet 4630 series Basic Device Software (HKLM\...\{38037A50-E9F1-41E4-9AA3-2E0A5A2FC4C5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
John's Background Switcher 4.14 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 4.14 - johnsadventures.com)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.321.0 - Tracker Software Products Ltd)
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{EE629820-EACD-4AAE-966D-DF1560A0ED2D}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
PySol Fan Club edition v.2.0 (HKLM-x32\...\PySol Fan Club edition_is1) (Version: - )
PySolFC Solitaire (a freeware Solitaire Game) version 1.1 (HKLM-x32\...\PySolFC Solitaire_is1) (Version: - )
Quit Counter (HKLM-x32\...\Quit Counter_is1) (Version: 1.2 - Xarka Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom HOME (HKLM-x32\...\{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}) (Version: 2.10.1 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Uninstall Dual Mode Camera (DT01) (HKLM-x32\...\DT01_2009_1026_1436_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vivitar Experience Image Manager (HKLM-x32\...\Vivitar Experience Image Manager) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Xilisoft DVD Copy Express (HKLM-x32\...\Xilisoft DVD Copy Express) (Version: 1.1.23.0824 - Xilisoft)
Xilisoft DVD Creator (HKLM-x32\...\Xilisoft DVD Creator) (Version: 3.0.39.1121 - Xilisoft)
Youtube Downloader HD v. 2.9.9.21 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Youtube to MP3 Converter v. 1.4 (HKLM-x32\...\Youtube to MP3 Converter_is1) (Version: - YoutubeDownloaderHD.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2801032338-2342425128-3870613798-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10E7CDFA-2463-4AA3-A931-EF99644B27C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {2B698B18-E3DE-4BA3-A4A0-99300FD8244C} - System32\Tasks\File1 Update Launch => C:\Program Files (x86)\Ant.com\File1 Package Manager\File1UL.exe [2014-04-30] (Helios Technologies Ltd.)
Task: {305486BC-CF31-4F18-B143-564AD42D6FB3} - System32\Tasks\TinyTakeUpgrade => C:\Users\Ray\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {46E0D154-DFBC-4003-8802-D3D51BE25062} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {4C874592-A1F9-4D5D-84FC-12271CCDCED5} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {4DDF5C1D-174C-4C4E-8C4E-CCC3B8D96F68} - System32\Tasks\HP AR Program Upload - 84bcb34db9f946e8944251e6026ab08ca421cfaa47f34d789a57faeab098e479 => C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {50CE3FBA-8E31-43C7-9D3F-3858745502D7} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2017-03-06] (Tracker Software Products (Canada) Ltd.)
Task: {58FE5BF4-4E30-4242-9B37-A6EB97177E91} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {81DC8FE7-0BDA-499C-86E9-ADB8A3EEDE2E} - System32\Tasks\HP AR Program Upload - 7fc3a4d784604be2b4d002197f18f4ca3c1c5dd625304782ae6cf242c8b50f74 => C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {95D83143-E725-4C38-8FEF-37E28CA3643E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {A3681D03-7A5B-46AE-AEC0-2F1434932837} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {B841A3BF-74F2-4198-8BC3-C6B187408409} - System32\Tasks\HP AR Program Upload - ebbb76cf134e4ad4b2eae894a4122e0c067f88a663394b6ebaff748f40240995 => C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {B8B63F70-D4B8-4452-97E7-FDAF10FBC78C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {BA58B807-D5A9-4B82-97CD-0ACADF6C23B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-24] (Microsoft Corporation)
Task: {BD0B2236-0C42-44AC-9DB1-B8894B3BF670} - System32\Tasks\HP AR Program Upload - 84e70fa7d4d743919ccd443c3d6132b0d6d744ae387342e19f32bc3d5b168979 => C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {C3CA267B-59D5-435A-B99C-E24A8A70FA5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-03] (Google Inc.)
Task: {D7DD2F8C-5FB0-41DC-ADA7-7139CBD5A1F5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {D8AC50E5-57DE-4865-B539-E7F7D601F9E2} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {DC97E556-53E4-40B4-9843-C6793A6DD3DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-03] (Google Inc.)
Task: {E12FB32E-7A8A-4D6C-85D2-C79BDD75F5D3} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E43F873B-9CC5-4CEC-AFEE-67FBF2DBD1CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E6300A07-8445-47C6-8435-11C170C5357A} - System32\Tasks\HP AR Program Upload - a43eef6a7e9b47b7ae82508c4f0e48c6a506510c79cb4d6abc72fe4be41fc96f => C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {E854B597-C9BE-47FA-827D-4A4D73977A77} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe
Task: {FB9D4695-A5E8-428D-97E9-FD3CCA21028C} - System32\Tasks\HP AR Program Upload - f83b9e52d02f4a0082c5a5033800ab2cd0be4d2648994ccebb5ee7a48159d05f => C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {FC3168F0-5526-43EE-B651-C173054AA193} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {FF9D33D7-56DA-4D71-AB20-38BE083343F7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ray\Desktop\My DVD Burners ETC\Disable_Windows_8_Explorer_Auto_Arrange - Shortcut.lnk -> C:\Users\Ray\Downloads\Disable_Windows_8_Explorer_Auto_Arrange.bat ()
Shortcut: C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2013-09-24 18:45 - 2013-04-19 18:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-09-24 18:45 - 2013-04-19 18:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-09-24 18:45 - 2013-04-19 18:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2011-11-23 21:21 - 2011-11-23 21:21 - 00105576 ____R () C:\Users\Ray\Desktop\My Documents\Downloads from Google ETC\LimelightDownloadManager.dll
2013-09-24 18:37 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 01:26 - 2017-03-02 19:40 - 00000035 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ray\AppData\Roaming\johnsadventures.com\Background Switcher\ActiveBackground.jpg
DNS Servers: 208.180.42.68 - 208.180.42.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Amazon Unbox.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Device Monitor 4.lnk"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\StartupApproved\Run: => "PCShowServer"
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\StartupApproved\Run: => "TomTomHOME.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2E5CE9F1-F4FE-4A1C-BEC2-1FC2E81A853A}] => (Allow) LPort=1900
FirewallRules: [{D754747E-683E-4057-97C5-70B1A9D5027D}] => (Allow) LPort=2869
FirewallRules: [{C923C4C6-9B49-40C7-9371-572B12BDE35B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5E061F47-6AD2-47FF-95CB-54C7A1A1431F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{86FB472A-4CE5-460E-8F27-B2372E8D6165}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{990B95F7-EF83-4ECE-BF6F-A4D69FC9F83F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{68D3E9AF-C61B-4FAE-BD1F-BC06782A0D14}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8B34ACD6-5D32-4A76-91D9-350DB78A9719}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{83E4B487-6614-4483-BC48-0D08204DE91F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{5F9D9918-1620-4A0F-B3A6-3871EDA5216A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{66173C11-6A8B-4C38-A038-9987D21B6297}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{8D120410-D7AB-457F-BBC3-4D639F3ECD8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{434E3162-983B-4CEB-8848-EE80A576B6A5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{487853B9-8D61-4D6B-809C-D76F3B89C308}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FBC077C7-0DF8-4FF6-AFB8-7717F6A41847}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{D5B8730B-52FD-4209-91C7-A622375CE37F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{1166F700-646D-4E42-980B-801C723E1DD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{45ECB300-8CB2-46D4-A602-131B4A7EBAF1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{EB358FD7-4A9C-43C1-9A47-E94F2085EC6A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1EA55450-82A8-4B6A-BCFA-C9956BF9F6C1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3E248B0D-F208-403E-A33F-494DBF5B0FEC}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{E8016474-50EB-4A04-91D9-F5164E57AA4E}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{D68BE6A3-B344-4B65-B42B-D6E6B0442842}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4EF0A35F-1644-4EAB-AAD6-F5AAC83A838D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26C770EF-9A12-4E13-BD11-F8A0A732D5ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26511AD0-4D0A-497B-BAC4-1D4753F73A68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C6965E-8ADD-4E7A-BA14-C23E63E2D2C7}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{51495EF1-E86D-4ECE-8997-C256208A36BB}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{EA0CBA7E-BE68-4560-B88C-1F3984750FE4}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{794685D0-75B0-40ED-A213-C17F6356FCEB}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{78BB779D-F662-4775-9CF7-4324145858C4}] => (Allow) LPort=5357
FirewallRules: [{69FEF454-9429-400D-99A8-36C38C1B3476}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{024B6ACD-BCFB-4671-A003-390D3A58B2ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{784D2CF3-86EF-451C-8106-2AD1AFA913E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

