Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help with virus, malware, reg errors [Solved]

Virus malware registry errors duplicate file overall help

  • This topic is locked This topic is locked

#31
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

# AdwCleaner v4.111 - Logfile created 23/02/2015 at 19:28:03
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Bridget - BRIDGET-PC
# Running from : C:\Users\Bridget\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\FileCure
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\smdmf
Folder Deleted : C:\ProgramData\2db0dfff7cefd846
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mipony
Folder Deleted : C:\Program Files\pcreg
Folder Deleted : C:\Program Files\WebBar
Folder Deleted : C:\Users\Bridget\AppData\Local\Mindspark_Interactive_Net
Folder Deleted : C:\Users\Bridget\AppData\Local\WebBar
Folder Deleted : C:\Users\Bridget\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\Bridget\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Bridget\AppData\Roaming\SmartPCFix
Folder Deleted : C:\Users\Bridget\Documents\PC Speed Maximizer
File Deleted : C:\END
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\windows\System32\sasnative64.exe
File Deleted : C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\jt2ch37g.default\user.js
File Deleted : C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\jt2ch37g.default\searchplugins\Vosteran.xml

***** [ Scheduled tasks ] *****

Task Deleted : WOT WTHUR1
Task Deleted : WOT WTUE1
Task Deleted : WOT WMON1
Task Deleted : WOT WW1
Task Deleted : WOT WFRI1
Task Deleted : WOT WW2
Task Deleted : WOT WWED1
Task Deleted : WOT W1
Task Deleted : WOT W2
Task Deleted : WOT T
Task Deleted : WOT N
Task Deleted : ProPCCleaner_Popup
Task Deleted : StormFall TW1
Task Deleted : StormFall TW2
Task Deleted : StormFall W2
Task Deleted : StormFall W1

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{635abd67-4fe9-1b23-4f01-e679fa7484c1}]
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PSText.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxSHDocVw.AxWebBrowser
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\PlaySushi32.PlaySushi
Key Deleted : HKLM\SOFTWARE\Classes\PlaySushi32.PlaySushi.1
Key Deleted : HKLM\SOFTWARE\Classes\PSText.IEButton
Key Deleted : HKLM\SOFTWARE\Classes\PSText.IEButton.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{E89A07B5-BD7A-43F9-BDA4-0DAA48AC4FA5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6823F25B-4D75-38A1-A163-7C696B45701F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45A8F904-D9CA-439B-9CBB-11097B45D9E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F165085B-6B85-4AD5-AD00-95552A823F6D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{975BBCC0-19DF-47C2-9AE2-D78EEFA96821}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45A8F904-D9CA-439B-9CBB-11097B45D9E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F165085B-6B85-4AD5-AD00-95552A823F6D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\SmdmF
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKCU\Software\USyndication
Key Deleted : HKCU\Software\Vosteran Browser
Key Deleted : HKCU\Software\ProPCCleanerLanguage
Key Deleted : HKCU\Software\ProPCCleanerConfig
Key Deleted : HKCU\Software\Adknowledge
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\PlaySushi
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DefaultTab
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\V9Software
Key Deleted : HKLM\SOFTWARE\Wajam
Key Deleted : HKLM\SOFTWARE\Mindspark
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.local

***** [ Web browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v35.0.1 (x86 en-US)

[jt2ch37g.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Vosteran");
[jt2ch37g.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://Vosteran.com/?f=1&a=vst_ir_14_51_ff&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyEzytD0A0C0CtA0B0AyBtN0D0Tzu0StCtDzzyDtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1Bt[...]

-\\ Google Chrome v40.0.2214.115

[C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=suma_14_15_ch&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyEzytD0A0C0CtA0B0AyBtN0D0Tzu0SzztAtCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyDzyyDzztByD0BtGyByEtD0EtGzzzz0FyDtGtA0EtCzytGtDzytAzytCzztBtB0EyByEyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0D0FzyzztCyCtDtG0CyByEtBtGtD0EtBtCtG0F0C0B0AtGtB0DzytA0CtAyDyB0DyC0A0F2Q&cr=156701805&ir=
[C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.v9.com/web/?type=ds&ts=1215028620&from=amt&uid=TOSHIBAXMK3263GSXN_508MT262TXX508MT262T&i=psd&t=2d436a77f&q={searchTerms}
[C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=SGMedia&hsimp=yhs-sgm_ytb&type=ys-ch-ds&p={searchTerms}
[C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.safesear.ch/web/?type=ss-ch-ds&q={searchTerms}

*************************

AdwCleaner[R0].txt - [19641 bytes] - [23/02/2015 18:41:12]
AdwCleaner[R1].txt - [19699 bytes] - [23/02/2015 18:54:34]
AdwCleaner[S0].txt - [18956 bytes] - [23/02/2015 19:28:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19016  bytes] ##########
 


  • 0

Advertisements


#32
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, Jeremy7777.

We'll get back to Internet Explorer problem later.

Now, please, perform the following instructions

Step #1
Malwarebytes Anti-Malware
  • Download Malwarebytes Anti-Malware to your Desktop
  • Double click the file to open it. Install the program.
  • Before you click Finish, make sure that:
    • Enable free trial of Malwarebytes Anti-Malware Premium is unchecked
    • Launch Malwarebytes Anti-Malware is checked
  • In Database version section, click Update Now
  • Once the update is done, click Settings>Detection and Protection
  • Make sure that all three boxes under Detection Options are checked
    oGHz2fO.png
  • Go back to Dashboard and click the big, green Scan Now button.
  • Wait for Malwarebytes Anti-Malware to finish the scan
  • If the program will detect anything, click the 4uwHOgV.png button. The program might want to reboot the system. Allow it it wants to.
  • Once the deletion is done (or after reboot), go to History and double click the last Scan Log.
  • Click the HVS7vK4.png button.
  • Paste (CTRL+V) the log into your next reply.
 
Step #2
ESET Online Scanner
  • Note: This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox
  • Disable your Antivirus program (click here if you don't know how to do this).
  • Visit ESET site
  • Click fxn8GTf.jpg
  • When using:
    • Internet Explorer:
      • Accept the Terms of Use and click Start
      • Allow the running of add-on
    • Other browsers:
      • Download esetsmartinstaller_enu.exe that you'll be given link to
      • Double click esetsmartinstaller_enu.exe
      • Allow the Terms of Use and click Start
  • Make sure that:
    • Enable detection of potentially unwanted applications is checked
    • In Advanced Settings: Remove found threats is unchecked. Scan archives, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked
    TcWwbLS.png
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan
  • When the scan is done, click Finish
  • A log.txt file will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Remember to enable your Antivirus program once you're done!

 
Things that should appear in your next post:
  • Malwarebytes Anti-Malware log content
  • ESET Online Scanner log content

  • 0

#33
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

when you say "Once the deletion is done (or after reboot), go to History and double click the last Scan Log." can you be more specific, because i dont see any where,, "the last scan log" under the history tab. the only things are "quarentine" and "aplication logs"  ive ran the scan and deleted the errors and will wait for further clrification as to the next step....


  • 0

#34
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
The last Scan Log should be located in Application Logs tab.
  • 0

#35
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 2/24/2015 4:59:06 PM,

SYSTEM, BRIDGET-PC, Manual,

Remediation Database,

2013.10.16.1, 2014.12.6.1,
Update, 2/24/2015 4:59:06 PM,

SYSTEM, BRIDGET-PC, Manual,

Rootkit Database,

2014.11.18.1, 2015.2.22.1,
Update, 2/24/2015 4:59:11 PM,

SYSTEM, BRIDGET-PC, Manual,

Malware Database,

2014.11.20.6, 2015.2.24.7,
Scan, 2/24/2015 5:51:09 PM,

SYSTEM, BRIDGET-PC, Manual,

Start:2/24/2015 5:08:08 PM,

Duration:37 min 43 sec,

Threat Scan, Completed, 8

Malware Detections, 36 Non-

Malware Detections,

(end)


  • 0

#36
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

ive started the smaret scan using firefox, i clicked enable detection of potential unwanted programs but there wasnt an advanced tab to choose the other settings. i ran the scan anyway, let me know if ive done something wrong


  • 0

#37
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

never mind, i misread your instructions, the eset online scanner is scanning, the one i was thinking you were speaking of was called smart security live, i didnt activate though, and now a window just popped up, smart security 8 "an event occured durring an attempt to acess the file by the aplication C:\program files (x86)\eset\eset online scanner]online scanner.exe asking to "clean" or "no action" im so lost at this point because of the intial confusion with the instal not using internet explorer> had i been using IE im pretty sure i wouldnt have got confused. so what should i do, delete the first instal of the eset smart live  or just leave it? and what should i check in the window from smart sec 8?


  • 0

#38
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/02/24 17:08:08 -0600</date>
<logfile>mbam-log-2015-02-24 (17-08-07).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2015.02.24.07</malware-database>
<rootkit-database>v2015.02.22.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Bridget</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>378592</objects>
<time>2263</time>
<processes>0</processes>
<modules>0</modules>
<keys>8</keys>
<values>2</values>
<datas>0</datas>
<folders>1</folders>
<files>11</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}</path><vendor>PUP.Optional.DefaultTab.A</vendor><action>success</action><hash>ea93f22faedc69cd7dd51ef91be80cf4</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\ExplorerPlugin.Extension</path><vendor>Adware.ArcadeWeb</vendor><action>success</action><hash>700dc0619bef38feaf8d56d2a65d6b95</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\ExplorerPlugin.Extension.1</path><vendor>Adware.ArcadeWeb</vendor><action>success</action><hash>6518b56ca3e7181eb8844eda877c4fb1</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\ExplorerPlugin.Extension</path><vendor>Adware.ArcadeWeb</vendor><action>success</action><hash>6518b56ca3e7181eb8844eda877c4fb1</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\ExplorerPlugin.Extension.1</path><vendor>Adware.ArcadeWeb</vendor><action>success</action><hash>6518b56ca3e7181eb8844eda877c4fb1</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\WiseConvert_B2</path><vendor>PUP.Optional.WiseConvert.A</vendor><action>success</action><hash>ef8e6ab7008a59dd8306b9f634cf15eb</hash></key>
<key><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab</path><vendor>PUP.Optional.DefaultTab.A</vendor><action>success</action><hash>81fc071abecc92a44acc945411f2f709</hash></key>
<key><path>HKU\S-1-5-21-1494171341-1486453739-2533022584-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\SevereWeatherAlerts.exe</path><vendor>PUP.Optional.SevereWeatherAlerts.A</vendor><action>success</action><hash>087573aeec9e0b2b90599f7334d1837d</hash></key>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY</path><valuename>AppPath</valuename><vendor>PUP.Optional.Vosteran</vendor><action>success</action><valuedata>C:\Program Files (x86)\WSE_Vosteran\\</valuedata><hash>4d3053ceb8d266d074c580a5ab5a2ed2</hash></value>
<value><path>HKU\S-1-5-21-1494171341-1486453739-2533022584-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS</path><valuename>LowRiskFileTypes</valuename><vendor>PUM.LowRiskFileTypes</vendor><action>success</action><valuedata>.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.log;</valuedata><hash>c4b9ee331a7004321e97119ffa09e41c</hash></value>
<folder><path>C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\EliteUnzip_aa</path><vendor>PUP.Optional.MindSpark.A</vendor><action>success</action><hash>80fd33ee1b6fb87e6ac93c2cfc0737c9</hash></folder>
<file><path>C:\Users\Bridget\Downloads\Mod_Setup (1).exe</path><vendor>PUP.Optional.InstallCore</vendor><action>success</action><hash>ed9063bef595d75f81d39003f1140ef2</hash></file>
<file><path>C:\Users\Bridget\Downloads\downloadmanagerhtml.ashx</path><vendor>PUP.Optional.OneFloorApp</vendor><action>success</action><hash>85f88f923a50ad89a6d87627699c6b95</hash></file>
<file><path>C:\Users\Bridget\Downloads\Mod_Setup (2).exe</path><vendor>PUP.Optional.InstallCore</vendor><action>success</action><hash>1a634bd652388caacc8890037194ca36</hash></file>
<file><path>C:\Users\Bridget\Downloads\PageRageSetup(1).exe</path><vendor>PUP.Optional.Yontoo.A</vendor><action>success</action><hash>5c21c9588ffb34023fda8b64d62bd030</hash></file>
<file><path>C:\Users\Bridget\Downloads\PageRageSetup.exe</path><vendor>PUP.Optional.Yontoo.A</vendor><action>success</action><hash>e39a8e933e4cb58124f5f7f834cda15f</hash></file>
<file><path>C:\Users\Bridget\Downloads\Setup_ODM.exe</path><vendor>PUP.Optional.Downware</vendor><action>success</action><hash>86f753ce2664b1859528b91522dfe719</hash></file>
<file><path>C:\Users\Bridget\Downloads\EliteUnzipSetup(1).exe</path><vendor>PUP.Optional.MindSpark.A</vendor><action>success</action><hash>6914041d96f4e551a007e20b61a05aa6</hash></file>
<file><path>C:\Users\Bridget\Downloads\EliteUnzipSetup.exe</path><vendor>PUP.Optional.MindSpark.A</vendor><action>success</action><hash>522b8c95c6c4e353089f7479cc35946c</hash></file>
<file><path>C:\Users\Bridget\Downloads\7-zip.exe</path><vendor>PUP.Optional.Installcore</vendor><action>success</action><hash>106d22ffaae09b9b38dc86f839cc13ed</hash></file>
<file><path>C:\Users\Bridget\Downloads\winzip175-mediafire.exe</path><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><hash>f88560c1008adc5aa902e3b411f41ee2</hash></file>
<file><path>C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\EliteUnzip_aa\E10CF0AC-D1CC-4156-9AD1-7EBC142ACC16.sqlite</path><vendor>PUP.Optional.MindSpark.A</vendor><action>success</action><hash>80fd33ee1b6fb87e6ac93c2cfc0737c9</hash></file>
</items>
</mbam-log>
 


  • 0

#39
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6a00f72ef496ba4dbd208a0e26a66f21
# engine=22632
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-02-25 04:40:09
# local_time=2015-02-24 10:40:09 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 176382659 0 0
# compatibility_mode_1='ESET Smart Security 8.0'
# compatibility_mode=8228 16777213 100 100 0 19733801 0 0
# scanned=210454
# found=9
# cleaned=0
# scan_time=8660
# nod_component=V3 Build:0x30000000
sh=AE3DE4432A2344C285D073803A47A46C0958646A ft=1 fh=57d860f9135d6364 vn="a variant of Win64/Systweak.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir"
sh=0F524D97E96C309485455A4CB4FAFAF8DBF42863 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Yontoo\YontooLayers.crx.xBAD"
sh=916510D11CFCC1F3E99826BC988ABE12192564E2 ft=1 fh=d9acd49dd9586274 vn="Win32/Toolbar.Besttoolbars.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\windows\BuzzSocialPointsChecker\BuzzSocialPoints_lidns.exe"
sh=C26932E319CBB55EF075048CEE0931BDB4393F20 ft=1 fh=780b34063046b6f9 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Bridget\AppData\Local\Adobe\AIH.c93ebecfb7a8f623cced1daeb4ee9afaae5c9f6d\GTB.exe"
sh=BCEB518F8911E047E9DC5B0798B2C38B4260BFA3 ft=1 fh=28814f77d171d827 vn="MSIL/AdvancedSystemProtector.C potentially unwanted application" ac=I fn="C:\Users\Bridget\Downloads\advancedfileoptimizersetup_CONFIG.exe"
sh=278CDE6ECF5D5F0179144F9C49AAE7A7309E9E8E ft=1 fh=ca5b547cdee5496f vn="Win32/BundleLoader.B potentially unwanted application" ac=I fn="C:\Users\Bridget\Downloads\FreeTrimMP3.exe"
sh=5CB2D6D8739290D54A236F5A276F9A14C0007856 ft=1 fh=04f6acfe32e981a9 vn="a variant of Win32/Idmsq.A potentially unwanted application" ac=I fn="C:\Users\Bridget\Downloads\IDM2(1).exe"
sh=326FFE010703C35193069266DF178B7FE444F440 ft=1 fh=e0a90314edbab0f2 vn="a variant of Win32/Idmsq.A potentially unwanted application" ac=I fn="C:\Users\Bridget\Downloads\IDM2.exe"
sh=66CC076BDB078328986C8990B9440DF5F733F1EC ft=1 fh=2e4d17265ef2b3a7 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Users\Bridget\Downloads\wpsetup.exe"
 


  • 0

#40
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, Jeremy7777.

I'm sorry I couldn't answer your questions, I had some problems with my internet connection. It's good that you've made it all yourself though.

Please, perform the next instructions.

Step #1
FRST Scan
  • Right click FRST64.exe and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.
 
Step #2
Security Check

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

 
Things that should appear in your next post:
  • FRST.txt log content
  • Addition.txt log content
  • Checkup.txt log content

  • 0

Advertisements


#41
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Bridget (administrator) on BRIDGET-PC on 25-02-2015 17:03:40
Running from C:\Users\Bridget\Desktop
Loaded Profiles: Bridget (Available profiles: Bridget)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Mixesoft Project) C:\Users\Bridget\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [appnhost] => C:\Users\Bridget\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [RESTART_STICKY_NOTES] => C:\windows\system32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....=TSND&bmod=TSND
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = http://www.google.co...ng}&rlz=1I7TSND
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL =
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {DDBDAE81-DBB4-4B12-8428-676DF905086C} URL = http://www.google.co...ng}&rlz=1I7TSND
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.bing.com/search
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: iCloud Bookmarks - C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\[email protected] [2015-02-24]
FF Extension: LastPass - C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\[email protected] [2015-02-16]
FF Extension: AdBlock for Firefox - C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\[email protected] [2015-02-13]

Chrome:
=======
CHR Profile: C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-20]
CHR Extension: (Google Docs) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-04]
CHR Extension: (Google Drive) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-20]
CHR Extension: (YouTube) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-04]
CHR Extension: (3D Graffiti) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabfebkdmghefegjmochekfnmiikkko [2015-02-20]
CHR Extension: (Webpage Screenshot) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-04]
CHR Extension: (GIMP on rollApp) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo [2015-02-20]
CHR Extension: (Google Sheets) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-20]
CHR Extension: (PicMonkey) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2015-02-20]
CHR Extension: (Click&Clean) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-02-20]
CHR Extension: (AdBlock) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-02-20]
CHR Extension: (Pixlr Editor) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-02-22]
CHR Extension: (No History) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2015-02-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-02-23]
CHR Extension: (Google Wallet) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR Extension: (Instagram for Chrome) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-02-20]
CHR Extension: (Click&Clean App) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-02-20]
CHR Extension: (Gmail) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-04]
CHR HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-01-07] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [126904 2010-05-22] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2008-07-07] (The OpenVPN Project)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-01] (HTC, Corporation) [File not signed]
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-24] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\ENG64.SYS [117808 2010-05-28] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\EX64.SYS [1773104 2010-05-28] (Symantec Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
U5 regi; C:\Windows\System32\Drivers\regi.sys [14112 2007-04-17] (InterVideo)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
S1 SRTSP; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.SYS [701800 2010-05-23] (Symantec Corporation) [File not signed]
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.SYS [38248 2010-05-23] (Symantec Corporation) [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-12-11] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 17:03 - 2015-02-25 17:04 - 00019303 ____C () C:\Users\Bridget\Desktop\FRST.txt
2015-02-25 02:08 - 2015-02-25 02:08 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 02:08 - 2015-02-25 02:08 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 02:07 - 2015-02-25 02:08 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-02-25 02:07 - 2015-02-25 02:08 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-02-25 02:07 - 2015-02-25 02:08 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-02-25 02:07 - 2015-02-25 02:08 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-02-24 23:46 - 2015-02-24 23:46 - 00000000 ___DC () C:\Users\Bridget\Desktop\eset
2015-02-24 23:44 - 2015-02-24 23:44 - 00000000 ___DC () C:\Users\Bridget\Documents\eset
2015-02-24 20:12 - 2015-02-24 20:12 - 02347384 ____C (ESET) C:\Users\Bridget\Downloads\esetsmartinstaller_enu.exe
2015-02-24 20:12 - 2015-02-24 20:12 - 00000000 ___DC () C:\Program Files (x86)\ESET
2015-02-24 20:03 - 2015-02-24 20:03 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\ESET
2015-02-24 20:03 - 2015-02-24 20:03 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\ESET
2015-02-24 19:55 - 2015-02-24 19:55 - 01661128 ____C (ESET) C:\Users\Bridget\Downloads\eset_smart_security_live_installer.exe
2015-02-24 17:51 - 2015-02-24 17:51 - 00004165 ____C () C:\Users\Bridget\Desktop\malbyte.txt
2015-02-24 17:50 - 2015-02-24 17:51 - 00012202 ____C () C:\Users\Bridget\Desktop\mbam-log-2015-02-24 (17-08-07).xml
2015-02-24 16:58 - 2015-02-24 18:01 - 00129752 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 16:58 - 2015-02-24 16:58 - 00001077 ____C () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-24 16:58 - 2015-02-24 16:58 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-24 16:58 - 2015-02-24 16:58 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-24 16:58 - 2014-11-21 06:14 - 00093400 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-24 16:58 - 2014-11-21 06:14 - 00063704 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-24 16:58 - 2014-11-21 06:14 - 00025816 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-24 16:54 - 2015-02-24 16:54 - 20447072 ____C (Malwarebytes Corporation ) C:\Users\Bridget\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-24 03:09 - 2015-02-25 10:08 - 00000000 __RDC () C:\Users\Bridget\iCloudDrive
2015-02-24 03:09 - 2015-02-24 03:09 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Apple Inc
2015-02-24 02:40 - 2015-02-24 02:40 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-24 02:37 - 2015-02-24 02:37 - 71647536 ____C (Apple Inc.) C:\Users\Bridget\Desktop\icloudsetup.exe
2015-02-24 01:39 - 2015-02-24 01:39 - 00001764 ____C () C:\Users\Public\Desktop\iTunes.lnk
2015-02-24 01:39 - 2015-02-24 01:39 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-24 01:39 - 2015-02-24 01:39 - 00000000 ___DC () C:\Program Files\iTunes
2015-02-24 01:39 - 2012-10-03 16:14 - 00033240 ____C (GEAR Software Inc.) C:\windows\system32\Drivers\GEARAspiWDM.sys
2015-02-24 01:35 - 2015-02-24 02:40 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2015-02-24 01:18 - 2015-02-24 01:19 - 152428336 ____C (Apple Inc.) C:\Users\Bridget\Downloads\itunes6464setup.exe
2015-02-23 18:54 - 2015-02-23 18:54 - 02126848 ____C () C:\Users\Bridget\Desktop\AdwCleaner.exe
2015-02-23 18:51 - 2015-02-23 18:51 - 00018192 ____C () C:\Users\Bridget\Desktop\Ew001Nvw.htm
2015-02-23 18:40 - 2015-02-23 19:28 - 00000000 ___DC () C:\AdwCleaner
2015-02-23 18:40 - 2015-02-23 18:40 - 02126848 ____C () C:\Users\Bridget\Downloads\AdwCleaner.exe
2015-02-23 18:36 - 2015-02-23 18:36 - 00012369 ____C () C:\Users\Bridget\Desktop\JRT.txt
2015-02-23 17:39 - 2015-02-23 17:39 - 01388274 ____C (Thisisu) C:\Users\Bridget\Downloads\JRT.exe
2015-02-22 20:34 - 2015-02-25 10:18 - 00000000 __RDC () C:\Users\Bridget\Google Drive
2015-02-22 20:34 - 2015-02-22 20:34 - 00001715 ____C () C:\Users\Bridget\Desktop\Google Drive.lnk
2015-02-22 20:31 - 2015-02-22 20:31 - 00880208 ____C (Google Inc.) C:\Users\Bridget\Desktop\googledrivesync.exe
2015-02-22 20:31 - 2015-02-22 20:31 - 00002013 ____C () C:\Users\Public\Desktop\Google Slides.lnk
2015-02-22 20:31 - 2015-02-22 20:31 - 00002011 ____C () C:\Users\Public\Desktop\Google Sheets.lnk
2015-02-22 20:31 - 2015-02-22 20:31 - 00002001 ____C () C:\Users\Public\Desktop\Google Docs.lnk
2015-02-22 20:31 - 2015-02-22 20:31 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-02-22 15:22 - 2015-02-25 17:03 - 00000000 ___DC () C:\Users\Bridget\Desktop\FRST-OlderVersion
2015-02-21 16:21 - 2015-02-21 16:21 - 00001167 ____C () C:\Users\Bridget\Desktop\ckfiles - Shortcut.lnk
2015-02-21 16:19 - 2015-02-21 16:19 - 00000188 ____C () C:\Users\Bridget\Downloads\ckfiles.txt
2015-02-21 16:13 - 2015-02-21 16:13 - 00001187 ____C () C:\Users\Bridget\Desktop\CKScanner - Shortcut.lnk
2015-02-21 16:10 - 2015-02-21 16:10 - 00468480 ____C () C:\Users\Bridget\Downloads\CKScanner.exe
2015-02-21 14:19 - 2015-02-21 14:20 - 00031793 ____C () C:\Users\Bridget\Downloads\Addition.txt
2015-02-21 14:18 - 2015-02-21 14:20 - 00050278 ____C () C:\Users\Bridget\Downloads\FRST.txt
2015-02-21 14:17 - 2015-02-25 17:03 - 02087936 ____C (Farbar) C:\Users\Bridget\Desktop\FRST64.exe
2015-02-21 14:17 - 2015-02-25 17:03 - 00000000 ___DC () C:\FRST
2015-02-21 13:37 - 2015-02-21 13:29 - 02992292 ____C () C:\Users\Bridget\Documents\performace.html
2015-02-21 13:36 - 2015-02-21 13:36 - 00000000 ___DC () C:\Users\Bridget\Documents\2015 performance monitor results
2015-02-21 02:54 - 2015-02-21 02:54 - 00000340 ____C () C:\Users\Bridget\Downloads\ClickClean-v8.4-Options.json
2015-02-20 11:15 - 2015-02-20 11:15 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Mixesoft
2015-02-20 11:14 - 2015-02-20 11:14 - 00282624 ____C () C:\Users\Bridget\Downloads\appnhost.msi
2015-02-20 10:12 - 2015-02-20 10:16 - 00016088 ____C () C:\Users\Bridget\Downloads\software_removal_tool.log
2015-02-20 10:03 - 2015-02-20 10:10 - 00002230 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-20 10:03 - 2015-02-20 10:03 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 10:02 - 2015-02-25 16:08 - 00000900 ____C () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 10:02 - 2015-02-25 10:08 - 00000896 ____C () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 10:02 - 2015-02-20 10:02 - 00880208 ____C (Google Inc.) C:\Users\Bridget\Downloads\ChromeSetup.exe
2015-02-20 10:02 - 2015-02-20 10:02 - 00003896 ____C () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-20 10:02 - 2015-02-20 10:02 - 00003644 ____C () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-19 19:23 - 2015-02-19 19:23 - 02077392 ____C (Microsoft Corporation) C:\Users\Bridget\Downloads\IE11-Windows6.1.exe
2015-02-18 22:33 - 2015-02-18 22:34 - 00000000 ___DC () C:\Program Files (x86)\QuickTime
2015-02-18 22:33 - 2015-02-18 22:33 - 00001816 ____C () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-02-18 22:33 - 2015-02-18 22:33 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-18 22:22 - 2015-02-18 22:24 - 42096984 ____C (Apple Inc.) C:\Users\Bridget\Downloads\QuickTimeInstaller(1).exe
2015-02-18 14:37 - 2015-02-23 16:49 - 00001083 ____C () C:\Users\Bridget\Desktop\Adobe Photoshop CC 2014.lnk
2015-02-18 03:29 - 2015-02-18 03:29 - 00000000 ___DC () C:\Users\Bridget\Documents\Adobe
2015-02-18 03:27 - 2015-02-18 03:27 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\PDAppFlex
2015-02-14 23:27 - 2015-02-14 23:27 - 00000000 ___DC () C:\Users\Bridget\Desktop\original wedding library copy from minichip
2015-02-14 23:14 - 2015-02-14 23:14 - 00001284 ____C () C:\Users\Bridget\Desktop\Adobe Creative Cloud.lnk
2015-02-14 23:11 - 2015-02-14 23:13 - 00000000 ___DC () C:\Users\Bridget\Desktop\Jeremy Bridget wedding full
2015-02-13 21:18 - 2015-02-13 21:18 - 00000000 ___DC () C:\Users\Bridget\Documents\test resorces monitering
2015-02-13 17:33 - 2015-02-13 17:33 - 00003510 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-Bridget-PC-Bridget
2015-02-13 17:19 - 2015-02-13 17:19 - 00001051 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2015-02-13 12:58 - 2015-02-13 14:08 - 00000000 __RDC () C:\Users\Bridget\Dropbox
2015-02-13 12:44 - 2015-02-25 00:33 - 00000000 ___DC () C:\Users\Bridget\Desktop\jeremy
2015-02-13 12:40 - 2015-02-13 12:40 - 00000000 ___DC () C:\Users\Bridget\Desktop\ellis fam pics
2015-02-13 12:38 - 2015-02-13 12:38 - 00000000 ___DC () C:\Users\Bridget\Desktop\bridgets pics
2015-02-13 12:16 - 2015-02-13 14:10 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\Dropbox
2015-02-13 12:16 - 2015-02-13 12:16 - 00355464 ____C (Dropbox, Inc.) C:\Users\Bridget\Downloads\DropboxInstaller.exe
2015-02-13 09:29 - 2015-02-13 09:29 - 00001284 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-02-12 23:29 - 2015-02-12 23:29 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Toshiba Corporation
2015-02-12 21:48 - 2015-02-12 21:49 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\MigWiz
2015-02-12 19:58 - 2015-02-12 19:58 - 00000000 ___DC () C:\Program Files\Bonjour
2015-02-12 19:58 - 2015-02-12 19:58 - 00000000 ___DC () C:\Program Files (x86)\Bonjour
2015-02-12 19:27 - 2015-02-12 19:27 - 71647536 ____C (Apple Inc.) C:\Users\Bridget\Downloads\icloudsetup.exe
2015-02-12 16:49 - 2015-01-22 22:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 16:49 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 16:49 - 2015-01-22 21:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 16:49 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 20:57 - 2015-02-11 20:57 - 00000000 ___DC () C:\Users\Bridget\ipad upload pic backup files 2,11,2015
2015-02-11 17:20 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 17:20 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 17:20 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 17:20 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 17:20 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 17:20 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 17:20 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 17:20 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 17:20 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 17:20 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 17:20 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 17:20 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 17:20 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 17:20 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 17:20 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 17:20 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 17:20 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 17:20 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 17:20 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 17:20 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 17:20 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 17:20 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 17:20 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 17:20 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 17:19 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 17:19 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 17:19 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 17:19 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 17:19 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 17:19 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 17:19 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 17:19 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 17:19 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 17:19 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 17:19 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 17:19 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 17:19 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 17:19 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 17:19 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 17:19 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 17:19 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 17:19 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 17:19 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 17:19 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 17:19 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 17:19 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 17:19 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 17:19 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 17:19 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 17:19 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 17:19 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 17:19 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 17:18 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 17:18 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 17:17 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 17:17 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 17:17 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 17:17 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 17:17 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 17:17 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 17:17 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 17:17 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 17:17 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 17:17 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 17:17 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 17:17 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 17:17 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 17:17 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 17:17 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 17:17 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 17:17 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 17:17 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 17:17 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 17:17 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 17:17 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 17:17 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 17:17 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 17:17 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 17:17 - 2014-07-06 20:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 17:17 - 2014-07-06 20:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 17:17 - 2014-07-06 19:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 17:17 - 2014-07-06 19:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 17:16 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 17:16 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 17:16 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 17:16 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 17:16 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 17:16 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 17:16 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 17:16 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-11 17:16 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 17:16 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-05 20:23 - 2015-02-05 20:23 - 00000197 ____C () C:\windows\system32\2015-02-06-02-23-21.079-AvastVBoxSVC.exe-1508.log
2015-02-05 19:58 - 2015-02-05 19:58 - 00000197 ____C () C:\windows\system32\2015-02-06-01-58-03.078-AvastVBoxSVC.exe-4936.log
2015-01-29 11:57 - 2015-02-25 11:59 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2015-01-29 10:52 - 2015-01-29 10:52 - 00000197 ____C () C:\windows\system32\2015-01-29-16-52-31.005-AvastVBoxSVC.exe-3748.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 16:13 - 2012-04-18 07:54 - 00000830 ____C () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 12:07 - 2010-09-06 19:30 - 01876277 ____C () C:\windows\WindowsUpdate.log
2015-02-25 10:15 - 2009-07-13 22:45 - 00019248 ___HC () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 10:15 - 2009-07-13 22:45 - 00019248 ___HC () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 10:09 - 2013-10-03 14:14 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Adobe
2015-02-25 10:08 - 2009-07-13 23:08 - 00000006 ___HC () C:\windows\Tasks\SA.DAT
2015-02-25 10:08 - 2008-07-02 23:40 - 00000438 ____C () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-25 10:08 - 2008-05-22 19:55 - 00119049 ____C () C:\windows\setupact.log
2015-02-25 03:15 - 2009-07-13 21:20 - 00000000 ___DC () C:\windows\tracing
2015-02-25 02:03 - 2014-11-27 03:26 - 00000000 ___DC () C:\Users\Bridget\Documents\Fax
2015-02-25 00:41 - 2013-06-24 18:59 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Apple Computer
2015-02-25 00:41 - 2012-09-09 10:55 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\Apple Computer
2015-02-25 00:26 - 2008-05-22 19:55 - 00997826 ____C () C:\windows\PFRO.log
2015-02-24 03:09 - 2013-03-26 16:41 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Apple
2015-02-24 03:09 - 2011-02-25 19:24 - 00000000 ___DC () C:\Users\Bridget
2015-02-24 01:39 - 2014-11-13 02:39 - 00000000 ___DC () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-24 01:39 - 2013-06-24 19:14 - 00000000 ___DC () C:\Program Files\iPod
2015-02-24 01:39 - 2013-06-24 19:14 - 00000000 ___DC () C:\Program Files (x86)\iTunes
2015-02-22 20:36 - 2011-02-25 19:41 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\Adobe
2015-02-22 20:31 - 2011-02-25 20:46 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Google
2015-02-22 20:31 - 2010-07-22 18:58 - 00000000 ___DC () C:\Program Files (x86)\Google
2015-02-21 21:41 - 2014-11-15 02:41 - 00000000 ___DC () C:\Users\Bridget\Creative Cloud Files
2015-02-21 12:13 - 2014-11-23 00:58 - 00000000 ___DC () C:\Program Files\Adobe
2015-02-21 12:04 - 2013-03-14 16:53 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-21 03:08 - 2014-11-06 23:37 - 00007628 ____C () C:\Users\Bridget\AppData\Local\Resmon.ResmonCfg
2015-02-19 19:23 - 2008-05-22 07:25 - 00047417 ____C () C:\windows\IE11_main.log
2015-02-19 00:40 - 2012-06-07 11:59 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\SoftGrid Client
2015-02-18 13:06 - 2009-07-13 23:13 - 00783464 ____C () C:\windows\system32\PerfStringBackup.INI
2015-02-18 03:10 - 2014-11-23 00:52 - 00000000 ___DC () C:\Program Files\Common Files\Adobe
2015-02-18 03:06 - 2010-09-06 19:52 - 00000000 ___DC () C:\ProgramData\Adobe
2015-02-13 21:30 - 2009-07-13 23:08 - 00032606 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-13 17:33 - 2014-11-23 20:21 - 00000000 ___DC () C:\ProgramData\regid.1986-12.com.adobe
2015-02-13 17:30 - 2010-09-06 19:52 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2015-02-13 12:43 - 2013-10-08 20:53 - 00000000 ___DC () C:\Users\Bridget\Desktop\Daytonas pics
2015-02-13 12:40 - 2012-08-27 09:52 - 00000000 ___DC () C:\Users\Bridget\Desktop\lil wayne
2015-02-13 09:29 - 2014-11-12 17:01 - 00000000 ___DC () C:\ProgramData\Package Cache
2015-02-13 03:37 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2015-02-12 23:46 - 2010-07-22 18:50 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 23:45 - 2010-07-22 18:57 - 00000000 ___DC () C:\ProgramData\Toshiba
2015-02-12 23:45 - 2010-07-22 18:50 - 00000000 ___DC () C:\Program Files\TOSHIBA
2015-02-12 23:41 - 2010-07-22 18:50 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-02-12 19:58 - 2012-09-09 10:52 - 00000000 ___DC () C:\ProgramData\Apple
2015-02-12 18:28 - 2008-05-22 08:05 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2015-02-12 16:39 - 2009-07-13 22:45 - 00278856 ____C () C:\windows\system32\FNTCACHE.DAT
2015-02-12 16:37 - 2014-12-10 03:27 - 00000000 ___DC () C:\windows\system32\appraiser
2015-02-12 16:37 - 2014-11-08 03:04 - 00000000 __SDC () C:\windows\system32\CompatTel
2015-02-11 23:47 - 2013-09-16 15:36 - 00000000 ___DC () C:\windows\system32\MRT
2015-02-11 23:40 - 2011-04-08 15:54 - 116773704 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-05 22:53 - 2011-09-26 23:05 - 00000000 ___DC () C:\ProgramData\Skype
2015-02-05 22:50 - 2014-11-06 22:20 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\JAM Software
2015-02-05 20:52 - 2012-06-07 11:58 - 00776078 ____C () C:\windows\SysWOW64\PerfStringBackup.INI
2015-02-05 20:29 - 2009-07-13 23:32 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-05 20:18 - 2014-12-31 22:52 - 00000000 ___DC () C:\ProgramData\MFAData
2015-02-05 20:18 - 2014-11-09 09:08 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-05 19:56 - 2012-04-18 07:54 - 00701616 ____C (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 19:56 - 2012-04-18 07:54 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 19:56 - 2011-07-06 08:21 - 00071344 ____C (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-11-07 12:56 - 2014-11-07 14:10 - 10137600 ____C () C:\Program Files (x86)\GUTA62E.tmp
2014-12-01 01:30 - 2014-12-01 01:30 - 0000049 ____C () C:\Users\Bridget\AppData\Roaming\mbam.context.scan
2014-12-21 19:29 - 2014-12-26 00:29 - 0000128 ____C () C:\Users\Bridget\AppData\Roaming\WB.CFG
2014-12-26 00:29 - 2014-12-26 00:29 - 0234679 ____C () C:\Users\Bridget\AppData\Local\dsi1.dat
2014-12-26 00:29 - 2014-12-26 00:29 - 0161916 ____C () C:\Users\Bridget\AppData\Local\dsi2.dat
2008-01-01 00:31 - 2008-01-01 00:31 - 0000889 ____C () C:\Users\Bridget\AppData\Local\recently-used.xbel
2014-11-06 23:37 - 2015-02-21 03:08 - 0007628 ____C () C:\Users\Bridget\AppData\Local\Resmon.ResmonCfg
2014-12-10 18:14 - 2014-12-11 22:56 - 0000952 __SHC () C:\ProgramData\KGyGaAvL.sys

Some content of TEMP:
====================
C:\Users\Bridget\AppData\Local\Temp\InstHelper.exe
C:\Users\Bridget\AppData\Local\Temp\Quarantine.exe
C:\Users\Bridget\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 00:53

==================== End Of Log ============================


  • 0

#42
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by Bridget at 2015-02-25 17:05:15
Running from C:\Users\Bridget\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
ATI Catalyst Install Manager (HKLM\...\{5792CD64-61B4-C448-0D22-3C51DD73AB2A}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.349 - Corel Inc.)
DownloadX ActiveX Download Control 1.6.8 (HKLM-x32\...\CA17A131-B7D9-41D6-868F-29A9BD9FCC8E_is1) (Version:  - DownloadXCtrl.com)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java™ 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
[email protected] 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{2BF35D84-6377-4F70-9F39-97CF67E67FFF}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.13.112.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Strongvault Online Backup (HKLM-x32\...\{692EF506-1E15-4473-A829-ED951D6C49DB}) (Version: 2.0.0 - Strongvault) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.2.0 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}) (Version: 2.0.3977.0 - K-NFB Reading Technology, Inc.)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 2.1.5889 - K-NFB Reading Technology, Inc.)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.24 - Toshiba)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bridget\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points  =========================

10-12-2014 02:07:50 Installed Realtek WLAN Driver
10-12-2014 02:11:30 Removed TOSHIBA Assist
10-12-2014 02:13:42 Configured TOSHIBA Bulletin Board
10-12-2014 02:18:52 Removed TOSHIBA Flash Cards Support Utility
10-12-2014 02:20:26 Configured TOSHIBA HDD/SSD Alert
10-12-2014 03:00:18 Windows Update
11-12-2014 22:54:16 Removed DriverUpdate
12-12-2014 03:00:15 Windows Update
18-12-2014 18:49:37 Windows Update
18-12-2014 21:39:37 Windows Update
19-12-2014 13:35:46 avast! antivirus system restore point
21-12-2014 19:47:11 Installed iTunes
26-12-2014 00:29:58 Windows Update
26-12-2014 00:33:34 Removed GeekBuddy.
30-12-2014 22:41:53 Windows Update
31-12-2014 22:22:36 Installed Microsoft Fix it 50123
31-12-2014 22:56:35 Installed AVG 2015
31-12-2014 22:57:26 Installed AVG 2015
01-01-2015 00:48:01 Installed AVG PC TuneUp 2015
04-01-2015 15:53:58 Removed Apple Application Support
04-01-2015 15:56:39 Removed Apple Mobile Device Support
17-01-2015 15:44:39 Scheduled Checkpoint
18-01-2015 02:59:21 Windows Update
05-02-2015 19:59:36 Removed AVG PC TuneUp 2015
05-02-2015 20:02:03 Removed AVG PC TuneUp 2015 (en-US)
05-02-2015 20:07:15 Removed Visual Studio 2012 x86 Redistributables
05-02-2015 20:09:12 Removed Visual Studio 2012 x64 Redistributables
05-02-2015 20:13:14 Removed AVG 2015
05-02-2015 20:15:27 Removed AVG 2015
05-02-2015 20:27:59 Windows Modules Installer
05-02-2015 20:46:13 Windows Update
05-02-2015 21:05:36 Removed iTunes
05-02-2015 21:55:10 avast! antivirus system restore point
05-02-2015 22:48:38 Removed Bonjour
05-02-2015 22:50:30 Removed Skype™ 6.11
05-02-2015 22:52:55 Removed Skype™ 6.11
05-02-2015 22:54:37 Removed Quickbooks Financial Center
05-02-2015 23:10:54 Removed Windows Live Sign-in Assistant
11-02-2015 17:16:34 Windows Update
11-02-2015 23:38:49 Windows Update
12-02-2015 19:58:57 Installed iCloud
12-02-2015 21:48:16 Windows Backup
12-02-2015 23:41:22 Removed TOSHIBA Media Controller
12-02-2015 23:44:42 Configured TOSHIBA Face Recognition
12-02-2015 23:46:43 Removed TOSHIBA Web Camera Application
13-02-2015 03:00:28 Windows Update
13-02-2015 09:24:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
13-02-2015 09:25:01 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
13-02-2015 09:26:21 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
13-02-2015 09:27:50 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
13-02-2015 12:48:35 Removed Google Drive
13-02-2015 17:08:47 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
13-02-2015 17:10:07 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
17-02-2015 04:31:59 Windows Update
17-02-2015 04:44:48 Windows Defender Checkpoint
18-02-2015 22:31:16 Installed QuickTime 7
20-02-2015 10:12:43 Software Removal Tool
20-02-2015 11:14:40 Installed AppNHost 1.0.5.1
21-02-2015 12:10:28 Removed Adobe Photoshop Lightroom 5.7.1 64-bit.
22-02-2015 15:23:23 Restore Point Created by FRST
24-02-2015 01:36:59 Installed iTunes
24-02-2015 02:39:30 Installed iCloud
24-02-2015 14:16:46 Windows Update
25-02-2015 02:07:40 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2015-02-22 15:23 - 00000035 ___AC C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2C87FAC2-2012-4DA9-AEFE-D0ACCE886825} - System32\Tasks\{686B9446-0632-43EF-848D-7C8C4FAFECF8} => C:\Program Files (x86)\Modio\Modio.exe
Task: {3098C22B-08A6-44C3-834A-9E4704A2F0F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-20] (Google Inc.)
Task: {437A75DC-BECB-4129-B0C0-D7DA476F8A5A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {592BC124-C01D-45EC-9D35-E25F60B87436} - System32\Tasks\AdobeAAMUpdater-1.0-Bridget-PC-Bridget => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {8264D18A-71D1-4341-9749-FF6A99962032} - System32\Tasks\{09504B40-0564-49A7-AF52-B9A4A5327A78} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {8F2B0D3C-F0E3-4462-8211-50D7BC9C2F09} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94295C61-2DEF-43FB-B78A-2CB3AB8D904E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A4544390-F79D-4C85-91AE-AE98207ADAAC} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {D32BF5E7-4DE2-4126-AC16-57DF6C89D4F5} - System32\Tasks\avastBCLRestartS-1-5-21-1494171341-1486453739-2533022584-1001 => Firefox.exe
Task: {EE773809-3814-4654-B152-CCD5E7B52C61} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {F8D40135-8C44-4D8D-A2CB-ABEFF2076062} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {FE06104E-6CFE-4591-A300-77E2E03C0F94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-20] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-19 15:57 - 2014-12-19 15:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-13 11:00 - 2009-10-13 11:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-06 19:31 - 2010-09-06 19:31 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-19 15:57 - 2014-12-19 15:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-02-25 10:08 - 2015-02-25 10:08 - 00098816 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32api.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00110080 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\pywintypes27.dll
2015-02-25 10:08 - 2015-02-25 10:08 - 00364544 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\pythoncom27.dll
2015-02-25 10:08 - 2015-02-25 10:08 - 00045568 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\_socket.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 01160704 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\_ssl.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00320512 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32com.shell.shell.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00713216 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\_hashlib.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 01175040 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._core_.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00805888 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._gdi_.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00811008 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._windows_.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 01062400 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._controls_.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00735232 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._misc_.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00557056 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\pysqlite2._sqlite.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00128512 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\_elementtree.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00127488 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\pyexpat.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00087552 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\_ctypes.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00119808 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32file.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00108544 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32security.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00007168 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\hashobjs_ext.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00167936 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32gui.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00018432 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32event.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00038912 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32inet.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00011264 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32crypt.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00070656 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._html2.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00027136 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\_multiprocessing.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00035840 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32process.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00686080 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\unicodedata.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00122368 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._wizard.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00024064 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32pipe.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00025600 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32pdh.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00525640 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\windows._lib_cacheinvalidation.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00010240 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\select.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00017408 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32profile.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00022528 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\win32ts.pyd
2015-02-25 10:08 - 2015-02-25 10:08 - 00078336 ____C () C:\Users\Bridget\AppData\Local\Temp\_MEI26522\wx._animate.pyd
2015-01-07 21:27 - 2015-01-07 21:27 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-01-29 11:57 - 2015-01-29 11:57 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-02-15 20:07 - 2015-02-15 20:07 - 01020928 ____C () C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bridget\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IceDragonUpdater => 2
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: pcregservice => 2
MSCONFIG\Services: SearchProtectionService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TosCoSrv => 2
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3
MSCONFIG\Services: TPCHSrv => 3
MSCONFIG\Services: wbsvc => 2
MSCONFIG\Services: YahooAUService => 2

==================== Accounts: =============================

Administrator (S-1-5-21-1494171341-1486453739-2533022584-500 - Administrator - Disabled)
Bridget (S-1-5-21-1494171341-1486453739-2533022584-1001 - Administrator - Enabled) => C:\Users\Bridget
Guest (S-1-5-21-1494171341-1486453739-2533022584-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1494171341-1486453739-2533022584-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2015 01:41:58 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/24/2015 11:48:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/24/2015 08:12:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/24/2015 08:12:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/24/2015 00:36:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (02/25/2015 10:08:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SRTSP

Error: (02/25/2015 10:08:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (02/25/2015 10:07:48 AM) (Source: SRTSP) (EventID: 5) (User: )
Description: Error loading Symantec real time Anti-Virus driver.

Error: (02/25/2015 10:07:48 AM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.

Error: (02/25/2015 03:16:51 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (02/25/2015 03:16:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SRTSP

Error: (02/25/2015 03:16:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (02/25/2015 03:16:07 AM) (Source: SRTSP) (EventID: 5) (User: )
Description: Error loading Symantec real time Anti-Virus driver.

Error: (02/25/2015 03:16:07 AM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.

Error: (02/25/2015 00:27:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SRTSP


Microsoft Office Sessions:
=========================
Error: (02/25/2015 01:41:58 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (02/24/2015 11:48:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (02/24/2015 08:12:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bridget\Downloads\esetsmartinstaller_enu.exe

Error: (02/24/2015 08:12:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bridget\Downloads\esetsmartinstaller_enu.exe

Error: (02/24/2015 00:36:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8


==================== Memory info ===========================

Processor: AMD Athlon™ II P340 Dual-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 3835.68 MB
Available physical RAM: 2050.82 MB
Total Pagefile: 7669.55 MB
Available Pagefile: 5546.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (TI105955W0C) (Fixed) (Total:285.75 GB) (Free:64.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: FF592F49)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.9 GB) - (Type=17)

==================== End Of Log ============================


  • 0

#43
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

 Results of screen317's Security Check version 0.99.97  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 17  
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Adobe Reader XI  
 Mozilla Firefox 35.0.1 Firefox out of Date!  
 Google Chrome (40.0.2214.115)
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 


  • 0

#44
Jeremy7777

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

befor this is all over id like to get your advice on a few things if possible regaurding care and maintnance. also im pretty sure ive got some duplicate files, mainly photos that i know of because i used to just import photos through windows from my ipad and iphone but now ive recently signed up for google drive, drop box, and icloud drive on my pc. so its a bit confusing. i basickly want all my photos organized either in clouds or ext hardrive. Ext HD for super important photos and cloud for temp photos, edits, unfinished work etc.anyways sorry dont mean to sidetrack and if its ok to touch on those subjects before we finish that would be great. :spoton:


  • 0

#45
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, Jeremy7777.

Unfortunately, I can't help you with that file sorting. I only provide Anti-Malware support here and know nothing about clouds or others that you've mentioned.
You could try posting a topic in the applications part of the forum. Perhaps someone could help you with that there :)

We're almost done.

Step #1
FRST Fix
  • Download attached fixlist.txt file to your desktop.
    Attached File  fixlist.txt   382bytes   102 downloads
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Right click FRST64.exe on your desktop and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Press the Fix button just once and wait.
    NOTE: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished, FRST will generate a log on the desktop (Fixlog.txt). Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
 
Step #2
Updating programs

Your Java version is too old. Keeping Java updated is very important.
  • WARNING!: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java.
    Read this article.
    I would recommend that you completely uninstall Java unless you need it to run an important software.
    In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)
If you still want to keep Java
  • Click the Start button
  • Click Control Panel
  • Double Click Java - Looks like a coffee cup. You may have to switch to Large icons view on the upper right of the Control Panel to see it.
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed
  • Warning!: Make sure to uncheck Optional offer box when downloading Java or you will install an adware on your computer.
 
Your Firefox is outdated. It is important to keep browsers updated as it decreases the chance of being infected in the future.

To update Firefox:
  • Click the menu button 2014-01-10-13-08-08-f52b8c.png, click help 2014-01-10-13-10-08-eaa722.png and select About Firefox.
  • The About Firefox window will open and Firefox will begin checking for updates and downloading them automatically.
  • When the updates are ready to be installed, click Restart Firefox to Update.
 

Total Fragmentation on Drive C: 15%

If you don't have a Solid State Drive (SSD), you may should consider a defragmentation.
You can find the appropriate instructions here.

 
Things that should appear in your next post:
  • Fixlog.txt log content
  • Please tell me if you have successfully updated Java and Firefox

  • 0






Similar Topics


Also tagged with one or more of these keywords: Virus, malware, registry errors, duplicate file, overall help

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP