Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Chrome extensions that won't go away [Closed]


  • This topic is locked This topic is locked

#1
Peacemaker2.0

Peacemaker2.0

    Member

  • Member
  • PipPip
  • 15 posts

Hey there i have had this problem a couple of time and the last time things didn't end well. I had some software problem or virus that prevent me from opening many of my programs till the point the entire computer refused to start up. so i got it wiped now fresh and new more unknown extensions have arrived i tired Microsoft security essentials but nothing. i have no idea why there are there or how, it's probably my parents who click a lot of crap online. So far problems i have had with them is that Facebook comes up weird like this 

Spoiler
thanks for whatever help you can provide.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2015
Ran by Norma (administrator) on NORMA-PC on 25-04-2015 11:09:12
Running from C:\Users\Norma\Downloads
Loaded Profiles: Norma (Available profiles: Norma & sharilyn & Guest)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}\microsoft-office-2010 (1).exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Apache Software Foundation) C:\Program Files\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files\OpenOffice 4\program\soffice.bin
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\...\Run: [Google Update] => C:\Users\Norma\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-04-10] (Google Inc.)
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\...\MountPoints2: {48adde7b-dfb8-11e4-981e-806e6f6e6963} - D:\Setup.exe
Startup: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\microsoft-office-2010 (1).lnk [2015-04-21]
ShortcutTarget: microsoft-office-2010 (1).lnk -> C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}\microsoft-office-2010 (1).exe ()
Startup: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1010 series.lnk [2015-04-15]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1010 series.lnk -> C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: SalePlus -> {2f7776b0-9198-42db-8f98-30dc1391fff3} -> C:\Program Files\SalePlus\aG8OiRgObXS9JE.dll [2015-04-13] ()
BHO: CoupExtEnsiooN -> {383adea8-4a4f-403d-a4b6-558b47e585fc} -> C:\Program Files\CoupExtEnsiooN\n8xFcHhJkWigHQ.dll [2015-04-21] ()
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15] (Oracle Corporation)
BHO: bestadblocker -> {a34ba2fd-7504-4b05-b4b5-cbcb8f518fa7} -> C:\Program Files\bestadblocker\cIJ00KilrLJQ2j.dll [2015-04-13] ()
BHO: AllSavEr -> {ab5cb1f5-4c13-45ee-989c-790d9a99a936} -> C:\Program Files\AllSavEr\M2WBWsxgqx7tsC.dll [2015-04-21] ()
BHO: SalePllus -> {cf6076b9-a3f2-4a75-a58d-8c8ce7e03596} -> C:\Program Files\SalePllus\0kJ6W3ohfqbvoA.dll [2015-04-21] ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 205.160.233.2 209.59.69.2
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-15] (Oracle Corporation)
FF Plugin HKU\S-1-5-21-3661653562-1552711580-3814472317-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3661653562-1552711580-3814472317-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-10] (Google Inc.)
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-10]
CHR Extension: (Google Docs) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Google Drive) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-10]
CHR Extension: (YouTube) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-10]
CHR Extension: (Google Search) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-10]
CHR Extension: (Google Sheets) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-10]
CHR Extension: (Google Wallet) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-10]
CHR Extension: (Gmail) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR Profile: C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-10]
CHR Extension: (Google Docs) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Google Drive) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-10]
CHR Extension: (YouTube) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-10]
CHR Extension: (Google Search) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-10]
CHR Extension: (Google Sheets) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-10]
CHR Extension: (Word Online) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2015-04-15]
CHR Extension: (Bookmark Manager) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-10]
CHR Extension: (Gmail) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
StartMenuInternet: Google Chrome.TOQJLBEW3BY2U6IKFNNAM6UUJE - C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a40df2d0; c:\Program Files\SoftwareBump\SoftwareBump.dll [1633280 2015-04-13] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [164864 2009-07-13] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKsl7b6f6716; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3942B3BE-C600-4F2A-A00B-6A9858D0E619}\MpKsl7b6f6716.sys [39464 2015-04-25] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-25 11:09 - 2015-04-25 11:09 - 00010788 _____ () C:\Users\Norma\Downloads\FRST.txt
2015-04-25 11:08 - 2015-04-25 11:09 - 00000000 ____D () C:\FRST
2015-04-25 11:08 - 2015-04-25 11:08 - 00001094 _____ () C:\Users\Norma\Desktop\FRST - Shortcut.lnk
2015-04-25 11:07 - 2015-04-25 11:07 - 01139200 _____ (Farbar) C:\Users\Norma\Downloads\FRST.exe
2015-04-25 08:58 - 2015-04-25 08:58 - 00000094 ____H () C:\Users\Norma\Documents\.~lock.The following order is to be followed when typing up the CAPE IA.odt#
2015-04-25 08:41 - 2015-04-25 08:42 - 00525568 _____ () C:\Windows\Minidump\042515-35053-01.dmp
2015-04-25 08:41 - 2015-04-25 08:41 - 266325389 _____ () C:\Windows\MEMORY.DMP
2015-04-25 08:41 - 2015-04-25 08:41 - 00000000 ____D () C:\Windows\Minidump
2015-04-23 19:05 - 2015-04-23 19:05 - 00000239 _____ () C:\Users\Norma\Desktop\YouTube to mp3 Converter.url
2015-04-23 13:50 - 2015-04-23 13:50 - 00016406 _____ () C:\Users\Norma\Documents\Survey about Vendors and Hygiene.odt
2015-04-23 09:12 - 2015-04-23 10:10 - 00020480 ___SH () C:\Users\Norma\Documents\Thumbs.db
2015-04-22 21:25 - 2015-04-22 21:25 - 00034701 _____ () C:\Users\Norma\Downloads\Log into Facebook _ Facebook.html
2015-04-22 21:25 - 2015-04-22 21:25 - 00000000 ____D () C:\Users\Norma\Downloads\Log into Facebook _ Facebook_files
2015-04-21 21:40 - 2015-04-21 21:40 - 00000000 ____D () C:\Program Files\Pirate Bay Advanced Search
2015-04-21 21:39 - 2015-04-21 21:40 - 00000000 ____D () C:\Program Files\AllSavEr
2015-04-21 21:39 - 2015-04-21 21:39 - 00000000 ____D () C:\Program Files\DigiCOupon
2015-04-21 21:39 - 2015-04-21 21:39 - 00000000 ____D () C:\Program Files\CoupExtEnsiooN
2015-04-21 20:04 - 2015-04-21 20:05 - 00005470 _____ () C:\Windows\SMinstall.log
2015-04-21 20:04 - 2015-04-21 20:04 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-21 20:04 - 2015-04-21 20:04 - 00000000 ____D () C:\ProgramData\SonicFocus
2015-04-21 20:04 - 2015-04-21 20:04 - 00000000 ____D () C:\Program Files\Analog Devices
2015-04-21 20:03 - 2015-04-21 20:03 - 00000000 ____D () C:\Users\Norma\AppData\Roaming\InstallShield
2015-04-21 19:59 - 2015-04-21 20:02 - 07699888 _____ ( ) C:\Users\Norma\Downloads\sp45615.exe
2015-04-21 19:27 - 2015-04-21 19:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-04-21 16:56 - 2015-04-21 16:56 - 00000000 ____D () C:\ProgramData\ogoijenbchdhklnahafddhfgpfeoidjd
2015-04-21 16:56 - 2015-04-21 16:56 - 00000000 ____D () C:\Program Files\SalePllus
2015-04-21 16:54 - 2015-04-24 10:44 - 00000000 ____D () C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}
2015-04-21 13:20 - 2015-04-25 09:03 - 00000020 _____ () C:\Users\Norma\AppData\Roaming\appdataFr3.bin
2015-04-21 13:20 - 2015-04-21 13:20 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-21 04:39 - 2015-04-21 04:39 - 00016032 _____ () C:\Users\Norma\Documents\The following order is to be followed when typing up the CAPE IA.odt
2015-04-21 04:38 - 2015-04-23 13:49 - 00050176 _____ () C:\Users\Norma\Documents\F n d IA 1.odt
2015-04-20 09:22 - 2015-04-20 09:22 - 00063568 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-20 09:22 - 2015-04-20 09:22 - 00001413 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-20 09:22 - 2015-04-20 09:22 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2015-04-20 09:22 - 2015-04-20 09:22 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2015-04-20 09:22 - 2015-04-20 09:22 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore
2015-04-20 09:22 - 2015-04-20 09:22 - 00000000 ____D () C:\Users\Guest
2015-04-20 09:22 - 2009-07-13 21:42 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-20 09:22 - 2009-07-13 21:37 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-20 09:16 - 2015-04-20 09:16 - 00000000 ____D () C:\Users\sharilyn\AppData\Roaming\Adobe
2015-04-18 14:21 - 2015-04-18 14:25 - 00002643 _____ () C:\Users\Norma\Documents\students & teachers.odb
2015-04-15 23:26 - 2015-04-23 00:03 - 00000000 ____D () C:\Users\Norma\AppData\Roaming\HpUpdate
2015-04-15 23:26 - 2015-04-15 23:26 - 00002212 _____ () C:\Users\Public\Desktop\HP Deskjet 1010 series.lnk
2015-04-15 23:26 - 2015-04-15 23:26 - 00001953 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2015-04-15 23:26 - 2015-04-15 23:26 - 00001159 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1010 series.lnk
2015-04-15 23:26 - 2015-04-15 23:26 - 00000000 ____D () C:\ProgramData\Visan