31-03-2017 18:59:38 Installed TomTom HOME.
16-05-2017 18:54:11 Windows Update
20-05-2017 17:05:07 Revo Uninstaller's restore point - Google Chrome
24-05-2017 17:45:31 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2017 09:25:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6584.81, time stamp: 0x54ee4835
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794
Exception code: 0xe0434352
Fault offset: 0x00000000000095fc
Faulting process id: 0xe10
Faulting application start time: 0x01d2d55a63fe6fa7
Faulting application path: C:\Program Files\Dell\SupportAssist\pcdrcui.exe
Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report Id: a3156596-414d-11e7-834d-c81f66038689
Faulting package full name:
Faulting package-relative application ID:

Error: (05/25/2017 09:25:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: pcdrcui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ApplicationException
Stack:
at pcd.models.properties.CustomizationManager.get_IsThirdwave()
at pcd.controllers.commandline.CommandLineManagerFactory.InitMyDellCLM(appupdatercommon.utilities.CommandLineManager, System.String[])
at pcd.controllers.MainController.InitCommandLineManagerWithArgs(System.String[])
at wpfview.Program.Main(System.String[])

Error: (05/25/2017 09:21:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 53.0.3.6347, time stamp: 0x591d55d1
Faulting module name: MSON***T.DLL, version: 11.0.6715.60, time stamp: 0x43306199
Exception code: 0xc0000005
Fault offset: 0x00052b84
Faulting process id: 0x40c
Faulting application start time: 0x01d2d5573f958920
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSON***T.DLL
Report Id: 0da0a13e-414d-11e7-834d-c81f66038689
Faulting package full name:
Faulting package-relative application ID:

Error: (05/24/2017 10:19:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6584.81, time stamp: 0x54ee4835
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff89f6db69a
Faulting process id: 0x10ec
Faulting application start time: 0x01d2d498af88ef98
Faulting application path: C:\Program Files\Dell\SupportAssist\pcdrcui.exe
Faulting module path: unknown
Report Id: ee4086b4-408b-11e7-834c-c81f66038689
Faulting package full name:
Faulting package-relative application ID:

Error: (05/24/2017 10:19:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: pcdrcui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ApplicationException
Stack:
at pcd.models.properties.CustomizationManager.get_IsThirdwave()
at pcd.controllers.commandline.CommandLineManagerFactory.InitMyDellCLM(appupdatercommon.utilities.CommandLineManager, System.String[])
at pcd.controllers.MainController.InitCommandLineManagerWithArgs(System.String[])
at wpfview.Program.Main(System.String[])

Error: (05/23/2017 09:43:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6584.81, time stamp: 0x54ee4835
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794
Exception code: 0xe0434352
Fault offset: 0x00000000000095fc
Faulting process id: 0xe1c
Faulting application start time: 0x01d2d3ca8b2d658c
Faulting application path: C:\Program Files\Dell\SupportAssist\pcdrcui.exe
Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report Id: c9e9c176-3fbd-11e7-834c-c81f66038689
Faulting package full name:
Faulting package-relative application ID:

Error: (05/23/2017 09:43:23 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: pcdrcui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ApplicationException
Stack:
at pcd.models.properties.CustomizationManager.get_IsThirdwave()
at pcd.controllers.commandline.CommandLineManagerFactory.InitMyDellCLM(appupdatercommon.utilities.CommandLineManager, System.String[])
at pcd.controllers.MainController.InitCommandLineManagerWithArgs(System.String[])
at wpfview.Program.Main(System.String[])

Error: (05/23/2017 08:54:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
Faulting module name: combase.dll, version: 6.3.9600.18666, time stamp: 0x58f317cc
Exception code: 0xc0000005
Fault offset: 0x000441bf
Faulting process id: 0x394
Faulting application start time: 0x01d2d3c37e34788a
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\combase.dll
Report Id: fc855b2d-3fb6-11e7-834b-c81f66038689
Faulting package full name:
Faulting package-relative application ID:

Error: (05/22/2017 05:50:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 53.0.3.6347, time stamp: 0x591d55d1
Faulting module name: MSON***T.DLL, version: 11.0.6715.60, time stamp: 0x43306199
Exception code: 0xc0000005
Fault offset: 0x00052b84
Faulting process id: 0xba4
Faulting application start time: 0x01d2d3419f59fb3e
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSON***T.DLL
Report Id: b0c1bce9-3f38-11e7-834b-c81f66038689
Faulting package full name:
Faulting package-relative application ID:

Error: (05/22/2017 10:43:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6584.81, time stamp: 0x54ee4835
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794
Exception code: 0xe0434352
Fault offset: 0x00000000000095fc
Faulting process id: 0x115c
Faulting application start time: 0x01d2d309cfaa7b25
Faulting application path: C:\Program Files\Dell\SupportAssist\pcdrcui.exe
Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report Id: 0d7f8f64-3efd-11e7-834a-c81f66038689
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (05/24/2017 10:30:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

Error: (05/24/2017 10:28:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the WlanSvc service.

Error: (05/21/2017 08:59:37 PM) (Source: DCOM) (EventID: 10010) (User: JIMMY)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

Error: (05/21/2017 08:59:37 PM) (Source: DCOM) (EventID: 10010) (User: JIMMY)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

Error: (05/21/2017 02:09:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

Error: (05/21/2017 02:07:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the WlanSvc service.

Error: (05/20/2017 05:21:41 PM) (Source: DCOM) (EventID: 10016) (User: JIMMY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user Jimmy\Ray SID (S-1-5-21-2801032338-2342425128-3870613798-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/20/2017 05:21:41 PM) (Source: DCOM) (EventID: 10016) (User: JIMMY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user Jimmy\Ray SID (S-1-5-21-2801032338-2342425128-3870613798-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/20/2017 01:13:59 PM) (Source: DCOM) (EventID: 10016) (User: JIMMY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user Jimmy\Ray SID (S-1-5-21-2801032338-2342425128-3870613798-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/20/2017 01:13:59 PM) (Source: DCOM) (EventID: 10016) (User: JIMMY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user Jimmy\Ray SID (S-1-5-21-2801032338-2342425128-3870613798-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
Date: 2017-05-23 10:20:58.386
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-23 10:20:58.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-23 10:20:57.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-23 10:20:57.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-18 16:41:18.338
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-18 16:41:18.014
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-18 16:41:17.683
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-18 16:41:17.355
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-17 23:34:10.457
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-17 23:34:10.097
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\EasyRedirect64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8066.05 MB
Available physical RAM: 6092.69 MB
Total Virtual: 9346.05 MB
Available Virtual: 6936.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.77 GB) (Free:513.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6AA7D01A)

Partition: GPT.

==================== End of Addition.txt ============================
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Jimmy,

On looking into this problem it seemed that there was a few things that caused this.
  • Incorrect Firewall rules
  • Conflict with an old AV that hadn't been uninstalled correctly
  • Also clearing the caches etc can sometimes help.
The first 2 are the things I wanted to look into.
The report shows that these are ok.
The clearing of the caches we can deal with, within the fix.

There are a few things that I'd like to mention about the findings....

File1 Package Manager
Did you actually install this yourself?
It does normally come bundled as a third party program with a legit program that you install.
If you didn't install this yourself, I recommend that you remove it.

Amazon Unbox Video
This is a very old program and has actually been discontinued for a couple of years now.
It's never wise to keep discontinued programs on your system.
Amazon did give instructions on how to still see any downloaded videos.

About Watching Videos Previously Downloaded to Your PC

Updated Ad Blocker for Firefox 11+
Adblock Plus
uBlock Origin
This is a bit of overkill.
uBlock Origin would be all you need.
Having the others may cause conflicts as they're all trying to do the same thing.

There are a few things that should be removed with a fix.....

Please download the attached fixlist.txt file (bottom of this post) and save it to C:\Users\Ray\Downloads.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.



The tool will make a log in the Download folder (Fixlog.txt). Please post this in your next reply.

Thanks
 

Attachments

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017
Ran by Ray (27-05-2017 23:39:49) Run:2
Running from C:\Users\Ray\Downloads
Loaded Profiles: Ray (Available Profiles: Ray & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
SearchScopes: HKU\S-1-5-21-2801032338-2342425128-3870613798-1001 -> {9E00ED14-DDAB-4086-B889-8ACD884A8ECF} URL =
Toolbar: HKU\S-1-5-21-2801032338-2342425128-3870613798-1001 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - No File
2017-03-02 19:57 - 2016-08-13 03:40 - 1737080 _____ (Microsoft Corporation) C:\Users\Ray\AppData\Local\Temp\dllnt_dump.dll
2017-04-19 08:49 - 2017-04-19 08:49 - 0739904 _____ (Oracle Corporation) C:\Users\Ray\AppData\Local\Temp\jre-8u131-windows-au.exe
2016-05-29 20:22 - 2016-05-29 20:22 - 0004906 _____ () C:\ProgramData\oqztiqep.adk
2014-11-30 15:15 - 2014-11-30 15:15 - 0005098 _____ () C:\ProgramData\vczcspay.tpu
2013-09-24 18:44 - 2013-09-24 18:44 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-09-24 18:41 - 2013-09-24 18:42 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-09-24 18:42 - 2013-09-24 18:43 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-09-24 18:40 - 2013-09-24 18:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-09-24 18:43 - 2013-09-24 18:44 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\...\StartupApproved\Run: => "BitTorrent"
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
*****************

HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9E00ED14-DDAB-4086-B889-8ACD884A8ECF} => key removed successfully
HKCR\CLSID\{9E00ED14-DDAB-4086-B889-8ACD884A8ECF} => key not found.
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2E924F4F-67F0-4BD8-9560-49F468E843D2} => value removed successfully
HKCR\CLSID\{2E924F4F-67F0-4BD8-9560-49F468E843D2} => key not found.
C:\Users\Ray\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Ray\AppData\Local\Temp\jre-8u131-windows-au.exe => moved successfully
C:\ProgramData\oqztiqep.adk => moved successfully
C:\ProgramData\vczcspay.tpu => moved successfully
C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log => moved successfully
C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log => moved successfully
C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log => moved successfully
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => moved successfully
C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F02587F-8A2B-4552-97F6-DEEF229E335B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F02587F-8A2B-4552-97F6-DEEF229E335B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance => key removed successfully
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\BitTorrent => value removed successfully
HKU\S-1-5-21-2801032338-2342425128-3870613798-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => value not found.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 239191101 B
Java, Flash, Steam htmlcache => 20052 B
Windows/system/drivers => 7468961 B
Edge => 0 B
Chrome => 6822861 B
Firefox => 404746096 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => -658 B
Ray => 1020456283 B
Administrator => 0 B

RecycleBin => 9367386586 B
EmptyTemp: => 10.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:41:03 ====
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
I still cant get on the internet with Chrome,I tried to send an attachment showing the message from Chrome but for some reason I cant. The message did say something about reconnecting the wi-fi. How would I do that? Thanks for all the help I am getting too.
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Location
Midlands, UK
PC Experience
Very Experienced
Hi Jimmy,

Sorry for the late reply....

The message did say something about reconnecting the wi-fi. How would I do that?
Turn your router off from the mains..... wait about 5 minutes, then turn it back on.
Once the lights have settled try chrome again.
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
I did that and still no internet,however from settings I was able to send a report an issue .
 

KenB

Administrator
Joined
Oct 19, 2008
Location
Wirral UK
PC Experience
Very Experienced
Hi,

Go to the following location please ......

C: > Programs > Google > Chrome > Application
Right click on "Chrome" > Properties

If Chrome here is "Read Only" uncheck it > Apply > OK
[ you will need admin privileges ]
You may need to reboot.

Try accessing Chrome again.

At the start ........ C: > Programs ......... I had to use Programs[x86] to find Chrome folder :)

================

I don't think I asked earlier ....... What happens when you click on the Chrome icon when trying to access the net ?
 

jimmyedwards

Free PC Help Contributor
Joined
Oct 7, 2013
PC Experience
Some Experience
I tried your suggestions and still no internet on Chrome,when i click on the Google icon it goes to Google and then when I click on any thing it shows the dinosaur and the no internet message. I tried to go advanced and send screen shots of the messages but I do it. I tried to delete my old files so I could add screenshots but I cant figure out how to delete them.
 
Top Bottom