Reply To: [Resolved] Pop-up all the time. 2016-09-07T13:55:24+00:00

Home Forums Virus, Trojan, Spyware, and Malware Removal Logs [Resolved] Pop-up all the time. Reply To: [Resolved] Pop-up all the time.

HappySos
Participant
Post count: 6

Hello,

I have try to upload my reports but the website is offline ?

The first logfile :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by test (administrator) on TEST-PC (06-03-2016 03:30:50)
Running from C:UsersTomDesktop
Loaded Profiles: test (Available Profiles: test)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Skype Technologies S.A.) C:Program Files (x86)SkypePhoneSkype.exe
(TeamViewer GmbH) C:Program Files (x86)TeamViewerTeamViewer_Service.exe
(Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(Microsoft Corporation) C:WindowsSystem32dllhost.exe
() C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe
(Tuto4PC) C:Program Files (x86)DailyPCCleanDPCCSchedule.exe
(Tuto4PC) C:Program Files (x86)DailyPCCleanDailyPCClean.exe
() C:Program Files (x86)TopFlixdnsnorthlake.exe
(pcspeeduppro.net) C:Program FilesPC-Speedup-Propcsp.exe
() C:Program Files (x86)TopFlixdnsnorthlake.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32...Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32...RunOnce: [updpcc_en_026010153.exe] => C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe [3323568 2015-11-21] ()
HKUS-1-5-21-1146954719-197784650-3855368955-1000...Run: [Skype] => C:Program Files (x86)SkypePhoneSkype.exe [50599552 2016-02-10] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 192.168.239.2
Tcpip..Interfaces{8979A870-8985-41F7-A8D4-25931150E6FF}: [NameServer] 82.163.143.156,82.163.142.158
Tcpip..Interfaces{8979A870-8985-41F7-A8D4-25931150E6FF}: [DhcpNameServer] 192.168.239.2

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_73binssv.dll [2016-03-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_73binjp2ssv.dll [2016-03-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre1.8.0_73binssv.dll [2016-03-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre1.8.0_73binjp2ssv.dll [2016-03-05] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:Windowssystem32urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:WindowsSysWOW64urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:Windowssystem32urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:WindowsSysWOW64urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:Program FilesJavajre1.8.0_73bindtpluginnpDeployJava1.dll [2016-03-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:Program FilesJavajre1.8.0_73binplugin2npjp2.dll [2016-03-05] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:Program FilesVideoLANVLCnpvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:Program Files (x86)Javajre1.8.0_73bindtpluginnpDeployJava1.dll [2016-03-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:Program Files (x86)Javajre1.8.0_73binplugin2npjp2.dll [2016-03-05] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.29.5npGoogleUpdate3.dll [2016-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.29.5npGoogleUpdate3.dll [2016-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2016-01-20] (VideoLAN)

Chrome:
=======
CHR Profile: C:UsersTomAppDataLocalGoogleChromeUser DataDefault
CHR Extension: (Google Slides) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2016-03-05]
CHR Extension: (Google Docs) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2016-03-05]
CHR Extension: (Google Drive) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2016-03-05]
CHR Extension: (YouTube) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-05]
CHR Extension: (Google Sheets) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2016-03-05]
CHR Extension: (Google Docs Offline) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-05]
CHR Extension: (Chrome Web Store Payments) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2016-03-05]
CHR Extension: (Gmail) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2016-03-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 PCValidator; C:ProgramDataValidatorPCPCValidatorService.exe [29696 2015-11-04] (AppVerifierService) [File not signed]
R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:Windowssystem32driversevbda.sys [3286016 2009-06-10] (Broadcom Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 03:35 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:WindowsSysWOW64icardres.dll
2016-03-06 03:35 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:WindowsSysWOW64TsWpfWrp.exe
2016-03-06 03:35 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:WindowsSysWOW64icardagt.exe
2016-03-06 03:35 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:WindowsSysWOW64infocardapi.dll
2016-03-06 03:30 - 2016-03-06 03:31 - 00009201 _____ C:UsersTomDesktopFRST.txt
2016-03-06 03:30 - 2016-03-06 03:30 - 00000000 ____D C:FRST
2016-03-06 03:29 - 2016-03-06 03:29 - 02374144 _____ (Farbar) C:UsersTomDesktopFRST64.exe
2016-03-05 14:53 - 2016-03-06 03:29 - 00000216 _____ C:appmanager.txt
2016-03-05 14:53 - 2016-03-05 14:54 - 00003038 _____ C:WindowsSystem32TasksPC-Speedup-Pro_Logon
2016-03-05 14:53 - 2016-03-05 14:53 - 00057560 _____ C:UsersTomAppDataLocalGDIPFONTCACHEV1.DAT
2016-03-05 14:53 - 2016-03-05 14:53 - 00003058 _____ C:WindowsSystem32TasksAppManager_logon
2016-03-05 14:53 - 2016-03-05 14:53 - 00000830 _____ C:UsersPublicDesktopPC-Speedup-Pro.lnk
2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:UsersTomAppDataRoamingpcspeeduppro.net
2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:UsersTomAppDataRoamingFileOpenerWindows
2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:UsersTomAppDataRoamingappmanager
2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:ProgramDataValidatorPC
2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:ProgramDataPCSpeedupPro.net
2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPC-Speedup-Pro
2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:Program FilesPC-Speedup-Pro
2016-03-05 14:52 - 2016-03-05 14:52 - 00000000 ____D C:Program Files (x86)VideoLAN
2016-03-05 14:51 - 2016-03-05 14:51 - 30510920 _____ C:UsersTomDownloadsHDVideoPlayer.exe
2016-03-05 14:49 - 2016-03-05 14:52 - 00000000 ____D C:UsersTomAppDataLocalDailyPcClean Support
2016-03-05 14:49 - 2016-03-05 14:49 - 00003232 _____ C:WindowsSystem32TasksDailyPCClean Schedule
2016-03-05 14:49 - 2016-03-05 14:49 - 00001055 _____ C:UsersTomDesktopDailyPCClean.lnk
2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:UsersTomDocumentsDailyPCClean
2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:UsersTomAppDataRoamingDailyPCClean
2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDailyPCClean
2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:Program Files (x86)DailyPcClean Support
2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:Program Files (x86)DailyPCClean
2016-03-05 14:43 - 2016-03-06 03:29 - 00000000 ____D C:UsersTomAppDataRoamingSkype
2016-03-05 14:43 - 2016-03-05 14:43 - 00026340 _____ C:WindowsSystem32TasksDNSNORTHLAKE
2016-03-05 14:43 - 2016-03-05 14:43 - 00000000 ____D C:Program Files (x86)TopFlix
2016-03-05 11:17 - 2015-02-03 18:54 - 00318464 _____ (Microsoft Corporation) C:WindowsSysWOW64WMPhoto.dll
2016-03-05 08:24 - 2016-03-05 08:24 - 00000000 ____D C:Program Files (x86)SearchProtect
2016-03-05 08:19 - 2016-03-05 08:19 - 00002697 _____ C:UsersPublicDesktopSkype.lnk
2016-03-05 08:19 - 2016-03-05 08:19 - 00000000 ___RD C:Program Files (x86)Skype
2016-03-05 08:19 - 2016-03-05 08:19 - 00000000 ____D C:UsersTomAppDataLocalGoogle
2016-03-05 08:19 - 2016-03-05 08:19 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
2016-03-05 08:18 - 2016-03-05 08:19 - 00000000 ____D C:ProgramDataSkype
2016-03-05 08:18 - 2016-03-05 08:18 - 00001351 _____ C:UsersPublicDesktopFoxit Reader.lnk
2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:UsersTomAppDataRoamingFoxit Software
2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:UsersTomAppDataRoamingFoxit AgentInformation
2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:UsersPublicFoxit Software
2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit Reader
2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:Program Files (x86)Foxit Software
2016-03-05 08:17 - 2016-03-05 14:52 - 00001066 _____ C:UsersPublicDesktopVLC media player.lnk
2016-03-05 08:17 - 2016-03-05 08:17 - 00001043 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsTeamViewer 11.lnk
2016-03-05 08:17 - 2016-03-05 08:17 - 00001031 _____ C:UsersPublicDesktopTeamViewer 11.lnk
2016-03-05 08:17 - 2016-03-05 08:17 - 00001019 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAudacity.lnk
2016-03-05 08:17 - 2016-03-05 08:17 - 00001007 _____ C:UsersPublicDesktopAudacity.lnk
2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:UsersTomAppDataRoamingTeamViewer
2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:Program FilesVideoLAN
2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:Program Files (x86)TeamViewer
2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:Program Files (x86)Audacity
2016-03-05 08:16 - 2016-03-05 08:16 - 00001264 _____ C:UsersTomDesktopRevo Uninstaller.lnk
2016-03-05 08:16 - 2016-03-05 08:16 - 00001037 _____ C:UsersPublicDesktopNotepad++.lnk
2016-03-05 08:16 - 2016-03-05 08:16 - 00000984 _____ C:UsersPublicDesktopFileZilla.lnk
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:UsersTomAppDataRoamingNotepad++
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:UsersTomAppDataRoamingMicrosoftWindowsStart MenuProgramsRevo Uninstaller
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFileZilla FTP Client
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms7-Zip
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program FilesFileZilla FTP Client
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program Files7-Zip
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program Files (x86)VS Revo Group
2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program Files (x86)Notepad++
2016-03-05 08:15 - 2016-03-05 08:14 - 00110176 _____ (Oracle Corporation) C:Windowssystem32WindowsAccessBridge-64.dll
2016-03-05 08:13 - 2016-03-05 08:13 - 00000000 ____D C:Program FilesJava
2016-03-05 08:12 - 2016-03-05 08:15 - 00000000 ____D C:UsersTom.oracle_jre_usage
2016-03-05 08:12 - 2016-03-05 08:15 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2016-03-05 08:12 - 2016-03-05 08:12 - 00097888 _____ (Oracle Corporation) C:WindowsSysWOW64WindowsAccessBridge-32.dll
2016-03-05 08:12 - 2016-03-05 08:12 - 00000000 ____D C:UsersTomAppDataRoamingSun
2016-03-05 08:12 - 2016-03-05 08:12 - 00000000 ____D C:UsersTomAppDataLocalLowSun
2016-03-05 08:11 - 2016-03-06 03:31 - 00000898 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
2016-03-05 08:11 - 2016-03-05 14:43 - 00000894 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
2016-03-05 08:11 - 2016-03-05 08:11 - 00003894 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineUA
2016-03-05 08:11 - 2016-03-05 08:11 - 00003642 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineCore
2016-03-05 08:11 - 2016-03-05 08:11 - 00002195 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2016-03-05 08:11 - 2016-03-05 08:11 - 00002183 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2016-03-05 08:11 - 2016-03-05 08:11 - 00001159 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMozilla Firefox.lnk
2016-03-05 08:11 - 2016-03-05 08:11 - 00001147 _____ C:UsersPublicDesktopMozilla Firefox.lnk
2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:UsersTomAppDataLocalLowOracle
2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:ProgramDataOracle
2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Mozilla Firefox
2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Java
2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Google
2016-02-18 01:51 - 2012-02-16 22:38 - 01031680 _____ (Microsoft Corporation) C:Windowssystem32rdpcore.dll
2016-02-18 01:51 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:WindowsSysWOW64rdpcore.dll
2016-02-18 01:51 - 2012-02-16 20:58 - 00210944 _____ (Microsoft Corporation) C:Windowssystem32Driversrdpwd.sys
2016-02-18 01:51 - 2012-02-16 20:57 - 00023552 _____ (Microsoft Corporation) C:Windowssystem32Driverstdtcp.sys
2016-02-18 00:39 - 2016-03-05 08:12 - 00000000 ____D C:UsersTom
2016-02-18 00:39 - 2016-02-18 00:39 - 00001443 _____ C:UsersTomAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
2016-02-18 00:39 - 2016-02-18 00:39 - 00001409 _____ C:UsersTomAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer (64-bit).lnk
2016-02-18 00:39 - 2016-02-18 00:39 - 00000020 ___SH C:UsersTomntuser.ini
2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomMy Documents
2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomDocumentsMy Videos
2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomDocumentsMy Pictures
2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomDocumentsMy Music
2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 ____D C:UsersTomAppDataLocalVirtualStore
2016-02-18 00:39 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:Windowssystem32wuwebv.dll
2016-02-18 00:39 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:WindowsSysWOW64wuwebv.dll
2016-02-18 00:39 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:Windowssystem32wuapp.exe
2016-02-18 00:39 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:WindowsSysWOW64wuapp.exe
2016-02-18 00:39 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:Windowssystem32wuaueng.dll
2016-02-18 00:39 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:Windowssystem32wuapi.dll
2016-02-18 00:39 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:WindowsSysWOW64wuapi.dll
2016-02-18 00:39 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:Windowssystem32wuauclt.exe
2016-02-18 00:39 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:Windowssystem32wups2.dll
2016-02-18 00:39 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:Windowssystem32wups.dll
2016-02-18 00:39 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:WindowsSysWOW64wups.dll
2016-02-18 00:39 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:Windowssystem32wucltux.dll
2016-02-18 00:39 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:Windowssystem32wudriver.dll
2016-02-18 00:39 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:WindowsSysWOW64wudriver.dll
2016-02-18 00:39 - 2011-04-12 00:28 - 00000000 ____D C:UsersTomAppDataRoamingMedia Center Programs
2016-02-17 22:52 - 2016-02-17 22:52 - 00001345 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMedia Center.lnk
2016-02-17 22:52 - 2016-02-17 22:52 - 00001326 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows DVD Maker.lnk
2016-02-17 22:50 - 2016-02-18 00:39 - 00000000 ____D C:WindowsPanther
2016-02-17 22:46 - 2016-02-17 22:46 - 00000000 ____D C:Windows.old

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 03:29 - 2009-07-13 20:45 - 00016656 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 03:29 - 2009-07-13 20:45 - 00016656 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-05 14:51 - 2009-07-13 21:13 - 00713888 _____ C:Windowssystem32PerfStringBackup.INI
2016-03-05 14:51 - 2009-07-13 19:20 - 00000000 ____D C:Windowsinf
2016-03-05 14:43 - 2009-07-13 21:08 - 00000006 ____H C:WindowsTasksSA.DAT
2016-03-05 14:43 - 2009-07-13 20:45 - 00275432 _____ C:Windowssystem32FNTCACHE.DAT
2016-03-05 14:43 - 2009-07-13 19:20 - 00000000 ____D C:WindowsRegistration
2016-02-18 00:40 - 2009-07-13 19:20 - 00000000 ____D C:Program FilesCommon FilesMicrosoft Shared
2016-02-18 00:39 - 2009-07-13 19:20 - 00000000 ____D C:Windowsrescache
2016-02-17 22:52 - 2009-07-13 19:20 - 00000000 ____D C:Windowssystem32sysprep
2016-02-17 22:50 - 2011-04-12 00:28 - 00000000 ____D C:WindowsCSC
2016-02-17 22:49 - 2016-01-06 11:40 - 00008192 __RSH C:BOOTSECT.BAK
2016-02-17 22:49 - 2009-07-13 21:32 - 00028672 _____ C:Windowssystem32configBCD-Template

Some files in TEMP:
====================
C:UsersTomAppDataLocalTempxmlUpdater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:Windowssystem32winlogon.exe => File is digitally signed
C:Windowssystem32wininit.exe => File is digitally signed
C:WindowsSysWOW64wininit.exe => File is digitally signed
C:Windowsexplorer.exe => File is digitally signed
C:WindowsSysWOW64explorer.exe => File is digitally signed
C:Windowssystem32svchost.exe => File is digitally signed
C:WindowsSysWOW64svchost.exe => File is digitally signed
C:Windowssystem32services.exe => File is digitally signed
C:Windowssystem32User32.dll => File is digitally signed
C:WindowsSysWOW64User32.dll => File is digitally signed
C:Windowssystem32userinit.exe => File is digitally signed
C:WindowsSysWOW64userinit.exe => File is digitally signed
C:Windowssystem32rpcss.dll => File is digitally signed
C:Windowssystem32dnsapi.dll => File is digitally signed
C:WindowsSysWOW64dnsapi.dll => File is digitally signed
C:Windowssystem32Driversvolsnap.sys => File is digitally signed


LastRegBack: 2016-02-17 22:50

==================== End of FRST.txt ============================

The next :

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by test (2016-03-06 03:44:45)
Running from C:UsersTomDesktop
Windows 7 Professional Service Pack 1 (X64) (2016-02-18 08:39:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1146954719-197784650-3855368955-500 - Administrator - Disabled)
Guest (S-1-5-21-1146954719-197784650-3855368955-501 - Limited - Disabled)
test (S-1-5-21-1146954719-197784650-3855368955-1000 - Administrator - Enabled) => C:UsersTom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM...7-Zip) (Version: 15.14 - Igor Pavlov)
Audacity 2.1.2 (HKLM-x32...Audacity®_is1) (Version: 2.1.2 - Audacity Team)
DailyPcClean Support (HKLM-x32...dpcc_en_026010153_is1) (Version: - Tuto4PC.Com) < ==== ATTENTION
DailyPCClean v4.1 (HKLM-x32...DailyPCClean_is1) (Version: 4.1 - Tuto4PC.Com) < ==== ATTENTION
FileZilla Client 3.16.0 (HKLM-x32...FileZilla Client) (Version: 3.16.0 - Tim Kosse)
Foxit Reader (HKLM-x32...Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Google Chrome (HKLM-x32...{93EB1D27-3378-36DD-ACEC-380FEDB2297B}) (Version: 49.0.2623.75 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Java 8 Update 73 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32...Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32...MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
Notepad++ (HKLM-x32...Notepad++) (Version: 6.9 - Notepad++ Team)
PC-Speedup-Pro (HKLM...74F25055-8CA3-431A-9FA0-BBFDDFA37CE6_is1) (Version: PC-Speedup-Pro - )
Revo Uninstaller 1.95 (HKLM-x32...Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Setup (HKLM-x32...{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) < ==== ATTENTION
Skype™ 7.18 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32...TeamViewer) (Version: 11.0.56083 - TeamViewer)
TopFlix version 1.4 (HKLM-x32...{B1D4623E-00B2-49EC-988B-14944EAA3D1C}_is1) (Version: 1.4 - www.TopFlix.info)
VLC media player (HKLM...VLC media player) (Version: 2.2.2 - VideoLAN)
VLC media player (HKLM-x32...VLC media player) (Version: 2.2.2 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {081CD308-3169-4CB1-B761-A15FB14D54D3} - System32TasksAppManager_logon => C:UsersTomAppDataRoamingappmanagerappmanager.exe [2016-03-03] (AppManager)
Task: {17193911-2B31-4BA8-BE68-1F14DD191F3A} - System32TasksDailyPCClean Schedule => C:Program Files (x86)DailyPCCleanOSPCSchedule.exe < ==== ATTENTION
Task: {301BF373-92BF-47DE-BF53-11FB3F73F2EA} - System32TasksPC-Speedup-Pro_Logon => C:Program FilesPC-Speedup-Propcsp.exe [2016-03-03] (pcspeeduppro.net) < ==== ATTENTION
Task: {57BDF760-02B5-42A7-AC9F-0DB8EA9B086A} - System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2016-03-05] (Google Inc.)
Task: {A3698CE8-965B-4DE2-BAC2-2CFB52CF478F} - System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2016-03-05] (Google Inc.)
Task: {B529595B-ECAA-4A0B-89D0-B7A91F9E84EC} - System32TasksDNSNORTHLAKE => C:Program Files (x86)TopFlixdnsnorthlake.exe [2016-02-09] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:WindowsTasksGoogleUpdateTaskMachineCore.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
Task: C:WindowsTasksGoogleUpdateTaskMachineUA.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-29 02:23 - 2016-02-29 02:23 - 00052912 _____ () C:Program FilesFileZilla FTP Clientfzshellext_64.dll
2016-02-21 13:38 - 2016-02-21 13:38 - 00230064 _____ () C:Program Files (x86)Notepad++NppShell_06.dll
2016-03-05 14:49 - 2015-11-21 04:31 - 03323568 _____ () C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe
2016-03-05 14:43 - 2016-02-09 14:24 - 00674304 _____ () C:Program Files (x86)TopFlixdnsnorthlake.exe

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:Windowssystem32Driversetchosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-1146954719-197784650-3855368955-1000Control PanelDesktop\Wallpaper -> C:UsersTomAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg
DNS Servers: 82.163.143.156 - 82.163.142.158
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%system32sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%system32sppsvc.exe
FirewallRules: [{333D3A6C-D9B4-4B05-88CB-2E7DC6B90A51}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe
FirewallRules: [{588538B2-9ADA-419E-A63B-3291F9FAA9AD}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe
FirewallRules: [{C09118A2-ABA2-46A0-BF4F-7443A32EAC22}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe
FirewallRules: [{B8646927-1E29-4EF5-8A05-9BB09C744070}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe
FirewallRules: [{58F916C9-F0B3-4D86-9D2A-95A2AC3CE094}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe
FirewallRules: [{C15BE726-813B-44E7-9FD5-C8BC5F8148D3}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe
FirewallRules: [{0A27E02D-524D-4C90-806B-3BEBEAC686C7}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe
FirewallRules: [{40E0A5C5-1C4C-476D-BD42-57C99D05E2DC}] => (Allow) C:Program Files (x86)SkypePhoneSkype.exe

==================== Restore Points =========================

05-03-2016 12:13:53 Windows Update
06-03-2016 03:34:18 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2016 02:45:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2016 08:10:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2016 01:50:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2016 01:00:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2016 01:00:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2016 01:00:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2016 01:00:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2016 12:54:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2016 12:54:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/18/2016 12:53:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (03/05/2016 02:43:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:42:16 PM on ‎3/‎5/‎2016 was unexpected.

Error: (03/05/2016 02:40:51 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport DeviceNetBT_Tcpip_{8979A870-8985-41F7-A8D4-25931150E6FF} because another computer on the network has the same name. The server could not start.

Error: (03/05/2016 02:40:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Percentage of memory in use: 87%
Total physical RAM: 2047.49 MB
Available physical RAM: 253.13 MB
Total Virtual: 4094.98 MB
Available Virtual: 1796.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:40 GB) (Free:12.31 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 40 GB) (Disk ID: C1D5A3C9)
Partition 1: (Active) - (Size=40 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================