2015-04-15 23:26 - 2015-04-15 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-04-15 23:26 - 2015-04-15 23:26 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2015-04-15 23:26 - 2015-04-15 23:26 - 00000000 ____D () C:\Program Files\HP Photo Creations
2015-04-15 23:26 - 2015-04-15 23:26 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-04-15 23:25 - 2015-04-15 23:26 - 00000000 ____D () C:\Program Files\HP
2015-04-15 23:25 - 2015-04-15 23:25 - 00000000 ____D () C:\ProgramData\HP
2015-04-15 23:24 - 2015-04-15 23:24 - 00000057 _____ () C:\ProgramData\Ament.ini
2015-04-15 23:23 - 2015-04-15 23:26 - 00000000 ____D () C:\Users\Norma\AppData\Local\HP
2015-04-15 16:50 - 2015-04-17 16:28 - 00002838 _____ () C:\Users\Norma\Documents\New Database.odb
2015-04-15 16:47 - 2015-04-16 00:23 - 00129922 _____ () C:\Users\Norma\Downloads\Food and Nutrition IA 2.odt
2015-04-15 14:39 - 2015-04-19 09:40 - 00000000 ____D () C:\Users\Norma\AppData\Local\Microsoft Games
2015-04-15 13:02 - 2015-04-20 23:31 - 00000000 ____D () C:\Users\Norma\Downloads\Nutritional Comparison_ Oats vs Wheat flour, white, bread, enriched_files
2015-04-15 13:02 - 2015-04-15 13:02 - 00093073 _____ () C:\Users\Norma\Downloads\Nutritional Comparison_ Oats vs Wheat flour, white, bread, enriched.html
2015-04-15 07:59 - 2015-04-15 07:59 - 00000000 ____D () C:\Users\Norma\AppData\Roaming\OpenOffice
2015-04-15 06:33 - 2015-04-15 06:33 - 00001070 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-04-15 06:33 - 2015-04-15 06:33 - 00000000 ___SD () C:\Users\Norma\Desktop\OpenOffice 4.1.1
2015-04-15 06:32 - 2015-04-15 06:32 - 00000000 ____D () C:\Program Files\OpenOffice 4
2015-04-15 06:29 - 2015-04-15 06:29 - 00000000 ____D () C:\Users\Norma\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
2015-04-15 05:55 - 2015-04-15 06:28 - 140852175 _____ () C:\Users\Norma\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-04-15 05:47 - 2015-04-15 05:47 - 00000000 ____D () C:\ProgramData\Sun
2015-04-15 05:46 - 2015-04-15 05:46 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-04-15 05:46 - 2015-04-15 05:46 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-15 05:46 - 2015-04-15 05:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-15 05:46 - 2015-04-15 05:46 - 00000000 ____D () C:\Program Files\Java
2015-04-15 05:46 - 2015-04-15 05:46 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-15 05:34 - 2015-04-15 05:34 - 00561576 _____ (Oracle Corporation) C:\Users\Norma\Downloads\chromeinstall-8u45.exe
2015-04-14 13:11 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 13:11 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 13:11 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 13:11 - 2015-03-12 20:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 13:11 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 13:11 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 13:11 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 13:11 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 13:11 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 13:11 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 13:11 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 13:11 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 13:11 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 13:11 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 13:11 - 2015-03-12 20:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 13:11 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 13:11 - 2015-03-12 20:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 13:11 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 13:11 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 13:11 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 13:11 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 13:11 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 13:11 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 13:11 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 13:11 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 13:11 - 2015-03-12 19:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 13:11 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 13:11 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 13:11 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 13:11 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 13:11 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 13:03 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-14 13:03 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 13:03 - 2015-03-16 22:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 13:03 - 2015-03-16 22:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 13:03 - 2015-03-16 21:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 13:03 - 2015-03-16 21:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 13:03 - 2015-03-16 21:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 13:03 - 2015-03-16 21:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 13:03 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 13:03 - 2015-03-16 21:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 13:03 - 2015-03-16 21:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 13:03 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 13:03 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 13:03 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 13:03 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 13:03 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 13:03 - 2015-03-04 21:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 13:03 - 2015-03-03 21:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 13:03 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 12:58 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 12:58 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 12:58 - 2015-03-24 20:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 12:57 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 12:57 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 12:57 - 2015-02-24 20:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-13 20:55 - 2015-04-14 12:58 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-13 20:55 - 2015-04-13 20:55 - 00000000 ____D () C:\Users\Norma\AppData\Local\Microsoft Help
2015-04-13 17:26 - 2015-04-13 18:00 - 00000000 ____D () C:\ProgramData\{231015db-f50a-f727-2310-015dbf50576f}
2015-04-13 16:58 - 2015-04-13 16:58 - 00000000 ____D () C:\ProgramData\{4b2107ed-e29a-646f-4b21-107ede291fb7}
2015-04-13 16:57 - 2015-04-13 16:57 - 00000000 ____D () C:\ProgramData\{6d3c072d-ebea-c925-6d3c-c072debe1cb7}
2015-04-13 16:56 - 2015-04-13 16:57 - 00000000 ____D () C:\ProgramData\{6367f138-e84c-3ea1-6367-7f138e84c4e3}
2015-04-13 15:44 - 2015-04-13 15:44 - 00000000 ____D () C:\Program Files\SoftwareBump
2015-04-13 15:41 - 2015-04-13 15:41 - 00000000 ____D () C:\ProgramData\{ef8420ac-d119-1b73-ef84-420acd1182b3}
2015-04-13 15:41 - 2015-04-13 15:41 - 00000000 ____D () C:\ProgramData\{6f96d369-819d-dd2b-6f96-6d3698194da6}
2015-04-13 13:41 - 2015-04-13 15:44 - 00000000 ____D () C:\Program Files\IncludeMonitor
2015-04-13 13:40 - 2015-04-13 13:40 - 00000000 ____D () C:\Program Files\Time Warp
2015-04-13 13:40 - 2015-04-13 13:40 - 00000000 ____D () C:\Program Files\bestadblocker
2015-04-13 13:39 - 2015-04-13 13:39 - 00000000 ____D () C:\Program Files\SalePlus
2015-04-13 13:38 - 2015-04-21 21:41 - 00000000 ____D () C:\ProgramData\6511291917069944946
2015-04-13 13:38 - 2015-04-13 13:38 - 00000000 ____D () C:\ProgramData\ifnhndkjmomenjmgehjaaefbfmigimlg
2015-04-13 13:38 - 2015-04-13 13:38 - 00000000 ____D () C:\Program Files\SaLePaLus
2015-04-13 13:37 - 2015-04-13 13:37 - 00374784 _____ () C:\Users\Norma\Downloads\microsoft-office-2010 (1).exe
2015-04-13 13:37 - 2015-04-13 13:37 - 00373760 _____ () C:\Users\Norma\Downloads\microsoft-office-2010.exe
2015-04-13 13:37 - 2015-04-13 13:37 - 00000000 ____D () C:\ProgramData\{7f9e9c04-ad7a-bfb3-7f9e-e9c04ad77012}
2015-04-13 13:34 - 2015-04-13 13:34 - 00301134 _____ () C:\Users\Norma\Downloads\sociology questionaire - Copy.xps
2015-04-13 13:34 - 2015-04-13 13:34 - 00300722 _____ () C:\Users\Norma\Downloads\sociology questionaire.xps
2015-04-13 03:46 - 2015-04-13 03:46 - 00000000 ____D () C:\Users\Norma\Documents\Fax
2015-04-13 03:45 - 2015-04-13 03:45 - 00000000 ____H () C:\Users\Norma\Documents\Default.rdp
2015-04-12 17:10 - 2013-12-24 16:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-12 17:10 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieUserList
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieSiteList
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieBrowserModeList
2015-04-12 04:31 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-12 04:28 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-12 04:28 - 2013-04-09 16:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-12 04:23 - 2015-04-12 04:23 - 00000000 ____D () C:\Users\Norma\AppData\Roaming\Adobe
2015-04-12 03:27 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-12 03:27 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-12 03:27 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-12 03:27 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-12 03:26 - 2012-02-29 22:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-04-12 03:26 - 2012-02-29 22:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-04-12 03:09 - 2015-04-12 03:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-04-12 03:09 - 2015-04-12 03:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-04-12 03:09 - 2015-04-12 03:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-04-12 03:09 - 2015-04-12 03:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-12 03:09 - 2015-04-12 03:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-04-12 03:09 - 2015-04-12 03:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-04-12 03:09 - 2015-04-12 03:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-12 03:09 - 2015-04-12 03:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-12 03:08 - 2015-04-12 03:08 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-12 03:08 - 2015-04-12 03:08 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-12 03:08 - 2015-04-12 03:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-04-12 03:07 - 2015-04-12 03:07 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-04-12 03:05 - 2015-04-12 03:05 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-12 03:05 - 2015-04-12 03:05 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-12 03:04 - 2015-04-12 03:10 - 00013732 _____ () C:\Windows\IE11_main.log
2015-04-12 03:04 - 2015-04-12 03:04 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-04-11 06:08 - 2015-04-20 09:17 - 00063568 _____ () C:\Users\sharilyn\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-11 06:06 - 2015-04-11 06:06 - 00002117 _____ () C:\Users\Norma\Desktop\Microsoft Security Essentials.lnk
2015-04-11 03:48 - 2014-10-17 18:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-11 03:48 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-04-11 03:48 - 2013-07-02 21:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-04-11 03:48 - 2013-07-02 20:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-04-11 03:48 - 2013-07-02 20:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-04-11 03:48 - 2013-04-12 06:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-11 03:48 - 2013-02-11 20:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-04-11 03:48 - 2011-04-28 19:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-04-11 03:48 - 2011-04-28 19:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-04-11 03:48 - 2011-04-28 19:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-04-11 03:47 - 2012-11-01 22:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-04-11 03:46 - 2014-07-13 18:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-11 03:45 - 2014-11-10 19:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-11 03:45 - 2014-08-11 18:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-11 03:45 - 2014-06-15 18:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-11 03:45 - 2014-06-15 18:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-04-11 03:45 - 2014-06-15 18:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-04-11 03:45 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-11 03:45 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-11 03:45 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-11 03:45 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-11 03:45 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-11 03:45 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-11 03:45 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-11 03:45 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-11 03:45 - 2011-08-16 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-04-11 03:45 - 2011-08-16 21:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-04-11 03:45 - 2011-03-02 22:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-04-11 03:45 - 2011-03-02 22:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-04-11 03:45 - 2011-03-02 22:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-04-11 03:42 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-11 03:42 - 2011-08-26 21:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-04-11 03:42 - 2011-07-08 19:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-04-11 03:42 - 2011-05-24 03:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-04-11 03:42 - 2011-04-26 19:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-04-11 03:42 - 2011-04-26 19:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-04-11 03:41 - 2015-02-12 22:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-11 03:41 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-11 03:41 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-11 03:41 - 2013-10-03 18:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-11 03:41 - 2013-10-03 18:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-11 03:41 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-04-11 03:41 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-11 03:41 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-04-11 03:41 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-04-11 03:41 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-11 03:41 - 2012-07-04 14:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-04-11 03:41 - 2012-07-04 14:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-04-11 03:41 - 2012-07-04 14:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-04-11 03:41 - 2012-06-05 22:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-04-11 03:41 - 2011-10-14 22:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-04-11 03:41 - 2011-05-02 21:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-11 03:41 - 2011-02-11 22:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-04-11 03:41 - 2010-12-22 22:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-04-11 03:41 - 2010-12-22 22:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-04-11 03:41 - 2010-12-22 22:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-04-11 03:40 - 2015-02-25 20:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-11 03:40 - 2014-12-11 10:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-11 03:40 - 2014-10-24 18:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-11 03:40 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-11 03:40 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-11 03:40 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-11 03:40 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-11 03:40 - 2014-06-03 02:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-11 03:40 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-11 03:40 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-11 03:40 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-11 03:40 - 2014-05-29 23:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-11 03:40 - 2014-04-04 19:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-11 03:40 - 2014-04-04 19:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-11 03:40 - 2013-11-26 04:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-11 03:27 - 2014-12-18 19:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-11 03:27 - 2012-03-17 00:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-04-11 03:27 - 2011-12-16 00:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-04-11 03:27 - 2011-11-16 22:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-04-11 03:27 - 2011-06-15 01:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2015-04-11 03:27 - 2011-06-15 01:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-04-11 03:27 - 2011-06-15 01:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-04-11 03:27 - 2011-06-15 01:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-04-11 03:27 - 2011-06-15 01:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-04-11 03:26 - 2015-02-19 21:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-11 03:26 - 2015-02-19 21:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-11 03:26 - 2015-02-19 21:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-11 03:26 - 2015-02-19 21:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-11 03:26 - 2015-02-19 20:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-11 03:26 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-11 03:26 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-11 03:26 - 2014-07-16 18:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-11 03:26 - 2014-07-16 18:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-11 03:26 - 2014-07-16 18:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-11 03:26 - 2014-07-16 18:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-04-11 03:26 - 2014-07-16 18:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-11 03:26 - 2014-07-16 18:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-11 03:26 - 2014-07-16 18:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-11 03:26 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-04-11 03:26 - 2013-10-11 19:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-11 03:26 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-04-11 03:26 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-04-11 03:26 - 2013-02-14 20:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-11 03:26 - 2012-09-25 15:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-04-11 03:26 - 2012-05-13 21:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-04-11 03:26 - 2012-04-25 21:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-04-11 03:26 - 2012-04-25 21:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-04-11 03:25 - 2014-12-05 20:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-11 03:25 - 2014-03-04 02:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-11 03:25 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-11 03:25 - 2013-08-01 18:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 17:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-11 03:25 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-11 03:25 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-11 03:25 - 2013-07-12 03:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-04-11 03:25 - 2012-10-03 09:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-04-11 03:25 - 2012-10-03 09:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-04-11 03:25 - 2011-03-10 22:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-04-11 03:25 - 2011-03-10 22:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-04-11 03:23 - 2015-02-02 20:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-11 03:23 - 2015-02-02 20:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-11 03:23 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-11 03:23 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-11 03:23 - 2015-02-02 20:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-11 03:23 - 2015-02-02 20:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-11 03:23 - 2015-02-02 20:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-11 03:23 - 2015-02-02 20:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-11 03:23 - 2015-02-02 20:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-11 03:23 - 2015-02-02 20:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-11 03:23 - 2015-02-02 20:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-11 03:23 - 2015-02-02 20:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-11 03:23 - 2015-02-02 20:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-11 03:23 - 2015-02-02 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-11 03:23 - 2015-02-02 20:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-11 03:23 - 2015-02-02 19:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-11 03:23 - 2015-01-30 16:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-11 03:23 - 2014-12-18 18:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-11 03:23 - 2014-10-31 15:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-11 03:23 - 2014-06-27 17:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-11 03:23 - 2014-06-27 17:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-11 03:23 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-11 03:23 - 2013-11-26 18:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-11 03:23 - 2013-11-26 18:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-11 03:23 - 2013-11-26 18:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-11 03:23 - 2013-11-26 18:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-11 03:23 - 2013-11-26 18:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-11 03:23 - 2013-11-26 18:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-11 03:23 - 2013-06-25 15:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-04-11 03:23 - 2012-11-28 15:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-04-11 03:23 - 2012-11-28 15:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-04-11 03:23 - 2012-11-28 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-04-11 03:23 - 2011-04-08 22:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-04-11 03:23 - 2011-02-22 21:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-04-11 03:22 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-11 03:22 - 2014-10-13 18:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-11 03:20 - 2013-02-26 21:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-04-10 22:40 - 2015-04-10 22:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-04-10 22:38 - 2012-02-16 22:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-04-10 22:38 - 2012-02-16 21:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-04-10 21:51 - 2015-04-10 21:51 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-04-10 21:51 - 2015-04-10 21:51 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-04-10 21:51 - 2015-04-10 21:51 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-04-10 21:48 - 2015-04-10 21:51 - 11530032 _____ (Microsoft Corporation) C:\Users\Norma\Downloads\mseinstall.exe
2015-04-10 19:33 - 2015-04-10 19:33 - 00131778 _____ () C:\Users\Norma\Downloads\Google default.html
2015-04-10 19:33 - 2015-04-10 19:33 - 00000000 ____D () C:\Users\Norma\Downloads\Google default_files
2015-04-10 17:13 - 2015-04-10 17:14 - 00880208 _____ (Google Inc.) C:\Users\Norma\Downloads\ChromeSetup.exe
2015-04-10 16:51 - 2015-04-10 22:32 - 00002456 _____ () C:\Users\Norma\Desktop\Person 1 - Chrome.lnk
2015-04-10 16:51 - 2015-04-10 16:51 - 00000000 ____D () C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-10 16:40 - 2015-04-25 10:45 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3661653562-1552711580-3814472317-1000UA.job
2015-04-10 16:40 - 2015-04-24 18:56 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3661653562-1552711580-3814472317-1000Core.job
2015-04-10 16:38 - 2015-04-10 16:50 - 00000000 ____D () C:\Users\Norma\AppData\Local\Google
2015-04-10 16:36 - 2015-04-15 07:08 - 00063568 _____ () C:\Users\Norma\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-10 16:36 - 2015-04-10 16:38 - 00000000 ____D () C:\Users\Norma\AppData\Local\Deployment
2015-04-10 16:36 - 2015-04-10 16:36 - 00000000 ____D () C:\Users\Norma\AppData\Local\Apps\2.0
2015-04-10 13:29 - 2015-04-10 11:55 - 00000000 ____D () C:\Windows\Panther
2015-04-10 13:23 - 2015-04-10 13:23 - 00000000 ____D () C:\Windows.old
2015-04-10 12:35 - 2015-04-25 08:45 - 01822834 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 12:35 - 2015-04-10 12:35 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-04-10 12:35 - 2015-04-10 12:35 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-04-10 12:32 - 2015-04-10 12:35 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-04-10 11:55 - 2015-04-10 11:55 - 00001417 _____ () C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-10 11:55 - 2015-04-10 11:55 - 00000020 ___SH () C:\Users\Norma\ntuser.ini
2015-04-10 11:55 - 2015-04-10 11:55 - 00000000 ____D () C:\Users\Norma\AppData\Local\VirtualStore
2015-04-10 11:55 - 2015-04-10 11:55 - 00000000 ____D () C:\Users\Norma
2015-04-10 11:55 - 2009-07-13 21:42 - 00000000 ___RD () C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-10 11:55 - 2009-07-13 21:37 - 00000000 ___RD () C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-10 09:24 - 2015-04-10 09:24 - 00001417 _____ () C:\Users\sharilyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-10 09:24 - 2015-04-10 09:24 - 00000020 ___SH () C:\Users\sharilyn\ntuser.ini
2015-04-10 09:24 - 2015-04-10 09:24 - 00000000 ____D () C:\Users\sharilyn\AppData\Local\VirtualStore
2015-04-10 09:24 - 2015-04-10 09:24 - 00000000 ____D () C:\Users\sharilyn
2015-04-10 09:24 - 2009-07-13 21:42 - 00000000 ___RD () C:\Users\sharilyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-10 09:24 - 2009-07-13 21:37 - 00000000 ___RD () C:\Users\sharilyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-10 09:21 - 2015-03-03 06:16 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-25 10:44 - 2009-07-13 21:34 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-25 10:44 - 2009-07-13 21:34 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-25 08:46 - 2010-11-20 14:01 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-25 08:42 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-25 08:42 - 2009-07-13 21:39 - 00043096 _____ () C:\Windows\setupact.log
2015-04-25 08:39 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-04-20 23:34 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-20 09:17 - 2009-07-13 19:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-16 00:19 - 2010-11-20 14:48 - 00010360 _____ () C:\Windows\PFRO.log
2015-04-16 00:19 - 2009-07-13 21:33 - 00284336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-15 06:29 - 2009-07-13 19:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-15 05:20 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2015-04-15 03:26 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-14 12:58 - 2011-04-11 19:24 - 00000000 ____D () C:\Windows\ShellNew
2015-04-14 12:57 - 2009-07-13 21:52 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-14 12:57 - 2009-07-13 19:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-14 12:57 - 2009-07-13 19:04 - 00000387 _____ () C:\Windows\win.ini
2015-04-13 03:20 - 2011-04-11 19:24 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-12 04:15 - 2009-07-13 21:52 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\it-IT
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\el-GR
2015-04-12 04:15 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-04-10 16:22 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-04-10 15:50 - 2011-04-11 19:24 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-04-10 13:29 - 2009-07-13 21:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-04-10 13:29 - 2009-07-13 21:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-04-10 12:45 - 2009-07-13 21:39 - 00000269 _____ () C:\Windows\setuperr.log
2015-04-10 12:35 - 2009-07-13 21:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-10 12:35 - 2009-07-13 19:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-10 12:32 - 2009-07-13 21:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2015-04-10 11:55 - 2013-05-15 14:47 - 00000000 __SHD () C:\Recovery
2015-04-10 09:21 - 2009-07-13 21:52 - 00000000 ____D () C:\Windows\system32\restore
 
==================== Files in the root of some directories =======
 
2015-04-21 13:20 - 2015-04-25 09:03 - 0000020 _____ () C:\Users\Norma\AppData\Roaming\appdataFr3.bin
2015-04-15 23:24 - 2015-04-15 23:24 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some content of TEMP:
====================
C:\Users\Norma\AppData\Local\Temp\2588.exe
C:\Users\Norma\AppData\Local\Temp\3EF0.exe
C:\Users\Norma\AppData\Local\Temp\53A0.exe
C:\Users\Norma\AppData\Local\Temp\6500.exe
C:\Users\Norma\AppData\Local\Temp\6770.exe
C:\Users\Norma\AppData\Local\Temp\AA60.exe
C:\Users\Norma\AppData\Local\Temp\AD84.exe
C:\Users\Norma\AppData\Local\Temp\BFD8.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-24 06:15
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2015
Ran by Norma at 2015-04-25 11:09:57
Running from C:\Users\Norma\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3661653562-1552711580-3814472317-500 - Administrator - Disabled)
Guest (S-1-5-21-3661653562-1552711580-3814472317-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3661653562-1552711580-3814472317-1002 - Limited - Enabled)
Norma (S-1-5-21-3661653562-1552711580-3814472317-1000 - Administrator - Enabled) => C:\Users\Norma
sharilyn (S-1-5-21-3661653562-1552711580-3814472317-1003 - Limited - Enabled) => C:\Users\sharilyn
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AllSavEr (HKLM\...\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}) (Version:  - "") <==== ATTENTION
Augmentware (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{28f83a8}) (Version:  - Augmentware) <==== ATTENTION
bestadblocker (HKLM\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION
DigiCOupon (HKLM\...\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B}) (Version:  - "") <==== ATTENTION
Google Chrome (HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
HP Deskjet 1010 series Basic Device Software (HKLM\...\{12DE9DD8-1773-454D-97C0-C6616DDE394E}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1010 series Help (HKLM\...\{BFB6C2B0-9643-4B59-A706-71DEB3017A99}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Pirate Bay Advanced Search (HKLM\...\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54}) (Version:  - "") <==== ATTENTION
Product Improvement Study for HP Deskjet 1010 series (HKLM\...\{43038EE2-C704-48EF-B9C9-88FA08D5E619}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
SalePlus (HKLM\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version:  - ) <==== ATTENTION
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
SystemLift (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{a40df2d0}) (Version:  - SystemLift) <==== ATTENTION
The AdBlocker (HKLM\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - The AdBlocker) <==== ATTENTION
Time Warp (HKLM\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Norma\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Norma\AppData\Local\Google\Chrome\Application\42.0.2311.90\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Norma\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Norma\AppData\Local\Temp\EA00\temp\BFD8.exe ()
 
==================== Restore Points  =========================
 
13-04-2015 23:51:04 Installed Microsoft Office Professional Plus 2010
14-04-2015 12:49:48 Installed Microsoft Office Professional Plus 2010
15-04-2015 03:00:36 Windows Update
15-04-2015 06:29:33 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
15-04-2015 06:31:48 Installed OpenOffice 4.1.1
21-04-2015 10:15:37 Windows Update
21-04-2015 20:04:10 Installed SoundMAX
24-04-2015 18:59:38 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {60520983-2F0F-4EEC-9214-F1B785834576} - System32\Tasks\HPCustParticipation HP Deskjet 1010 series => C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {8DAF9662-A8A3-4822-BC9F-EBBBA9DA984E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3661653562-1552711580-3814472317-1000Core => C:\Users\Norma\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.)
Task: {B6E5BA65-A879-4D84-95F2-2C02DDFE1A63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F40C8970-0AD4-4184-83BE-D1F0E13EC3A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3661653562-1552711580-3814472317-1000UA => C:\Users\Norma\AppData\Local\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3661653562-1552711580-3814472317-1000Core.job => C:\Users\Norma\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3661653562-1552711580-3814472317-1000UA.job => C:\Users\Norma\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-04-13 15:44 - 2015-04-13 15:44 - 01633280 _____ () c:\Program Files\SoftwareBump\SoftwareBump.dll
2014-04-21 16:54 - 2014-04-21 16:54 - 00374784 _____ () C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}\microsoft-office-2010 (1).exe
2014-08-13 09:27 - 2014-08-13 09:27 - 00988160 _____ () C:\Program Files\OpenOffice 4\program\libxml2.dll
2014-07-29 13:34 - 2014-07-29 13:34 - 00170496 _____ () C:\Program Files\OpenOffice 4\program\libxslt.dll
2015-04-10 17:42 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Norma\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-10 17:42 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Norma\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 205.160.233.2 - 209.59.69.2
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/25/2015 08:43:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/25/2015 08:30:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/24/2015 06:15:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/23/2015 03:03:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/22/2015 01:07:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/21/2015 09:07:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 42.0.2311.90 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 920
 
Start Time: 01d07c8f73b79a13
 
Termination Time: 11
 
Application Path: C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exe
 
Report Id: fe15a4a7-e8a4-11e4-aaa3-18a90531fba5
 
Error: (04/21/2015 08:04:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2f9a3a6e-ef2b-4592-b0f4-6bed503d3ac9}
 
Error: (04/21/2015 04:59:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/21/2015 00:30:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/20/2015 05:39:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (04/25/2015 08:42:03 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0x8754f318, 0x916329b0, 0x00000000, 0x0000000d)C:\Windows\MEMORY.DMP042515-35053-01
 
Error: (04/25/2015 08:42:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:39:31 AM on ‎4/‎25/‎2015 was unexpected.
 
Error: (04/25/2015 08:35:56 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume TRANSCEND encountered a non-retryable error and could not start.  The data contains the error code.
 
Error: (04/25/2015 08:35:56 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume TRANSCEND.
 
Error: (04/23/2015 08:30:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
 
Error: (04/21/2015 04:57:28 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume TRANSCEND encountered a non-retryable error and could not start.  The data contains the error code.
 
Error: (04/21/2015 04:57:28 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume TRANSCEND.
 
Error: (04/21/2015 04:50:54 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume TRANSCEND encountered a non-retryable error and could not start.  The data contains the error code.
 
Error: (04/21/2015 04:50:54 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume TRANSCEND.
 
Error: (04/21/2015 06:43:23 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 114.3.0.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.7.0205.00
 
Source Path: 4.7.0205.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
 
Microsoft Office Sessions:
=========================
Error: (04/25/2015 08:43:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/25/2015 08:30:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1010 series\DriverStore\Yeti\V3\amd64\hpinkinsB511.exe
 
Error: (04/24/2015 06:15:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1010 series\DriverStore\Yeti\V3\amd64\hpinkinsB511.exe
 
Error: (04/23/2015 03:03:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1010 series\DriverStore\Yeti\V3\amd64\hpinkinsB511.exe
 
Error: (04/22/2015 01:07:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1010 series\DriverStore\Yeti\V3\amd64\hpinkinsB511.exe
 
Error: (04/21/2015 09:07:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe42.0.2311.9092001d07c8f73b79a1311C:\Users\Norma\AppData\Local\Google\Chrome\Application\chrome.exefe15a4a7-e8a4-11e4-aaa3-18a90531fba5
 
Error: (04/21/2015 08:04:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2f9a3a6e-ef2b-4592-b0f4-6bed503d3ac9}
 
Error: (04/21/2015 04:59:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/21/2015 00:30:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1010 series\DriverStore\Yeti\V3\amd64\hpinkinsB511.exe
 
Error: (04/20/2015 05:39:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 25%
Total physical RAM: 3543.25 MB
Available physical RAM: 2626.45 MB
Total Pagefile: 7084.79 MB
Available Pagefile: 5559.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.61 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:140.49 GB) NTFS
Drive d: (HP DJ1010) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 012E6B2F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi this will be a multipart fix :)

Once done I will give a link to how to secure the system

First uninstall the following programmes, if one does not go then move on to the next :

AllSavEr
Augmentware
bestadblocker
DigiCOupon
Pirate Bay Advanced Search
SalePlus
SystemLift
The AdBlocker
Time Warp


THEN

Re-install Chrome

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome.
Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

NEXT

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
Startup: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\microsoft-office-2010 (1).lnk [2015-04-21]
ShortcutTarget: microsoft-office-2010 (1).lnk -> C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}\microsoft-office-2010 (1).exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: SalePlus -> {2f7776b0-9198-42db-8f98-30dc1391fff3} -> C:\Program Files\SalePlus\aG8OiRgObXS9JE.dll [2015-04-13] ()
BHO: CoupExtEnsiooN -> {383adea8-4a4f-403d-a4b6-558b47e585fc} -> C:\Program Files\CoupExtEnsiooN\n8xFcHhJkWigHQ.dll [2015-04-21] ()
BHO: bestadblocker -> {a34ba2fd-7504-4b05-b4b5-cbcb8f518fa7} -> C:\Program Files\bestadblocker\cIJ00KilrLJQ2j.dll [2015-04-13] ()
BHO: AllSavEr -> {ab5cb1f5-4c13-45ee-989c-790d9a99a936} -> C:\Program Files\AllSavEr\M2WBWsxgqx7tsC.dll [2015-04-21] ()
BHO: SalePllus -> {cf6076b9-a3f2-4a75-a58d-8c8ce7e03596} -> C:\Program Files\SalePllus\0kJ6W3ohfqbvoA.dll [2015-04-21] ()
R2 a40df2d0; c:\Program Files\SoftwareBump\SoftwareBump.dll [1633280 2015-04-13] () [File not signed]
2015-04-21 21:40 - 2015-04-21 21:40 - 00000000 ____D () C:\Program Files\Pirate Bay Advanced Search
2015-04-21 21:39 - 2015-04-21 21:40 - 00000000 ____D () C:\Program Files\AllSavEr
2015-04-21 21:39 - 2015-04-21 21:39 - 00000000 ____D () C:\Program Files\DigiCOupon
2015-04-21 21:39 - 2015-04-21 21:39 - 00000000 ____D () C:\Program Files\CoupExtEnsiooN
2015-04-21 19:59 - 2015-04-21 20:02 - 07699888 _____ ( ) C:\Users\Norma\Downloads\sp45615.exe
2015-04-21 16:56 - 2015-04-21 16:56 - 00000000 ____D () C:\ProgramData\ogoijenbchdhklnahafddhfgpfeoidjd
2015-04-21 16:56 - 2015-04-21 16:56 - 00000000 ____D () C:\Program Files\SalePllus
2015-04-21 16:54 - 2015-04-24 10:44 - 00000000 ____D () C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}
2015-04-21 13:20 - 2015-04-21 13:20 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-13 17:26 - 2015-04-13 18:00 - 00000000 ____D () C:\ProgramData\{231015db-f50a-f727-2310-015dbf50576f}
2015-04-13 16:58 - 2015-04-13 16:58 - 00000000 ____D () C:\ProgramData\{4b2107ed-e29a-646f-4b21-107ede291fb7}
2015-04-13 16:57 - 2015-04-13 16:57 - 00000000 ____D () C:\ProgramData\{6d3c072d-ebea-c925-6d3c-c072debe1cb7}
2015-04-13 16:56 - 2015-04-13 16:57 - 00000000 ____D () C:\ProgramData\{6367f138-e84c-3ea1-6367-7f138e84c4e3}
2015-04-13 15:44 - 2015-04-13 15:44 - 00000000 ____D () C:\Program Files\SoftwareBump
2015-04-13 15:41 - 2015-04-13 15:41 - 00000000 ____D () C:\ProgramData\{ef8420ac-d119-1b73-ef84-420acd1182b3}
2015-04-13 15:41 - 2015-04-13 15:41 - 00000000 ____D () C:\ProgramData\{6f96d369-819d-dd2b-6f96-6d3698194da6}
2015-04-13 13:41 - 2015-04-13 15:44 - 00000000 ____D () C:\Program Files\IncludeMonitor
2015-04-13 13:40 - 2015-04-13 13:40 - 00000000 ____D () C:\Program Files\Time Warp
2015-04-13 13:40 - 2015-04-13 13:40 - 00000000 ____D () C:\Program Files\bestadblocker
2015-04-13 13:39 - 2015-04-13 13:39 - 00000000 ____D () C:\Program Files\SalePlus
2015-04-13 13:38 - 2015-04-21 21:41 - 00000000 ____D () C:\ProgramData\6511291917069944946
2015-04-13 13:38 - 2015-04-13 13:38 - 00000000 ____D () C:\ProgramData\ifnhndkjmomenjmgehjaaefbfmigimlg
2015-04-13 13:38 - 2015-04-13 13:38 - 00000000 ____D () C:\Program Files\SaLePaLus
2015-04-13 13:37 - 2015-04-13 13:37 - 00374784 _____ () C:\Users\Norma\Downloads\microsoft-office-2010 (1).exe
2015-04-13 13:37 - 2015-04-13 13:37 - 00373760 _____ () C:\Users\Norma\Downloads\microsoft-office-2010.exe
2015-04-13 13:37 - 2015-04-13 13:37 - 00000000 ____D () C:\ProgramData\{7f9e9c04-ad7a-bfb3-7f9e-e9c04ad77012}
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieUserList
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieSiteList
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieBrowserModeList
c:\Program Files\SoftwareBump
C:\Program Files\SalePlus
C:\Program Files\CoupExtEnsiooN
C:\Program Files\bestadblocker
C:\Program Files\AllSavEr
C:\Program Files\SalePllus
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

FINALLY

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
Peacemaker2.0

Peacemaker2.0

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Thanks a lot for the help. I tried to deleted augmentware but this comes up 

http://i.imgur.com/8ZZoFb5.png 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-04-2015
Ran by Norma at 2015-04-25 16:50:52 Run:1
Running from C:\Users\Norma\Desktop
Loaded Profiles: Norma (Available profiles: Norma & sharilyn & Guest)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
Startup: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\microsoft-office-2010 (1).lnk [2015-04-21]
ShortcutTarget: microsoft-office-2010 (1).lnk -> C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}\microsoft-office-2010 (1).exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: SalePlus -> {2f7776b0-9198-42db-8f98-30dc1391fff3} -> C:\Program Files\SalePlus\aG8OiRgObXS9JE.dll [2015-04-13] ()
BHO: CoupExtEnsiooN -> {383adea8-4a4f-403d-a4b6-558b47e585fc} -> C:\Program Files\CoupExtEnsiooN\n8xFcHhJkWigHQ.dll [2015-04-21] ()
BHO: bestadblocker -> {a34ba2fd-7504-4b05-b4b5-cbcb8f518fa7} -> C:\Program Files\bestadblocker\cIJ00KilrLJQ2j.dll [2015-04-13] ()
BHO: AllSavEr -> {ab5cb1f5-4c13-45ee-989c-790d9a99a936} -> C:\Program Files\AllSavEr\M2WBWsxgqx7tsC.dll [2015-04-21] ()
BHO: SalePllus -> {cf6076b9-a3f2-4a75-a58d-8c8ce7e03596} -> C:\Program Files\SalePllus\0kJ6W3ohfqbvoA.dll [2015-04-21] ()
R2 a40df2d0; c:\Program Files\SoftwareBump\SoftwareBump.dll [1633280 2015-04-13] () [File not signed]
2015-04-21 21:40 - 2015-04-21 21:40 - 00000000 ____D () C:\Program Files\Pirate Bay Advanced Search
2015-04-21 21:39 - 2015-04-21 21:40 - 00000000 ____D () C:\Program Files\AllSavEr
2015-04-21 21:39 - 2015-04-21 21:39 - 00000000 ____D () C:\Program Files\DigiCOupon
2015-04-21 21:39 - 2015-04-21 21:39 - 00000000 ____D () C:\Program Files\CoupExtEnsiooN
2015-04-21 19:59 - 2015-04-21 20:02 - 07699888 _____ ( ) C:\Users\Norma\Downloads\sp45615.exe
2015-04-21 16:56 - 2015-04-21 16:56 - 00000000 ____D () C:\ProgramData\ogoijenbchdhklnahafddhfgpfeoidjd
2015-04-21 16:56 - 2015-04-21 16:56 - 00000000 ____D () C:\Program Files\SalePllus
2015-04-21 16:54 - 2015-04-24 10:44 - 00000000 ____D () C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}
2015-04-21 13:20 - 2015-04-21 13:20 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-13 17:26 - 2015-04-13 18:00 - 00000000 ____D () C:\ProgramData\{231015db-f50a-f727-2310-015dbf50576f}
2015-04-13 16:58 - 2015-04-13 16:58 - 00000000 ____D () C:\ProgramData\{4b2107ed-e29a-646f-4b21-107ede291fb7}
2015-04-13 16:57 - 2015-04-13 16:57 - 00000000 ____D () C:\ProgramData\{6d3c072d-ebea-c925-6d3c-c072debe1cb7}
2015-04-13 16:56 - 2015-04-13 16:57 - 00000000 ____D () C:\ProgramData\{6367f138-e84c-3ea1-6367-7f138e84c4e3}
2015-04-13 15:44 - 2015-04-13 15:44 - 00000000 ____D () C:\Program Files\SoftwareBump
2015-04-13 15:41 - 2015-04-13 15:41 - 00000000 ____D () C:\ProgramData\{ef8420ac-d119-1b73-ef84-420acd1182b3}
2015-04-13 15:41 - 2015-04-13 15:41 - 00000000 ____D () C:\ProgramData\{6f96d369-819d-dd2b-6f96-6d3698194da6}
2015-04-13 13:41 - 2015-04-13 15:44 - 00000000 ____D () C:\Program Files\IncludeMonitor
2015-04-13 13:40 - 2015-04-13 13:40 - 00000000 ____D () C:\Program Files\Time Warp
2015-04-13 13:40 - 2015-04-13 13:40 - 00000000 ____D () C:\Program Files\bestadblocker
2015-04-13 13:39 - 2015-04-13 13:39 - 00000000 ____D () C:\Program Files\SalePlus
2015-04-13 13:38 - 2015-04-21 21:41 - 00000000 ____D () C:\ProgramData\6511291917069944946
2015-04-13 13:38 - 2015-04-13 13:38 - 00000000 ____D () C:\ProgramData\ifnhndkjmomenjmgehjaaefbfmigimlg
2015-04-13 13:38 - 2015-04-13 13:38 - 00000000 ____D () C:\Program Files\SaLePaLus
2015-04-13 13:37 - 2015-04-13 13:37 - 00374784 _____ () C:\Users\Norma\Downloads\microsoft-office-2010 (1).exe
2015-04-13 13:37 - 2015-04-13 13:37 - 00373760 _____ () C:\Users\Norma\Downloads\microsoft-office-2010.exe
2015-04-13 13:37 - 2015-04-13 13:37 - 00000000 ____D () C:\ProgramData\{7f9e9c04-ad7a-bfb3-7f9e-e9c04ad77012}
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieUserList
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieSiteList
2015-04-12 12:07 - 2015-04-12 12:07 - 00000000 __SHD () C:\Users\Norma\AppData\Local\EmieBrowserModeList
c:\Program Files\SoftwareBump
C:\Program Files\SalePlus
C:\Program Files\CoupExtEnsiooN
C:\Program Files\bestadblocker
C:\Program Files\AllSavEr
C:\Program Files\SalePllus
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\microsoft-office-2010 (1).lnk => Moved successfully.
C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}\microsoft-office-2010 (1).exe => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2f7776b0-9198-42db-8f98-30dc1391fff3} => Key not found. 
"HKCR\CLSID\{2f7776b0-9198-42db-8f98-30dc1391fff3}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{383adea8-4a4f-403d-a4b6-558b47e585fc} => Key not found. 
"HKCR\CLSID\{383adea8-4a4f-403d-a4b6-558b47e585fc}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a34ba2fd-7504-4b05-b4b5-cbcb8f518fa7} => Key not found. 
"HKCR\CLSID\{a34ba2fd-7504-4b05-b4b5-cbcb8f518fa7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab5cb1f5-4c13-45ee-989c-790d9a99a936} => Key not found. 
"HKCR\CLSID\{ab5cb1f5-4c13-45ee-989c-790d9a99a936}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf6076b9-a3f2-4a75-a58d-8c8ce7e03596} => Key not found. 
"HKCR\CLSID\{cf6076b9-a3f2-4a75-a58d-8c8ce7e03596}" => Key deleted successfully.
a40df2d0 => Service not found.
"C:\Program Files\Pirate Bay Advanced Search" => File/Directory not found.
"C:\Program Files\AllSavEr" => File/Directory not found.
"C:\Program Files\DigiCOupon" => File/Directory not found.
"C:\Program Files\CoupExtEnsiooN" => File/Directory not found.
C:\Users\Norma\Downloads\sp45615.exe => Moved successfully.
C:\ProgramData\ogoijenbchdhklnahafddhfgpfeoidjd => Moved successfully.
"C:\Program Files\SalePllus" => File/Directory not found.
 
"C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}" directory move:
 
Could not move "C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894}" directory. => Scheduled to move on reboot.
 
C:\ProgramData\The AdBlocker => Moved successfully.
C:\ProgramData\{231015db-f50a-f727-2310-015dbf50576f} => Moved successfully.
C:\ProgramData\{4b2107ed-e29a-646f-4b21-107ede291fb7} => Moved successfully.
C:\ProgramData\{6d3c072d-ebea-c925-6d3c-c072debe1cb7} => Moved successfully.
C:\ProgramData\{6367f138-e84c-3ea1-6367-7f138e84c4e3} => Moved successfully.
"C:\Program Files\SoftwareBump" => File/Directory not found.
C:\ProgramData\{ef8420ac-d119-1b73-ef84-420acd1182b3} => Moved successfully.
C:\ProgramData\{6f96d369-819d-dd2b-6f96-6d3698194da6} => Moved successfully.
C:\Program Files\IncludeMonitor => Moved successfully.
"C:\Program Files\Time Warp" => File/Directory not found.
"C:\Program Files\bestadblocker" => File/Directory not found.
"C:\Program Files\SalePlus" => File/Directory not found.
C:\ProgramData\6511291917069944946 => Moved successfully.
C:\ProgramData\ifnhndkjmomenjmgehjaaefbfmigimlg => Moved successfully.
"C:\Program Files\SaLePaLus" => File/Directory not found.
C:\Users\Norma\Downloads\microsoft-office-2010 (1).exe => Moved successfully.
C:\Users\Norma\Downloads\microsoft-office-2010.exe => Moved successfully.
C:\ProgramData\{7f9e9c04-ad7a-bfb3-7f9e-e9c04ad77012} => Moved successfully.
C:\Users\Norma\AppData\Local\EmieUserList => Moved successfully.
C:\Users\Norma\AppData\Local\EmieSiteList => Moved successfully.
C:\Users\Norma\AppData\Local\EmieBrowserModeList => Moved successfully.
"c:\Program Files\SoftwareBump" => File/Directory not found.
"C:\Program Files\SalePlus" => File/Directory not found.
"C:\Program Files\CoupExtEnsiooN" => File/Directory not found.
"C:\Program Files\bestadblocker" => File/Directory not found.
"C:\Program Files\AllSavEr" => File/Directory not found.
"C:\Program Files\SalePllus" => File/Directory not found.
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::cc78:f825:dbe9:5ca3%11
   Default Gateway . . . . . . . . . : 
 
Tunnel adapter isatap.{0B0D20BA-5432-4902-BCFA-A8EC0A190B62}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:4cc:1cbf:3129:f59a
   Link-local IPv6 Address . . . . . : fe80::4cc:1cbf:3129:f59a%12
   Default Gateway . . . . . . . . . : ::
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::cc78:f825:dbe9:5ca3%11
   IPv4 Address. . . . . . . . . . . : 10.1.1.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.1.254
 
Tunnel adapter isatap.{0B0D20BA-5432-4902-BCFA-A8EC0A190B62}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:4cc:1cbf:3129:f59a
   Link-local IPv6 Address . . . . . : fe80::4cc:1cbf:3129:f59a%12
   Default Gateway . . . . . . . . . : ::
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{6867D68C-8900-4542-938B-74F9B193C905} canceled.
{0F585685-501B-4AF6-8D57-48E8F66F7EAB} canceled.
{3A8DEA86-D05E-41FD-B8EA-FAA7E7F549F1} canceled.
{60B89F87-0F2A-43DD-971C-05AD5B4CC690} canceled.
{CD0C4D76-A2D7-46D6-9E0B-32F7A63FC379} canceled.
{A718896D-5543-4BB0-AA78-29D0197387D9} canceled.
{0AC62041-0970-4923-A42B-89EA70FA4554} canceled.
7 out of 7 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 598.3 MB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-25 16:53:39)<=
 
C:\ProgramData\{04b68225-30a5-5e9f-04b6-6822530a0894} => Moved successfully.
 
==== End of Fixlog 16:53:39 ====
 
# AdwCleaner v3.010 - Report created 28/01/2014 at 18:09:02
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Nicholas - NICHOLAS-PC
# Running from : C:\Users\Nicholas\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Valued Customer\AppData\Local\torch
Folder Deleted : C:\Users\Nicholas\AppData\Local\torch
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Softonic
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v32.0.1700.76
 
[ File : C:\Users\Valued Customer\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1020 octets] - [28/01/2014 18:08:16]
AdwCleaner[S0].txt - [953 octets] - [28/01/2014 18:09:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1012 octets] ##########
# AdwCleaner v4.202 - Logfile created 25/04/2015 at 18:36:54
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Norma - NORMA-PC
# Running from : C:\Users\Norma\Downloads\adwcleaner_4.202.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\492439100000371d
Folder Deleted : C:\ProgramData\4cbfb0c000000c65
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\034225bf-eb97-3f59-7dc5-46afcdb4a65f
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{28f83a8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4D1C553-99C0-48E5-B0A7-B1E00163715C}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17728
 
 
-\\ Google Chrome v42.0.2311.90
 
[C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [3059 bytes] - [28/01/2014 15:08:16]
AdwCleaner[S0].txt - [3025 bytes] - [28/01/2014 15:09:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3084  bytes] ##########
 

Edited by Peacemaker2.0, 25 April 2015 - 05:00 PM.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could I now have a fresh FRST scan please. How is the computer any problems remaining ?
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP