[RESOLVED] Links in emails and on web pages not wrking. - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 37

Thread: [RESOLVED] Links in emails and on web pages not wrking.

  1. #16
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Thanks Train
    I'd like to know if GMail is accessed with some other browser same problem exists.

  2. #17
    Join Date
    Apr 2000
    Location
    Sheboygan, WI
    Posts
    53,392
    Same with IE and/or edge if I remember right.

    Original thread
    http://discussions.virtualdr.com/sho...01#post1525701

  3. #18
    Join Date
    Feb 2017
    Posts
    39
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
    Ran by Imadreamer 2 (administrator) on IMADREAMER2-PC (24-02-2017 19:43:00)
    Running from C:\Users\Imadreamer 2\Desktop
    Loaded Profiles: Imadreamer 2 (Available Profiles: Imadreamer 2)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
    HKU\S-1-5-21-478529873-2400661344-62306198-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2014-02-08]
    ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 97.64.155.74 97.64.201.123
    Tcpip\..\Interfaces\{758C3A99-20C3-4B39-B29C-DE2978314891}: [DhcpNameServer] 97.64.155.74 97.64.201.123

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-478529873-2400661344-62306198-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-478529873-2400661344-62306198-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
    Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
    Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
    Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
    Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
    Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
    Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: 8l3hh72p.default-1408496619543
    FF ProfilePath: C:\Users\Imadreamer 2\AppData\Roaming\Mozilla\Firefox\Profiles\8l3hh72p.default-1408496619543 [2017-02-24]
    FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\8l3hh72p.default-1408496619543 -> Google
    FF Homepage: Mozilla\Firefox\Profiles\8l3hh72p.default-1408496619543 -> hxxps://mail.google.com/mail/u/0/#inbox
    FF Keyword.URL: Mozilla\Firefox\Profiles\8l3hh72p.default-1408496619543 ->
    FF Extension: (uBlock Origin) - C:\Users\Imadreamer 2\AppData\Roaming\Mozilla\Firefox\Profiles\8l3hh72p.default-1408496619543\Extensions\uBlock0@raymondhill.net.xpi [2017-02-20]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin HKU\S-1-5-21-478529873-2400661344-62306198-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Imadreamer 2\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
    FF Plugin HKU\S-1-5-21-478529873-2400661344-62306198-1000: @talk.google.com/O1DPlugin -> C:\Users\Imadreamer 2\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imadreamer 2\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imadreamer 2\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR dev: Chrome dev build detected! <======= ATTENTION

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed]
    R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
    S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2017-01-20] ()
    R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-23] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [110536 2017-02-23] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-02-23] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-23] (Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-02-24] (Malwarebytes)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
    R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-02-24 19:43 - 2017-02-24 19:43 - 00009413 _____ C:\Users\Imadreamer 2\Desktop\FRST.txt
    2017-02-24 18:10 - 2017-02-24 18:10 - 00003234 _____ C:\Windows\System32\Tasks\SidebarExecute
    2017-02-23 23:43 - 2017-02-23 23:43 - 00018177 _____ C:\ComboFix.txt
    2017-02-23 23:35 - 2011-06-26 00:45 - 00256000 _____ C:\Windows\PEV.exe
    2017-02-23 23:35 - 2010-11-07 11:20 - 00208896 _____ C:\Windows\MBR.exe
    2017-02-23 23:35 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2017-02-23 23:35 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2017-02-23 23:35 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2017-02-23 23:35 - 2000-08-30 18:00 - 00098816 _____ C:\Windows\sed.exe
    2017-02-23 23:35 - 2000-08-30 18:00 - 00080412 _____ C:\Windows\grep.exe
    2017-02-23 23:35 - 2000-08-30 18:00 - 00068096 _____ C:\Windows\zip.exe
    2017-02-23 23:29 - 2017-02-23 23:43 - 00000000 ____D C:\Qoobox
    2017-02-23 23:16 - 2017-02-23 23:16 - 05660168 ____R (Swearware) C:\Users\Imadreamer 2\Desktop\ComboFix.exe
    2017-02-23 21:26 - 2017-02-23 21:26 - 04015056 _____ C:\Users\Imadreamer 2\Desktop\AdwCleaner.exe
    2017-02-23 21:18 - 2017-02-23 23:47 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
    2017-02-23 21:17 - 2017-02-24 19:20 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2017-02-23 21:17 - 2017-02-23 23:47 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2017-02-23 21:17 - 2017-02-23 21:18 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-02-23 21:17 - 2017-02-23 21:18 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2017-02-23 21:17 - 2017-02-23 21:17 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-02-23 21:17 - 2017-02-23 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-02-23 21:17 - 2017-02-23 21:17 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-02-23 21:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
    2017-02-23 20:31 - 2017-02-23 20:31 - 00000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2017-02-23 20:31 - 2017-02-23 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2017-02-23 20:31 - 2017-02-23 20:31 - 00000000 ____D C:\Program Files\RogueKiller
    2017-02-23 20:27 - 2017-02-23 20:27 - 55566792 _____ (Malwarebytes ) C:\Users\Imadreamer 2\Desktop\mb3-setup-consumer-3.0.6.1469.exe
    2017-02-23 20:25 - 2017-02-23 20:25 - 34820824 _____ (Adlice Software ) C:\Users\Imadreamer 2\Desktop\setup.exe
    2017-02-22 17:04 - 2017-02-22 17:04 - 00020318 _____ C:\Users\Imadreamer 2\Desktop\1addition.txt
    2017-02-22 17:02 - 2017-02-22 17:02 - 00016431 _____ C:\Users\Imadreamer 2\Desktop\1first.txt
    2017-02-22 16:51 - 2017-02-24 19:43 - 00000000 ____D C:\FRST
    2017-02-22 16:51 - 2017-02-24 19:40 - 02423296 _____ (Farbar) C:\Users\Imadreamer 2\Desktop\FRST64.exe
    2017-02-21 19:23 - 2017-02-21 19:23 - 00218139 _____ C:\Users\Imadreamer 2\Desktop\The Unexpected Nanny - A Single Daddy-Nanny Short Romance - Michelle Love.mobi
    2017-02-21 11:29 - 2017-02-21 11:29 - 00000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2017-02-21 11:29 - 2017-02-21 11:29 - 00000924 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2017-02-21 11:29 - 2017-02-21 11:29 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2017-02-21 11:29 - 2017-02-21 11:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2017-02-21 11:26 - 2017-02-21 11:26 - 00000000 ____D C:\Users\Imadreamer 2\AppData\Roaming\Geek Uninstaller
    2017-02-21 11:25 - 2017-02-21 11:25 - 02793495 _____ C:\Users\Imadreamer 2\Downloads\geek.zip
    2017-02-21 11:25 - 2017-02-21 11:25 - 02793495 _____ C:\Users\Imadreamer 2\Desktop\geek uninstaller.zip
    2017-02-21 11:16 - 2017-02-21 11:16 - 00245392 _____ C:\Users\Imadreamer 2\Downloads\Firefox Setup Stub 51.0.1.exe
    2017-02-21 11:08 - 2017-02-21 11:08 - 47414800 _____ C:\Users\Imadreamer 2\Desktop\Firefox Setup 51.0.1.exe
    2017-02-21 10:55 - 2017-02-21 10:55 - 00225429 _____ C:\Users\Imadreamer 2\Desktop\bookmarks.html
    2017-02-11 14:28 - 2017-02-11 14:28 - 00253815 _____ C:\Users\Imadreamer 2\Desktop\The Flame Series Box Set - Michelle Love.mobi
    2017-02-10 19:42 - 2017-02-10 19:42 - 00000643 _____ C:\Users\Imadreamer 2\Desktop\key.vbs
    2017-02-01 14:29 - 2015-01-08 21:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
    2017-02-01 14:29 - 2015-01-08 21:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
    2017-02-01 14:29 - 2015-01-08 21:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
    2017-02-01 14:29 - 2015-01-08 20:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-02-24 19:17 - 2014-02-08 01:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2017-02-24 19:05 - 2014-11-01 13:05 - 00000911 _____ C:\Windows\Tasks\EPSON XP-310 Series Update {53AAEC9E-BFE0-40EC-8C0B-2DA00F519EE3}.job
    2017-02-24 19:05 - 2014-11-01 13:05 - 00000725 _____ C:\Windows\Tasks\EPSON XP-310 Series Invitation {53AAEC9E-BFE0-40EC-8C0B-2DA00F519EE3}.job
    2017-02-24 18:38 - 2016-11-17 21:01 - 00000000 ____D C:\Users\Imadreamer 2\AppData\LocalLow\Mozilla
    2017-02-24 04:16 - 2009-07-13 22:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2017-02-24 04:16 - 2009-07-13 22:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2017-02-24 01:47 - 2014-02-20 00:39 - 00000000 ____D C:\Users\Imadreamer 2\AppData\Roaming\FileAdvisor
    2017-02-24 00:43 - 2015-02-09 16:52 - 00000000 ____D C:\Users\Imadreamer 2\Documents\My Kindle Content
    2017-02-23 23:41 - 2009-07-13 20:34 - 00000215 _____ C:\Windows\system.ini
    2017-02-23 21:38 - 2016-12-08 16:47 - 00001962 _____ C:\Users\Imadreamer 2\Desktop\JRT.txt
    2017-02-23 21:33 - 2015-08-07 19:00 - 01663040 _____ (Malwarebytes) C:\Users\Imadreamer 2\Desktop\JRT.exe
    2017-02-23 21:32 - 2015-03-15 03:59 - 00000000 ____D C:\AdwCleaner
    2017-02-23 21:18 - 2015-03-25 03:00 - 00000000 ____D C:\Users\Imadreamer 2\AppData\Local\CrashDumps
    2017-02-23 21:17 - 2014-06-21 17:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2017-02-23 21:17 - 2014-03-14 10:03 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-02-23 21:04 - 2015-03-02 22:06 - 00000000 ____D C:\ProgramData\RogueKiller
    2017-02-23 20:32 - 2015-03-02 22:06 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2017-02-21 11:33 - 2009-07-13 23:13 - 00006182 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-02-21 11:28 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-02-21 11:27 - 2016-11-17 17:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2017-02-18 08:37 - 2017-01-10 12:44 - 00001168 _____ C:\Users\Imadreamer 2\Desktop\Certification.pdf
    2017-02-15 04:17 - 2014-02-08 01:26 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2017-02-15 04:17 - 2014-02-08 01:26 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2017-02-15 04:17 - 2014-02-08 01:26 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2017-02-15 04:17 - 2014-02-08 01:26 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2017-02-15 04:17 - 2014-02-08 01:26 - 00000000 ____D C:\Windows\system32\Macromed
    2017-02-12 20:46 - 2016-12-27 20:07 - 02645248 _____ C:\Users\Imadreamer 2\Desktop\CalebsSeries13BillionaireRomance.mobi
    2017-02-11 15:06 - 2014-09-04 16:49 - 02649242 _____ C:\Windows\ntbtlog.txt
    2017-02-09 17:33 - 2014-02-08 03:36 - 00000000 ____D C:\bills
    2017-02-01 16:36 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Vss
    2017-02-01 14:57 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\tracing

    ==================== Files in the root of some directories =======

    2015-06-24 23:41 - 2015-06-24 23:41 - 0000268 ___RH () C:\Users\Imadreamer 2\AppData\Roaming\Enhance Tuning
    2015-07-06 18:51 - 2015-07-06 18:59 - 0003584 _____ () C:\Users\Imadreamer 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-05-20 20:35 - 2015-05-20 20:35 - 0000017 _____ () C:\Users\Imadreamer 2\AppData\Local\resmon.resmoncfg
    2015-06-24 23:41 - 2015-06-24 23:41 - 0000268 ___RH () C:\ProgramData\Extensions
    2015-06-24 23:41 - 2015-06-24 23:41 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-02-22 00:23

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017
    Ran by Imadreamer 2 (24-02-2017 19:44:00)
    Running from C:\Users\Imadreamer 2\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2014-02-08 13:13:21)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-478529873-2400661344-62306198-500 - Administrator - Disabled)
    Guest (S-1-5-21-478529873-2400661344-62306198-501 - Limited - Disabled)
    Imadreamer 2 (S-1-5-21-478529873-2400661344-62306198-1000 - Administrator - Enabled) => C:\Users\Imadreamer 2

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
    Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
    Amazon Kindle (HKU\S-1-5-21-478529873-2400661344-62306198-1000\...\Amazon Kindle) (Version: 1.16.0.44025 - Amazon)
    Amazon Kindle (x32 Version: - Amazon) Hidden
    AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
    EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version: - SEIKO EPSON Corporation)
    EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
    EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - )
    FastStone Image Viewer 3.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 3.9 - FastStone Soft)
    File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version: - )
    Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: - )
    Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
    Macromedia Dreamweaver 4 (HKLM-x32\...\{ABDA9912-5D00-11D4-BAE7-9367CA097955}) (Version: 4.0 - Macromedia)
    Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.2 - Macromedia)
    Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Office 2000 Premium (HKLM-x32\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 51.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 51.0.1 (x64 en-US)) (Version: 51.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
    RogueKiller version 12.9.8.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.8.0 - Adlice Software)
    Sansa Updater (HKU\S-1-5-21-478529873-2400661344-62306198-1000\...\Sansa Updater) (Version: 1.407 - SanDisk Corporation)
    Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0ED42A30-D2CB-4252-864E-F7E6DC99B9A3} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
    Task: {1F7483C3-5EE8-4FF1-8DC8-430C06B2D61C} - System32\Tasks\EPSON XP-310 Series Invitation {53AAEC9E-BFE0-40EC-8C0B-2DA00F519EE3} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
    Task: {25BCAA2B-E647-4247-B5F9-90952E5157EE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
    Task: {5CA612B7-829E-4F25-A41D-619903FFB3C9} - System32\Tasks\{763EAC16-462A-4AC7-990D-DE4792C316FD} => pcalua.exe -a "C:\Program Files (x86)\Trillian\Trillian.exe" -c /uninstall
    Task: {8B9F25BC-ABA2-4BAA-9801-D028CC4E2321} - System32\Tasks\{B8C11D8B-1CF4-4BE5-9505-F082E41E17E3} => pcalua.exe -a D:\ArcSoft\PanoramaMaker\Setup.exe
    Task: {AF7DB2FC-668D-4D21-8DCC-AC7821ECBE24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
    Task: {D834C97D-F502-4365-BF1C-B011A83F3BDA} - System32\Tasks\EPSON XP-310 Series Update {53AAEC9E-BFE0-40EC-8C0B-2DA00F519EE3} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\EPSON XP-310 Series Invitation {53AAEC9E-BFE0-40EC-8C0B-2DA00F519EE3}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE
    Task: C:\Windows\Tasks\EPSON XP-310 Series Update {53AAEC9E-BFE0-40EC-8C0B-2DA00F519EE3}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE :/EXE:{53AAEC9E-BFE0-40EC-8C0B-2DA00F519EE3} /F:Update SYSTEM ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2017-02-23 21:17 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
    2017-02-23 21:17 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
    2017-02-23 21:17 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-478529873-2400661344-62306198-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Imadreamer 2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 97.64.155.74 - 97.64.201.123
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{3CA80845-28CE-49DE-84F7-032B572B948A}] => (Allow) C:\Users\Imadreamer 2\Downloads\The_Secret_Billionaire_The_Complete_Collection_-_Chloe_Cassidy_downloader.exe
    FirewallRules: [{DE47FBB2-6CFB-4363-A518-D2833444763D}] => (Allow) C:\Users\Imadreamer 2\Downloads\The_Secret_Billionaire_The_Complete_Collection_-_Chloe_Cassidy_downloader.exe
    FirewallRules: [{4528E18E-9623-45BB-8205-5A7B02B98242}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
    FirewallRules: [{C2F8C00C-1E42-417B-BAF5-FE281C568669}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
    FirewallRules: [{2428A509-4303-49DE-823D-BF8DC7007B5B}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
    FirewallRules: [{5B4775DB-902A-41EB-9102-14DF1CB1D25D}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
    FirewallRules: [TCP Query User{F641D030-0306-44B4-B76D-6B766DB2E34E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{438561C7-FE05-47C5-8F69-7672E10BE5A6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [TCP Query User{F2A586A5-A012-4533-8D87-31C4C5000B1B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{9041644D-B4D5-40B4-8A2B-8BADC6FC59EF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{1B8E13FF-C3F2-4641-A4BF-AF5E19EE3C99}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{A52347ED-9FF0-4F5E-9E5E-695AD21832AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

    ==================== Restore Points =========================

    05-02-2017 03:19:28 Windows Update
    08-02-2017 03:21:39 Windows Update
    12-02-2017 02:12:41 Windows Update
    15-02-2017 15:19:59 Windows Update
    19-02-2017 02:11:48 Windows Update
    20-02-2017 18:28:20 JRT Pre-Junkware Removal
    22-02-2017 11:40:00 Windows Update
    23-02-2017 21:34:36 JRT Pre-Junkware Removal

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/23/2017 09:18:15 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbam.exe, version: 3.0.0.912, time stamp: 0x58811df5
    Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a177
    Exception code: 0xc0000005
    Fault offset: 0x00192df1
    Faulting process id: 0x122c
    Faulting application start time: 0x01d28e4c86a61e4d
    Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
    Report Id: e0bd1369-fa3f-11e6-9e20-448a5b2af26b

    Error: (02/23/2017 09:17:34 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
    Faulting module name: ntdll.dll, version: 6.1.7601.23572, time stamp: 0x57fd0651
    Exception code: 0xc0000005
    Fault offset: 0x0000000000026483
    Faulting process id: 0xca8
    Faulting application start time: 0x01d28e4c806da5b7
    Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
    Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
    Report Id: c888e962-fa3f-11e6-9e20-448a5b2af26b

    Error: (02/21/2017 11:33:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (02/21/2017 11:33:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (02/21/2017 11:29:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/21/2017 11:16:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (02/21/2017 11:16:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (02/21/2017 11:13:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (02/20/2017 06:14:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (02/20/2017 06:14:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


    System errors:
    =============
    Error: (02/23/2017 11:41:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    Error: (02/23/2017 11:39:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    Error: (02/23/2017 09:18:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s).


    CodeIntegrity:
    ===================================
    Date: 2016-05-23 09:44:21.966
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2016-05-23 09:44:21.873
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: AMD A4-5300 APU with Radeon(tm) HD Graphics
    Percentage of memory in use: 53%
    Total physical RAM: 5329.81 MB
    Available physical RAM: 2458.89 MB
    Total Virtual: 10657.81 MB
    Available Virtual: 8201.11 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:911.88 GB) (Free:786.95 GB) NTFS
    Drive e: (System Image) (Fixed) (Total:139.73 GB) (Free:41.98 GB) NTFS
    Drive f: (Seagate 300 B) (Fixed) (Total:139.72 GB) (Free:66.95 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 279.5 GB) (Disk ID: 21662166)
    Partition 1: (Not Active) - (Size=139.7 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=139.7 GB) - (Type=OF Extended)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 35D5C1F3)
    Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

    As Train said online Gmail using firefox. I am starting to think I have a problem with win7. But things are better. I can click a page for the most part and it will open, just not a link in an email. And certain links on sited. My games still are not playing like they used to. But it could be the games I guess. System has speeded up some but certainly not as fast as in the past.

  4. #19
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    What happens when you try same features using IE or Chrome?

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
    Attached Files Attached Files

  5. #20
    Join Date
    Feb 2017
    Posts
    39
    First64 is on the desktop so I put fixlist.txt on desktop to. But it doesn't seem to find it.
    Do I need to put them in the same folder? There is a folder under c drive that says First and it contains a file call Hives, Logs, and Quarentine. Under logs is both addition and both first logs. Should I put it and the tool First64 in there?
    Last edited by imadreamer65; February 24th, 2017 at 10:31 PM.

  6. #21
    Join Date
    Feb 2017
    Posts
    39
    You didn't want me to scan with First64 did you. I just opened it and clicked fix

  7. #22
    Join Date
    Feb 2017
    Posts
    39
    I never have put Chrome on here. IE the links do work but it runs so slow because it doesn't have an ad blocker so there are so many ads IE is hard to use.

  8. #23
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    If FRST64 and fixlist.txt are both on Desktop just double click on FRST64 to open it and click on "Fix" button.

    ...and from what you're saying it looks like Firefox issue.
    We'll get back to it once we finish cleaning process.

  9. #24
    Join Date
    Feb 2017
    Posts
    39
    They are both on the desktop. Yes I double click on First64 and click fix but it says No fixlist.txt found. and does nothing. I don't know how to get it to do it. I don't understand why it isn't working. In looking at that file under C drive named First the login there that was named First moved in there from my desktop. There is a Adition and First in there.
    Last edited by imadreamer65; February 24th, 2017 at 11:21 PM.

  10. #25
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Let's see what's wrong...

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    64-bit users go HERE

    • Double-click SystemLook.exe to run it.
    • Vista users:: Right click on SystemLook.exe, click Run As Administrator
    • Copy the content of the following box and paste it into the main textfield:

      Code:
      :filefind
      frst64*
      fixlist*
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

    Note: The log can also be found on your Desktop entitled SystemLook.txt

  11. #26
    Join Date
    Feb 2017
    Posts
    39
    SystemLook 30.07.11 by jpshortstuff
    Log created at 21:35 on 24/02/2017 by Imadreamer 2
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "frst64*"
    C:\Users\Imadreamer 2\Desktop\FRST64.exe --a---- 2423296 bytes [22:51 22/02/2017] [01:40 25/02/2017] 0B5E0BE2A40BF99D164B287F6D03E654
    C:\Windows\Prefetch\FRST64.EXE-72FA4756.pf --a---- 46810 bytes [02:22 25/02/2017] [02:22 25/02/2017] 6199B5A4BBF8EFC92DCB4BA1A1C3BEF2
    C:\Windows\Prefetch\FRST64.EXE-F010B5A2.pf --a---- 46698 bytes [03:15 25/02/2017] [03:15 25/02/2017] 3A53F7633579CB738C628708E0C6F1FE
    C:\Windows\Prefetch\FRST64.EXE-F1EC7770.pf --a---- 47082 bytes [01:37 25/02/2017] [03:22 25/02/2017] 42147616981B2C8B17A7ECE9A33EA24B

    Searching for "fixlist*"
    C:\Users\Imadreamer 2\Desktop\fixlist.txt.URL --a---- 282 bytes [02:16 25/02/2017] [02:16 25/02/2017] D05A11FEFADC58E1ED6D45AAAB3E5E36

    -= EOF =-
    Last edited by imadreamer65; February 24th, 2017 at 11:39 PM.

  12. #27
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    For whatever reason your "fixlist.txt" filoe is named "fixlist.txt.URL"
    Rename it to "fixlist.txt".

  13. #28
    Join Date
    Feb 2017
    Posts
    39
    Fix result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017
    Ran by Imadreamer 2 (24-02-2017 22:15:33) Run:2
    Running from C:\Users\Imadreamer 2\Desktop
    Loaded Profiles: Imadreamer 2 (Available Profiles: Imadreamer 2)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-478529873-2400661344-62306198-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    2015-06-24 23:41 - 2015-06-24 23:41 - 0000268 ___RH () C:\Users\Imadreamer 2\AppData\Roaming\Enhance Tuning
    2015-07-06 18:51 - 2015-07-06 18:59 - 0003584 _____ () C:\Users\Imadreamer 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-05-20 20:35 - 2015-05-20 20:35 - 0000017 _____ () C:\Users\Imadreamer 2\AppData\Local\resmon.resmoncfg
    2015-06-24 23:41 - 2015-06-24 23:41 - 0000268 ___RH () C:\ProgramData\Extensions
    2015-06-24 23:41 - 2015-06-24 23:41 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT

    *****************

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
    HKU\S-1-5-21-478529873-2400661344-62306198-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
    "C:\Users\Imadreamer 2\AppData\Roaming\Enhance Tuning" => not found.
    "C:\Users\Imadreamer 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.
    "C:\Users\Imadreamer 2\AppData\Local\resmon.resmoncfg" => not found.
    "C:\ProgramData\Extensions" => not found.
    "C:\ProgramData\PKP_DLeo.DAT" => not found.

  14. #29
    Join Date
    Feb 2017
    Posts
    39
    When I dropped and dragged the txt file from the post, could that have happened. The url part didn't show on the desk top.

  15. #30
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Good

    Last scans...

    Download Security Check from here or here and save it to your Desktop.

    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services



    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.


    Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.




    Download Sophos Free Virus Removal Tool and save it to your desktop.

    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Copy and paste the results in your reply
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •