Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cant download from my adminstrator account [Closed]


  • This topic is locked This topic is locked

#1
latondya88

latondya88

    New Member

  • Member
  • Pip
  • 1 posts

my sister used my laptop yesterday to add music to her mp3 player, before that everything was fine. I believe she was downloading music from youtube. however today, I cannot download a simple picture, or video. and in the download log it just says "can not be downloaded" with no explanation. I had to download the farbar from a different account on my laptop and save it to public files. people have said for me to just delete and add a new administrator account, and id prefer not to do that. seeing how I know this will just be a re-occurring problem in the future. any help is grateful.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by LaTondya (administrator) on BABYGURL-LP on 18-04-2015 13:07:48
Running from C:\Users\Public\Documents
Loaded Profiles: LaTondya & Blanca & Bella (Available profiles: [bleep] & LaTondya & Blanca & Bella & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BitTorrent Inc.) C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\uTorrent\uTorrent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwjd.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwjd.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [368640 2010-01-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1334912 2015-03-04] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] ()
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Freecorder FLV Service] => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
HKLM-x32\...\Run: [Babylon Client] => C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe [3589712 2013-02-26] (Babylon Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
HKLM-x32\...\Run: [ShopAtHomeUpdater] => C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/w...QtRjEwTTEwRCsyL (the data entry has 100 more characters).
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Run: [iLivid] => "C:\Users\LaTondya.BabyGurl-LP\AppData\Local\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Run: [Locdrv32] => rundll32.exe "C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Locdrv32\Locdrv32.dll",sens2Music eTracespl <===== ATTENTION
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Run: [uTorrent] => C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\uTorrent\uTorrent.exe [1267024 2014-05-26] (BitTorrent Inc.)
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Run: [TornTv Downloader] => C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts)
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\MountPoints2: {1a579d51-6111-11df-808d-806e6f6e6963} - D:\Autorun.exe
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\MountPoints2: {f66afc33-d4be-11e3-83cc-a4badbba932d} - G:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B03 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume3\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\snpmxng\sxuopeb\wow.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\...\MountPoints2: {1a579d51-6111-11df-808d-806e6f6e6963} - D:\Autorun.exe
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\...\MountPoints2: {dc2b05f7-ae1e-11e4-b407-a4badbba932d} - F:\windows\AutoRun.exe
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\...\MountPoints2: {f66afc33-d4be-11e3-83cc-a4badbba932d} - G:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B03 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HPMonitor.exe.lnk
ShortcutTarget: HPMonitor.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite\hpMonitor.exe (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpwjd.exe.lnk
ShortcutTarget: hpwjd.exe.lnk -> C:\ProgramData\HP Mouse Suite Config\hpwjd.exe (Hewlett-Packard )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpwmsd.exe.lnk
ShortcutTarget: hpwmsd.exe.lnk -> C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe (Hewlett-Packard )
Startup: C:\Users\Blanca & Bella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
ShortcutTarget: LimeWire On Startup.lnk -> C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
Startup: C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
ShortcutTarget: IMVU.lnk -> C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)
Startup: C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
ShortcutTarget: IMVU.lnk -> C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (No File)
Startup: C:\Users\taby & tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\taby & tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
ShortcutTarget: LimeWire On Startup.lnk -> C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4206780712-3926510040-12088971-1005\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-4206780712-3926510040-12088971-1010\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
URLSearchHook: HKLM-x32 - Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3194A3C1-75EF-4F06-8254-E9D8E1FE1A05} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {4C89BB72-2B54-43C4-A747-E50A4939F312} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {23BBF01E-AA85-4DAE-BA4E-30FB1476ED81} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebs...or={searchTerms}
SearchScopes: HKLM-x32 -> {8D7BCC95-4B3A-4597-B533-7B32EBE22488} URL = http://www.searchcan...&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT1060933
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.sea...&cc=US&unqvl=45
SearchScopes: HKLM-x32 -> {d3f22a84-2a84-49eb-91e6-5dadaaf0165d} URL = http://search.tb.ask...or={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> {2BC0244D-36CD-43DA-853F-BC2848D8155C} URL = https://search.yahoo...rtPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> {3194A3C1-75EF-4F06-8254-E9D8E1FE1A05} URL =
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1011 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-4206780712-3926510040-12088971-1011 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: No Name -> {27a220b7-bb43-4faf-b27b-f803d18eea28} ->  No File
BHO-x32: Softonic-Eng7 Toolbar -> {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} -> C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll [2010-06-03] (Conduit Ltd.)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO-x32: YoutubeMP3ConverterBHO Class -> {6F0B6B9B-6342-4E2F-ABF5-C40B94320622} -> C:\Program Files (x86)\YoutubeMP3Converter\ytflvtomp3.dll [2011-09-01] ([email protected])
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: getsav-in 5.0 -> {9133AA62-14E2-45B3-8AD9-DC08A3520492} -> C:\Users\LaTondya\AppData\Local\getsav-in\ie\getsav-in_1373060702.dll No File
BHO-x32: Babylon IE plugin -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} -> C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2013-02-26] (Babylon Ltd.)
BHO-x32: No Name -> {9D425283-D487-4337-BAB6-AB8354A81457} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09] (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll [2010-06-03] (Conduit Ltd.)
Toolbar: HKLM-x32 - No Name - {9D425283-D487-4337-BAB6-AB8354A81457} -  No File
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} -  No File
Toolbar: HKU\S-1-5-21-4206780712-3926510040-12088971-1010 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-4206780712-3926510040-12088971-1011 -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} -  No File
DPF: HKLM-x32 {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.3.cab
DPF: HKLM-x32 {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab
DPF: HKLM-x32 {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/d...lugin_0.5.1.cab
Hosts: 127.0.0.1   d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{1ECB52D7-6ECB-4CC9-84F4-1E2B63E4FF63}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{76949DA4-6FE2-49BB-82C0-A4C3A750FFB4}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{9A93C9EF-E81A-4F70-BCD2-838DA68363C1}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{AECA65FA-A5A5-4DFB-9258-FC981FA8F37E}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{C34B226C-4446-4617-9B03-9F346258C16C}: [NameServer] 208.69.150.250,208.69.150.252

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @gentek.com/thinclient -> C:\IGG\twclient_us\npthinclient.dll [2012-09-18] (Generic Network)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-4206780712-3926510040-12088971-1011: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Blanca & Bella\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-22] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.659.0\firefox\extensions
FF Extension: ClickPotatoLite Component - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.659.0\firefox\extensions [2011-02-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\[email protected]
FF Extension: Babylon Translation Activation - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\[email protected] [2013-04-11]
StartMenuInternet: FIREFOX.EXE - C:\Users\taby & tiger\AppData\Local\wqe.exe -a C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.19.2.5_0\plugins/ConduitChromeApiPlugin.dll (Conduit)
CHR Plugin: (Conduit Radio Plugin) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.19.2.5_0\plugins/np-cwmp.dll (Conduit)
CHR Plugin: (Conduit Chrome Approve TB Plugin) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.19.2.5_0\plugins/ChromeApproveTBPlugin.dll (Conduit)
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.19.2.5_0\search/plugins/npConduitNewTabPlugin.dll (Conduit Ltd.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Thinclient) - C:\IGG\twclient_us\npthinclient.dll (Generic Network)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\NP5aStub.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-10]
CHR Extension: (Google Drive) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-10]
CHR Extension: (greiatsAver) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfalnkpopgglemdpfjfffajfkjdbhkaa [2014-01-11]
CHR Extension: (YouTube) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-10]
CHR Extension: (SNT) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cclgjbbjhhgmnkdgbnjlaodefmcdilkn [2014-01-11]
CHR Extension: (GreatSaver) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgplokkdpdcomkhneebomolempgcmnhe [2014-01-11]
CHR Extension: (Google Search) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-10]
CHR Extension: (Babylon Translator) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2013-09-10]
CHR Extension: (SNT) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmimebhheiphkmkbknlkadgkbagdbedo [2014-01-11]
CHR Extension: (SNT) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpafmnadaefofbchcjbdpppimoigolcc [2014-01-11]
CHR Extension: (ebeenikkcpgaekfgbnflbaaihalfifkk) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebeenikkcpgaekfgbnflbaaihalfifkk [2014-10-16]
CHR Extension: (SNT) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efdndcabolagcbmaifdjidbcepllmobd [2014-01-11]
CHR Extension: (grEatsaverr) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fackjiognabojlmgochcgcjhmhakanep [2014-01-11]
CHR Extension: (Save Best) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2014-01-11]
CHR Extension: (gecgipfabdickgidpmbicneamekgbaej) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2014-10-16]
CHR Extension: (YTBookMarrk) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\giabaeiibgbpegcfnfminbkaepfacphm [2014-01-11]
CHR Extension: (graeaTsaVer) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmheoknenicchoefacdikhepkibdinol [2014-01-11]
CHR Extension: (WhiteSmoke New) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi [2013-09-11]
CHR Extension: (No Name) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim [2013-09-15]
CHR Extension: (Isaveero) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nljmeiphajcekhdikgbaooakapocfidc [2014-03-06]
CHR Extension: (Chrome In-App Payments service) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
CHR Extension: (YoutubeAdblocker) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnhclmcfedjlcgonhbjefpmacbmcphno [2014-01-11]
CHR Extension: (No Name) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\oopdmcnionefjjnmchkiimificckpkif [2013-12-25]
CHR Extension: (No Name) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcnejclmmchoalpmbkapikeclpkhipml [2014-02-03]
CHR Extension: (Gmail) - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-10]
CHR HKU\S-1-5-21-4206780712-3926510040-12088971-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-09-08]
CHR HKU\S-1-5-21-4206780712-3926510040-12088971-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2013-09-08]
CHR HKU\S-1-5-21-4206780712-3926510040-12088971-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oopdmcnionefjjnmchkiimificckpkif] - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\CRE\oopdmcnionefjjnmchkiimificckpkif.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2013-04-11]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [kincjchfokkeneeofpeefomkikfkiedl] - C:\Program Files (x86)\Object\chromeaddon.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-09-08]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2013-09-08]
CHR HKLM-x32\...\Chrome\Extension: [ocphobfcfafpclibolpjdafgaffkaoci] - C:\Program Files (x86)\Browser Plugin\gplplugin.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oopdmcnionefjjnmchkiimificckpkif] - C:\Users\LaTondya.BabyGurl-LP\AppData\Local\CRE\oopdmcnionefjjnmchkiimificckpkif.crx [2013-12-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23776 2015-03-04] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366504 2015-03-04] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [70824 2007-08-27] (Broadcom Corporation.)
S3 ghsandroid; C:\Windows\System32\Drivers\ghsandroid.sys [38424 2011-03-30] (Google Inc)
S3 ghsdiagMDM; C:\Windows\System32\DRIVERS\ghsdiagMDM.sys [122496 2011-11-28] (HS Incorporated)
S3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [15360 2010-02-04] (Windows ® Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R1 MpKsla0bda50c; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8FD88BEC-FD51-47CA-A46A-8144FC0ACB9F}\MpKsla0bda50c.sys [45352 2015-04-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-11-18] () [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
U3 a5l7ua7n; C:\Windows\System32\Drivers\a5l7ua7n.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S1 bfhnthfp; \??\C:\Windows\system32\drivers\bfhnthfp.sys [X]
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwhid; system32\DRIVERS\btwhid.sys [X]
S3 btwmodem; system32\DRIVERS\btwmodem.sys [X]
S1 dpnnuydj; \??\C:\Windows\system32\drivers\dpnnuydj.sys [X]
S1 givctqds; \??\C:\Windows\system32\drivers\givctqds.sys [X]
S1 kcjxvrso; \??\C:\Windows\system32\drivers\kcjxvrso.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-18 13:07 - 2015-04-18 13:08 - 00037747 _____ () C:\Users\Public\Documents\FRST.txt
2015-04-18 13:00 - 2015-04-18 13:07 - 00000000 ____D () C:\FRST
2015-04-18 13:00 - 2015-04-18 13:00 - 02098176 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2015-04-18 12:26 - 2015-04-18 12:26 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-16 10:25 - 2015-04-18 02:46 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-11 03:31 - 2015-04-18 02:47 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-11 03:31 - 2015-04-11 03:31 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-10 14:34 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-10 14:34 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-10 14:34 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-10 14:34 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-04-10 11:55 - 2015-02-20 00:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-10 11:55 - 2015-02-20 00:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-10 11:55 - 2015-02-20 00:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-10 11:55 - 2015-02-20 00:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-10 11:55 - 2015-02-20 00:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-10 11:55 - 2015-02-20 00:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-10 11:55 - 2015-02-20 00:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-10 11:55 - 2015-02-20 00:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-10 11:55 - 2015-02-19 23:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-10 11:55 - 2015-02-19 23:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-10 11:44 - 2015-01-08 19:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-10 11:44 - 2015-01-08 19:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-10 11:34 - 2015-02-23 23:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-10 11:34 - 2015-02-23 22:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-10 11:34 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-10 11:34 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-10 11:34 - 2015-02-20 20:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-10 11:34 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-10 11:34 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-10 11:34 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-10 11:34 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-10 11:34 - 2015-02-19 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-10 11:34 - 2015-02-19 23:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-10 11:34 - 2015-02-19 22:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-10 11:34 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-10 11:34 - 2015-02-19 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-10 11:34 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-10 11:34 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-10 11:34 - 2015-02-19 22:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-10 11:34 - 2015-02-19 22:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-10 11:34 - 2015-02-19 22:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-10 11:34 - 2015-02-19 22:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-10 11:34 - 2015-02-19 22:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-10 11:34 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-10 11:34 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-10 11:34 - 2015-02-19 22:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-10 11:34 - 2015-02-19 22:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-10 11:34 - 2015-02-19 22:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-10 11:34 - 2015-02-19 22:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-10 11:34 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-10 11:34 - 2015-02-19 22:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-10 11:34 - 2015-02-19 22:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-10 11:34 - 2015-02-19 22:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-10 11:34 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-10 11:34 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-10 11:34 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-10 11:34 - 2015-02-19 22:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-10 11:34 - 2015-02-19 22:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-10 11:34 - 2015-02-19 21:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-10 11:34 - 2015-02-19 21:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-10 11:34 - 2015-02-19 21:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-10 11:34 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-10 11:34 - 2015-02-19 21:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-10 11:34 - 2015-02-19 21:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-10 11:34 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-10 11:34 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-10 11:34 - 2015-02-19 21:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-10 11:34 - 2015-02-19 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-10 11:34 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-10 11:34 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-10 11:34 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-10 11:34 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-10 11:34 - 2015-02-19 21:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-10 11:34 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-10 11:34 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-10 11:34 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-10 11:34 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-10 11:34 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-10 11:33 - 2015-02-02 23:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-10 11:33 - 2015-02-02 23:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-04-10 11:33 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-10 11:33 - 2015-02-02 23:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-04-10 11:33 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-10 11:33 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-10 11:33 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-10 11:33 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-10 11:33 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-10 11:33 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-10 11:33 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-10 11:33 - 2015-02-02 23:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-10 11:33 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-10 11:33 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-10 11:33 - 2015-02-02 23:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-10 11:33 - 2015-02-02 23:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-10 11:33 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-10 11:33 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-04-10 11:33 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-04-10 11:33 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-04-10 11:33 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-04-10 11:33 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-04-10 11:33 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-04-10 11:33 - 2015-02-02 23:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-10 11:33 - 2015-02-02 22:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-10 11:33 - 2014-10-31 18:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-10 11:33 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-10 11:33 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-10 11:28 - 2015-04-10 11:28 - 00000000 ____D () C:\Windows\TempE280FEC1-5A1C-D8E8-B31E-0C9233287F25-Signatures
2015-04-10 11:19 - 2015-03-06 01:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-10 11:19 - 2015-03-06 01:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-10 11:19 - 2015-03-06 01:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-10 11:19 - 2015-03-06 01:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-10 11:19 - 2015-03-06 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-10 11:19 - 2015-03-06 01:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-10 11:19 - 2015-03-06 01:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-10 11:19 - 2015-03-06 01:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-10 11:19 - 2015-03-06 01:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-10 11:19 - 2015-03-06 01:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-10 11:19 - 2015-03-06 01:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-10 11:19 - 2015-03-06 01:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-10 11:19 - 2015-03-06 01:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-10 11:19 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-10 11:18 - 2015-03-06 01:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-10 11:18 - 2015-03-06 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-10 11:18 - 2015-03-06 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-10 11:18 - 2015-03-06 01:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-10 11:18 - 2015-03-06 01:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-10 11:18 - 2015-03-06 01:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-10 11:18 - 2015-03-06 01:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-10 11:18 - 2015-03-06 01:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-10 11:18 - 2015-03-06 01:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-10 11:18 - 2015-03-06 01:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-10 11:18 - 2015-03-06 01:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-10 11:16 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-10 11:16 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-10 11:15 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-10 11:15 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-10 11:14 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-09 20:48 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-09 20:48 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-09 20:31 - 2015-04-09 20:31 - 00000000 ____D () C:\Windows\Temp64712C9D-470F-699A-3543-E43302A776FF-Signatures
2015-04-09 20:25 - 2015-01-08 23:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-09 20:25 - 2015-01-08 23:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-09 20:25 - 2015-01-08 23:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-09 20:25 - 2015-01-08 22:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-18 13:08 - 2013-08-02 17:10 - 00000000 ____D () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\uTorrent
2015-04-18 12:57 - 2013-09-10 00:56 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-18 12:57 - 2013-03-22 16:05 - 00000000 ____D () C:\ProgramData\Babylon
2015-04-18 12:52 - 2013-03-23 00:46 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4206780712-3926510040-12088971-1008UA.job
2015-04-18 12:44 - 2013-09-10 00:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 12:38 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:38 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 12:23 - 2013-09-10 00:56 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-18 12:17 - 2013-08-03 00:46 - 00000000 ____D () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\vlc
2015-04-18 12:12 - 2014-01-15 12:58 - 00000000 ____D () C:\Users\Blanca & Bella
2015-04-18 12:00 - 2009-07-14 01:10 - 02006026 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 02:57 - 2009-07-14 01:13 - 00006222 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-18 02:54 - 2014-10-25 18:48 - 00000000 ____D () C:\ProgramData\Origin
2015-04-18 02:54 - 2013-08-01 21:06 - 00000000 ____D () C:\Users\LaTondya.BabyGurl-LP\AppData\Local\SoftThinks
2015-04-18 02:51 - 2013-11-06 22:46 - 00035906 _____ () C:\Windows\setupact.log
2015-04-18 02:51 - 2013-08-01 21:06 - 00000000 ____D () C:\Users\LaTondya.BabyGurl-LP
2015-04-18 02:51 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-18 02:50 - 2014-09-02 14:30 - 00000000 ____D () C:\Program Files\iTunes
2015-04-18 02:50 - 2011-04-01 21:36 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-04-18 02:48 - 2015-01-08 18:23 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-18 02:48 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-18 02:48 - 2013-03-10 21:36 - 00000000 ____D () C:\Users\LaTondya
2015-04-18 02:48 - 2011-04-01 20:25 - 00000000 ____D () C:\Users\[bleep]
2015-04-18 02:48 - 2010-07-27 15:40 - 00000000 ____D () C:\Users\Guest
2015-04-18 02:47 - 2014-05-15 17:49 - 00000000 ____D () C:\Windows\rescache
2015-04-18 02:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-18 02:46 - 2014-09-02 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-18 02:46 - 2014-09-02 14:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-04-18 02:46 - 2014-09-02 14:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-18 02:46 - 2013-07-02 19:13 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-18 02:46 - 2013-03-23 22:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-04-18 02:46 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-18 02:45 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-04-18 02:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-18 02:33 - 2014-09-02 14:30 - 00000000 ____D () C:\Program Files\iPod
2015-04-18 02:33 - 2013-07-13 19:14 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-15 11:50 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-14 22:46 - 2013-09-10 00:56 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 22:46 - 2013-09-10 00:56 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 22:46 - 2013-09-10 00:56 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 00:53 - 2013-03-23 00:46 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4206780712-3926510040-12088971-1008Core.job
2015-04-11 03:35 - 2009-07-14 00:45 - 00341704 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-11 03:31 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-11 03:31 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-11 03:05 - 2013-03-23 22:44 - 00002076 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials Prerelease.lnk
2015-04-11 03:05 - 2011-01-26 02:56 - 00002176 _____ () C:\Windows\epplauncher.mif
2015-04-10 16:19 - 2014-01-30 19:47 - 00000000 ____D () C:\ProgramData\WaTTchIttAddBlocKe
2015-04-10 16:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2015-04-10 14:01 - 2014-11-12 18:17 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-10 11:45 - 2010-05-16 11:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-09 19:46 - 2015-01-13 00:05 - 00000000 ____D () C:\Users\LaTondya.BabyGurl-LP\AppData\Local\39DE7F5A-E00E-604B-9BB9-6CB8E4D7446D

==================== Files in the root of some directories =======

2010-07-18 21:15 - 2002-07-26 18:02 - 0153088 ____N () C:\Program Files (x86)\UNWISE.EXE
2014-04-23 10:09 - 2014-04-23 10:09 - 0000288 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\.backup.dm
2014-09-28 14:57 - 2014-09-28 14:57 - 1927064 _____ (CinemaHDTube PlusV28.09) C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\FRJBVR.exe
2014-09-28 14:53 - 2014-09-28 14:53 - 1479080 _____ (esc) C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\GSEV.exe
2013-11-06 16:14 - 2014-02-03 12:14 - 0099384 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\inst.exe
2014-03-12 22:54 - 2014-03-12 22:54 - 1632256 _____ (Microsoft Corporation) C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\jzgknh.dll
2014-01-11 22:50 - 2014-01-11 23:16 - 0124698 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\LiveSupport.exe_log.txt
2014-09-28 14:53 - 2014-09-28 14:53 - 1927080 _____ (esc) C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\LVPMCYHJ.exe
2013-11-06 16:14 - 2014-02-03 12:14 - 0007859 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\pcouffin.cat
2013-11-06 16:14 - 2014-02-03 12:14 - 0001167 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\pcouffin.inf
2013-11-06 16:14 - 2014-02-03 12:29 - 0000033 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\pcouffin.log
2013-11-06 16:14 - 2014-02-03 12:14 - 0082816 _____ (VSO Software) C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\pcouffin.sys
2014-01-11 22:50 - 2014-01-11 22:55 - 0000092 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\regsvr32.exe_log.txt
2014-09-28 14:58 - 2014-09-28 14:58 - 1479064 _____ (CinemaHDTube PlusV28.09) C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\TK.exe
2014-02-03 12:42 - 2014-02-03 13:06 - 0001057 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\vso_ts_preview.xml
2013-08-01 22:40 - 2014-04-11 21:47 - 0000510 _____ () C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\wklnhst.dat
2013-07-13 08:08 - 2013-07-13 08:08 - 2019282 _____ () C:\ProgramData\2433f433
2011-04-01 20:02 - 2011-04-01 20:09 - 0013012 ___SH () C:\ProgramData\584h2ryd3gr
2011-04-01 00:59 - 2011-04-01 02:47 - 0012294 ___SH () C:\ProgramData\7a3d8u8784tdd04w7i4a1pj

Some content of TEMP:
====================
C:\Users\[bleep]\AppData\Local\Temp\aatcrav-.dll
C:\Users\[bleep]\AppData\Local\Temp\dp5pcnre.dll
C:\Users\[bleep]\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\[bleep]\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\[bleep]\AppData\Local\Temp\notepad.exe
C:\Users\[bleep]\AppData\Local\Temp\{17446DD2-8767-45D6-B206-01279B0CBB16}-chrome_installer.exe
C:\Users\LaTondya\AppData\Local\Temp\17B_FPPSetup.exe
C:\Users\LaTondya\AppData\Local\Temp\2systemchk.exe
C:\Users\LaTondya\AppData\Local\Temp\air18C.exe
C:\Users\LaTondya\AppData\Local\Temp\air6713.exe
C:\Users\LaTondya\AppData\Local\Temp\GUninstaller.exe
C:\Users\LaTondya\AppData\Local\Temp\iggweb3dplayer_1_0_0_38.exe
C:\Users\LaTondya\AppData\Local\Temp\instloffer.exe
C:\Users\LaTondya\AppData\Local\Temp\lowproc.exe
C:\Users\LaTondya\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\LaTondya\AppData\Local\Temp\mism.exe
C:\Users\LaTondya\AppData\Local\Temp\nscAFF1.exe
C:\Users\LaTondya\AppData\Local\Temp\nshBD79.exe
C:\Users\LaTondya\AppData\Local\Temp\nsuAC09.exe
C:\Users\LaTondya\AppData\Local\Temp\oi_{AD940DE3-85D6-4270-9D80-9035B9CEE641}.exe
C:\Users\LaTondya\AppData\Local\Temp\RealPlayer_20130122.exe
C:\Users\LaTondya\AppData\Local\Temp\SearchHelper.exe
C:\Users\LaTondya\AppData\Local\Temp\SPStub.exe
C:\Users\LaTondya\AppData\Local\Temp\stubhelper.dll
C:\Users\LaTondya\AppData\Local\Temp\uninst1.exe
C:\Users\LaTondya\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\LaTondya\AppData\Local\Temp\uninstbb.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\1911743A-83B6-CDA3-1635-F1E85EFE5EFF.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\729670C5-FDBB-C3E5-2E10-63BEA8249F2F.dll
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\729670C5-FDBB-C3E5-2E10-63BEA8249F2F.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\dlLogic.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\dltr.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\GCVerifier.dll
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\Runner.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\SCC.dll
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\verifier.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\vlc-2.2.1-win32.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-15 15:39

==================== End Of Log ============================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2015 01
Ran by LaTondya at 2015-04-18 13:09:21
Running from C:\Users\Public\Documents
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4206780712-3926510040-12088971-1010\...\uTorrent) (Version: 3.4.1.31417 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Babylon (HKLM-x32\...\Babylon) (Version:  - Babylon)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3184 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
ConvertXtoDVD 2.2.3.258 (HKLM-x32\...\{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1) (Version: 2.2.3.258 - VSO-Software SARL)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.41 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.45 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version:  - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1102.115.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
HP Mouse Suite (HKLM-x32\...\{213FF60A-9899-4145-8428-D144778BE117}) (Version: 1.1.2 - Hewlett-Packard)
Idle Crawler (HKLM-x32\...\39DE7F5A-E00E-604B-9BB9-6CB8E4D7446D) (Version: 125.0.0.472 - EUROHAUTE LTD) <==== ATTENTION
InstallVC90Support (x32 Version: 1.01.0000 - Novatel Wireless) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java™ 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{67635FB6-2F63-4FFB-830B-D4C01597EBA4}) (Version: 1.2.1 - DELL)
Microsoft Security Essentials Prerelease (HKLM\...\Microsoft Security Client) (Version: 4.8.201.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Softonic-Eng7 Toolbar (HKLM-x32\...\Softonic-Eng7 Toolbar) (Version: 5.7.1.1 - Softonic-Eng7) <==== ATTENTION
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Unity Web Player (HKU\S-1-5-21-4206780712-3926510040-12088971-1011\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WaTTchIttAddBlocKe (HKLM-x32\...\{E599C983-3397-8338-16C0-A5C5B8C7D1FE}) (Version:  - WWaTchItAdBlocke) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Youtube MP3 Converter IE Plugin 1.0 (remove only) (HKLM-x32\...\YoutubeMP3Converter) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4206780712-3926510040-12088971-1010_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> \\?\globalroot\Device\HarddiskVolume3\Users\LaTondya.BabyGurl-LP\AppData\Local\Temp\snpmxng\sxuopeb\wow.dll ()

==================== Restore Points  =========================

14-04-2015 22:43:51 Windows Update
15-04-2015 11:53:36 Windows Update
18-04-2015 02:13:26 Restore Operation
18-04-2015 03:38:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-05-07 18:07 - 00000867 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1   d3oxij66pru1i3.cloudfront.net

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B16C5D4-1D37-455A-92BC-0DAF7EFE10F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0ECAFA73-B9B3-4898-BBEE-8BEB2B13FD9A} - System32\Tasks\4391 => Wscript.exe C:\Users\me\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {1198C9F6-561B-4F51-8B2A-575415C9B2B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {12DBA28B-3E9A-4AF9-80AF-CAE8B4BFAF65} - System32\Tasks\{9A98A7C7-F477-465A-B14C-2BE79A42915B} => pcalua.exe -a C:\Users\BabyGurl\Desktop\Softonic-English.exe -d C:\Users\BabyGurl\Desktop
Task: {13AAC62F-4294-4BBD-88A4-EDBDA3813824} - System32\Tasks\4973 => Wscript.exe C:\Users\BabyGurl\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {146A0FBE-1CDA-4A7D-AE99-EE3213131CAF} - System32\Tasks\{676D5F65-3DD5-41F2-8513-75E8B7F8BC06} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
Task: {2009E915-E9A9-4A38-96DE-F1DF038CE789} - System32\Tasks\{0378A7B4-BDD5-44DF-BFCD-548C16912FCF} => pcalua.exe -a "C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|15.0
Task: {291A5395-0957-4649-AA99-696DAB03E7B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {2CAE3923-2368-45B0-BCCC-56947E9E2E50} - System32\Tasks\{2778C60B-6E1F-4232-8A73-972C7ABC9098} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {2CCF675C-2E80-4971-8E74-D705E2F63576} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {30B8C5F6-CEFE-44F1-9F2A-BBC9EED21A15} - System32\Tasks\{9734508A-0AFD-4E8A-B6E6-216561122946} => pcalua.exe -a "C:\Program Files (x86)\VSO\pcsetup\PcSetup.exe" -d "C:\Program Files (x86)\VSO\ConvertX\5\.." -c /install /deletecpl "Install and please reboot once finished..."
Task: {31306D95-1E08-4CDE-B4F5-7F39A3F72AF6} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {35128DD9-BCB4-4990-BAF2-800EE476CEE4} - System32\Tasks\{8714B27D-AA7F-4735-B7CF-3234CD264EED} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {3B184025-1A37-414E-9906-9B758AE5A297} - System32\Tasks\{E78BC066-61F7-4D13-A101-B82B48BD47F0} => pcalua.exe -a D:\drvinstall.exe -d D:\
Task: {401FC4EC-7F3D-4E65-BEC9-D0688FDB84F8} - System32\Tasks\{DA6E3B00-ADE8-4936-8D4E-A9D2CD55C53A} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Task: {58588FDB-6FC4-4984-8EF7-DE062BB1B6C2} - System32\Tasks\4977 => Wscript.exe C:\Users\LaTondya\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {5B9CFDF4-2997-49D3-A510-D4D4D0342AED} - System32\Tasks\{9A9DC21B-8ADA-4417-A478-9828F3C5D231} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {677A23CB-250E-4AA7-B531-BB520F01E812} - System32\Tasks\{BB19EF1B-6920-4A9D-ABE7-AD89F54578AD} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {677A9D8B-EA0E-4B01-AC63-05374880293F} - System32\Tasks\4782 => Wscript.exe C:\Users\TABY&amp;T~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {75C3D4B2-9021-48CA-A60B-780347E5D725} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4206780712-3926510040-12088971-1008Core => C:\Users\LaTondya\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-23] (Facebook Inc.)
Task: {85F31EF4-006D-49CA-8002-57559A9A3B2D} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\LaTondya.BabyGurl-LP\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {8829A187-A2E2-4EDF-9FA9-99FB08E76599} - System32\Tasks\{91A45A2E-5F72-48AC-903C-0A063BBC23B2} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {8AE6FCB5-EE60-4474-BAD0-4C901A675C82} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {9481C339-58EC-44C3-9174-9D2A585F1A91} - System32\Tasks\{0BF9C62A-A6CD-41ED-BE6C-95588253FF75} => pcalua.exe -a "C:\Program Files (x86)\VSO\ConvertXtoDVD\unins000.exe"
Task: {95CF0D04-1FED-492C-92DA-2327A7F9B7B5} - System32\Tasks\4777 => Wscript.exe C:\Users\Rabbit\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {9B9DE7BB-66AD-4013-959B-F99C2D4BD10E} - System32\Tasks\{19E558A7-183E-46CF-B234-6E6A5930EF6F} => pcalua.exe -a "C:\Remote Programs\Cake Mania\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=461050;name=Cake Mania;dir=C:\Remote Programs\Cake Mania\;prvid=143;cmdid=1;prvdir=Default
Task: {9C9A7F2B-AEFC-49A8-BBE2-66A7CAE2FE5B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4206780712-3926510040-12088971-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A777DA43-BE0D-4D05-84F5-CAFABCD7E997} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {A9EC0753-C511-404F-9BD2-D9A6435D38C4} - System32\Tasks\DCS9QBL1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {BE1CE09F-2C55-4732-A513-0EA07F4FCBF8} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\39DE7F5A-E00E-604B-9BB9-6CB8E4D7446D\Runner.exe
Task: {BEF1611C-B542-4A59-8265-0C3DFEDCCC43} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {BFBE8ED8-5394-4009-8711-DBCD18101D7A} - System32\Tasks\{F4DBABDC-48D1-4561-8D8B-9F642CFE92B3} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {C11DB060-CD6B-4136-8D5F-C0F1FD75681E} - System32\Tasks\{101A3FE9-68AE-4E5F-8C3F-7B08B21E1BE5} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe
Task: {CE122E46-8D89-41EC-A483-AB113AE8F4C9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4206780712-3926510040-12088971-1008UA => C:\Users\LaTondya\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-23] (Facebook Inc.)
Task: {D4880ED6-36B1-40B6-8007-B9AC62EEC064} - System32\Tasks\Runner IC => %LOCALAPPDATA%\39DE7F5A-E00E-604B-9BB9-6CB8E4D7446D\Runner.exe
Task: {D7D492A5-DC84-484E-B645-E79CDFD8A9D9} - System32\Tasks\{1F643696-38E1-4510-B6D4-1A9B888516AC} => pcalua.exe -a C:\ProgramData\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\setup.exe -c /x {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}
Task: {DF5C21D0-F62A-46BE-8D0E-974C06550CBE} - System32\Tasks\{075BB25D-0036-4FEC-B2DD-189553837966} => pcalua.exe -a C:\PROGRA~2\UNWISE.EXE -c   /U C:\PROGRA~2\INSTALL.LOG
Task: {F5ED9847-6079-44B6-B04D-06891C9947FD} - \Security Center Update - 2730793548 No Task File <==== ATTENTION
Task: {FA76FE0D-50B7-42A1-A2FC-FC61F205A986} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4206780712-3926510040-12088971-1008Core.job => C:\Users\LaTondya\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4206780712-3926510040-12088971-1008UA.job => C:\Users\LaTondya\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-05-16 11:41 - 2009-07-16 21:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2010-05-16 11:41 - 2009-07-16 21:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2010-05-16 11:51 - 2010-07-21 11:36 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2009-11-13 17:15 - 2009-11-13 17:15 - 01807600 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-10-18 20:09 - 2014-10-18 20:09 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\c29d8779b3a3599f44e21e017541cd0c\VistaBridgeLibrary.ni.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-05-16 11:51 - 2010-07-21 11:33 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-05-16 11:51 - 2010-07-21 11:33 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-05-16 11:51 - 2010-07-21 11:33 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-05-16 11:51 - 2010-07-21 11:33 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-05-16 11:51 - 2010-07-21 11:34 - 00079168 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-05-16 11:51 - 2010-07-21 11:33 - 00234816 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-05-16 11:51 - 2010-07-21 11:34 - 00075072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-05-16 11:51 - 2010-07-21 11:33 - 00111936 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-05-16 11:51 - 2010-07-21 11:33 - 00121152 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2014-11-12 18:23 - 2015-04-10 14:00 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-11-12 18:23 - 2015-04-10 13:59 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-11-12 18:23 - 2015-04-10 13:59 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-11-12 18:23 - 2015-04-10 13:59 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-11-12 18:23 - 2015-04-10 13:59 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-11-12 18:23 - 2015-04-10 13:59 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-11-12 18:23 - 2015-04-10 13:59 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-11-12 18:23 - 2015-04-10 13:59 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-11-12 18:23 - 2015-04-10 14:00 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2009-11-13 17:15 - 2009-11-13 17:15 - 00275696 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-11-13 17:15 - 2009-11-13 17:15 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-11-13 17:15 - 2009-11-13 17:15 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-11-13 17:15 - 2009-11-13 17:15 - 00152816 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-11-13 17:15 - 2009-11-13 17:15 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4206780712-3926510040-12088971-1010\Control Panel\Desktop\\Wallpaper -> C:\Users\LaTondya.BabyGurl-LP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4206780712-3926510040-12088971-1011\Control Panel\Desktop\\Wallpaper -> C:\Users\Blanca & Bella\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.69.150.250 - 208.69.150.252

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-4206780712-3926510040-12088971-500 - Administrator - Disabled)
Blanca & Bella (S-1-5-21-4206780712-3926510040-12088971-1011 - Limited - Enabled) => C:\Users\Blanca & Bella
[bleep] (S-1-5-21-4206780712-3926510040-12088971-1005 - Limited - Enabled) => C:\Users\[bleep]
Guest (S-1-5-21-4206780712-3926510040-12088971-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-4206780712-3926510040-12088971-1002 - Limited - Enabled)
LaTondya (S-1-5-21-4206780712-3926510040-12088971-1010 - Administrator - Enabled) => C:\Users\LaTondya.BabyGurl-LP

==================== Faulty Device Manager Devices =============

Name: MpKsl1fd2eb04
Description: MpKsl1fd2eb04
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl1fd2eb04
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/18/2015 00:42:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17689, time stamp: 0x54e6869b
Faulting module name: ieapfltr.dll, version: 11.0.9600.17689, time stamp: 0x54e687e5
Exception code: 0xc0000005
Fault offset: 0x000000000002f06b
Faulting process id: 0x15e4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/18/2015 00:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17689, time stamp: 0x54e6869b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1698
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/18/2015 00:38:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17689, time stamp: 0x54e6869b
Faulting module name: ieapfltr.dll, version: 11.0.9600.17689, time stamp: 0x54e687e5
Exception code: 0xc0000005
Fault offset: 0x000000000002f06b
Faulting process id: 0x11fc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/18/2015 00:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17689, time stamp: 0x54e6869b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x10e4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/18/2015 00:29:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17689, time stamp: 0x54e6869b
Faulting module name: ieapfltr.dll, version: 11.0.9600.17689, time stamp: 0x54e687e5
Exception code: 0xc0000005
Fault offset: 0x000000000002f06b
Faulting process id: 0x1624
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/18/2015 00:26:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17689, time stamp: 0x54e6869b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1274
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/18/2015 02:57:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (04/18/2015 02:57:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (04/18/2015 02:07:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17728, time stamp: 0x55024877
Faulting module name: ieapfltr.dll, version: 11.0.9600.17728, time stamp: 0x550249ca
Exception code: 0xc0000005
Fault offset: 0x000000000002f055
Faulting process id: 0xf08
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/18/2015 00:32:16 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

System errors:
=============
Error: (04/18/2015 03:58:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.195.3694.0).

Error: (04/18/2015 03:40:29 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.195.3694.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.8.0201.00

 Source Path: 4.8.0201.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (04/18/2015 03:40:21 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update the engine.

 New Engine Version:

 Previous Engine Version: 2.1.11005.0

 Engine Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Error Code: %NT AUTHORITY601

 Error description: %NT AUTHORITY602

Error: (04/18/2015 03:40:21 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 114.3.0.0

 Update Source: %NT AUTHORITY15

 Update Stage: 4.8.0201.00

 Source Path: 4.8.0201.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (04/18/2015 02:53:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/18/2015 02:52:06 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: [email protected]

Error: (04/18/2015 02:51:42 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: [email protected]

Error: (04/18/2015 02:51:22 AM) (Source: Microsoft Antimalware) (EventID: 2004) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

 Signatures Attempted: %24

 Error Code: 0x80070002

 Error description: The system cannot find the file specified.

 Signature version: 0.0.0.0;0.0.0.0

 Engine version: %600

Error: (04/18/2015 02:12:14 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: [email protected]

Error: (04/18/2015 00:59:10 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: [email protected]

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 67%
Total physical RAM: 3032.36 MB
Available physical RAM: 972.11 MB
Total Pagefile: 6062.91 MB
Available Pagefile: 3311.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:20.4 GB) NTFS
Drive d: (Sims3EP03) (CDROM) (Total:6.75 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 7144970A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 



- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

I'm reviewing your logs now.


  • 0

#3
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

OK, we have some work to do. It looks like this machine has been infected for quite some time. Please do the following.

 

Step#1 - Warnings

#1 - Critical Malware Found! - WARNING!!! - One or more of the identified infections is known to use a backdoor.
 
This allows hackers to remotely control your computer, steal critical system information and download and execute files.
I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.
 

 

 

#2 - The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
 
Here are some information sources about the dangers of P2P programs:
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
 
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
 
Please uninstall the following Peer-to-Peer program(s): uTorrent

 

 

#3 - Too Many AVs

You are running too many antivirus programs. This is not a good idea as this can cause problems such as slowness in computer speed, conflicts and cause more vulnerability to infection. It appears you are running AVG Anti-Virus Free Edition 2011 & Microsoft Security Essentials.

 

Since AVG is outdated, please download run the AVG Removal Tool.

 

 

#4 - Low on Disk Space
Your disk drive is low on disk space. It has about 9 percent free disk space. This can adversely affect the performance of your computer. It's recommended to have at least 15% free disk space so that tools such as the automated defragger can keep your drive optimized.

 

 

Step#2 - Uninstalls
 
Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling.

Babylon
Idle Crawler
Java™ 6 Update 24
Softonic-Eng7 Toolbar
WaTTchIttAddBlocKe

 

 

Step#3 - Questions

Are you familiar with the following entry in your hosts file?
127.0.0.1   d3oxij66pru1i3.cloudfront.net

 

Step#4 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   15.13KB   82 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#5 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Clean"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

 

 

Items for your next post

1. Answer to my question

2. FRST fix log

3. AdwCleaner log

 


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP