Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Holy Smokes! We got a bad one! Computer freezing, pop ups like

Freezing Farbar wont download Pop ups Memory usage thru the roof hard to use.

  • This topic is locked This topic is locked

#16
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Owner at 2015-05-12 21:03:22 Run:1
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
CreateRestorePoint:
CloseProcesses:
(Yontoo LLC) C:\Users\Owner\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Users\Owner\AppData\Roaming\Yontoo
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [Yontoo Desktop] => C:\Users\Owner\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-04-30] (Yontoo LLC)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [Open Download Manager] => C:\Program Files (x86)\OpenDownloaderManager\odm.exe [6369280 2013-02-20] (OpenDownloadManager.com)
C:\Program Files (x86)\OpenDownloaderManager
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [Exetender] => C:\Program Files (x86)\FantastiGames\GPlayer.exe [4973456 2013-03-14] (Exent Technologies Ltd.)
C:\Program Files (x86)\FantastiGames
HKU\S-1-5-18\...\Run: [Exetender] => C:\Program Files (x86)\FantastiGames\GPlayer.exe [4973456 2013-03-14] (Exent Technologies Ltd.)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll => c:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll [2523136 2013-07-08] ()
c:\progra~3\browse~1
c:\ProgramData\BrowserProtect
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-se...A88C417FE843CAE
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-se...A88C417FE843CAE
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fanta...q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fanta...q={searchTerms}
SearchScopes: HKLM-x32 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-se...A88C417FE843CAE
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-se...A88C417FE843CAE
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {8B9AB051-A6E4-49D5-BBD0-761DFEB2C033} URL = http://mp3tubetoolba...s={searchTerms}
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fanta...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {D2D72ABF-DFC7-456C-86D8-69B639002ADB} URL = http://websearch.ask...apn_dtid=OSJ000
BHO-x32: GetSavin 5.0 -> {5BB972CB-156D-4811-9D36-9570AF1E2BB7} -> C:\Users\Owner\AppData\Local\getsavin\ie\getsavin_1362754201.dll No File
C:\Users\Owner\AppData\Local\getsavin
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll [2013-03-13] (Delta-search.com)
C:\Program Files (x86)\Delta
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2013-04-30] (Yontoo LLC)
C:\Program Files (x86)\Yontoo
Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll [2013-03-13] (Delta-search.com)
FF NewTab: hxxp://www2.delta-search.com/?affID=119842&tt=gc_&babsrc=NT_ss&mntrId=CA88C417FE843CAE
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://www2.delta-search.com/?affID=119842&tt=gc_&babsrc=HP_ss&mntrId=CA88C417FE843CAE
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\FantastiGames\npExentCtl.dll [2009-12-27] (Exent Technologies Ltd.)
FF Plugin-x32: @TelevisionFanatic.com/Plugin -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll No File
C:\Program Files (x86)\TelevisionFanatic
FF Plugin-x32: www.exent.com/GameTreatWidget -> C:\Program Files (x86)\FantastiGames\NPGameTreatPlugin.dll No File
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\babylon.xml [2013-05-06]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\BrowserProtect.xml [2013-02-15]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\delta.xml [2013-05-06]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\Mp3Tube.xml [2011-09-05]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearch.xml [2013-03-08]
FF Extension: Delta Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\[email protected] [2013-05-06]
FF Extension: GetSavin - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\[email protected] [2013-03-08]
FF Extension: Yontoo - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\[email protected] [2013-05-06]
FF Extension: ShopToWin15 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\{4ac80c6c-0a1b-4b3a-ad7e-8a6d8f5e6928} [2012-11-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin
CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
CHR HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [incfcgceegpikennjoplhfghaaikdgei] - C:\Users\Owner\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx [2012-08-20]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Owner\AppData\Roaming\BabSolution\CR\delta2.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [pbkdpahkifcigckmhiafindmaflfifgm] - C:\Users\Owner\AppData\Local\Coupon Companion\Chrome\Coupon Companion.crx [Not Found]
S2 SessionLauncher; C:\Users\Owner\AppData\Local\Temp\DX9\SessionLauncher.exe [X]
R2 X5XSEx_Pr143; C:\Program Files (x86)\FantastiGames\X5XSEx_Pr143.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Users\Owner\AppData\Roaming\Yontoo
C:\ProgramData\C__Users_Owner_AppData_Local_Temp_wz9195_Crack_HideIPEasy.exe
Task: {0893EDC2-E291-473C-A6E4-6548BE1FF194} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {12EECD40-99FB-4C17-8524-202623BF6F32} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
C:\Program Files (x86)\Ask.com
Task: {1E02C06A-1677-4331-83F4-EFD39B9B551A} - System32\Tasks\EPUpdater => C:\Users\Owner\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {225139B3-FC3A-491F-9748-6595EECEB145} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
C:\Users\Owner\AppData\Roaming\BabSolution
Task: {3B190A9F-FB58-43D2-8FFF-4BAE5BD4C406} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {9F0FA91F-9A06-48D3-801D-B9899409DA67} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {E2E0E115-DD1A-4A8B-82FA-0ADB89E8FB69} - System32\Tasks\GorillaPrice => C:\Program <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
[4188] C:\Users\Owner\AppData\Roaming\Yontoo\YontooDesktop.exe => Process closed successfully.
C:\Users\Owner\AppData\Roaming\Yontoo => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yontoo Desktop => value deleted successfully.
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Open Download Manager => value deleted successfully.
C:\Program Files (x86)\OpenDownloaderManager => Moved successfully.
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender => Value not found.
C:\Program Files (x86)\FantastiGames => Moved successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender => value deleted successfully.
"c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll" => Value Data removed successfully.
 
"c:\progra~3\browse~1" directory move:
 
Could not move "c:\progra~3\browse~1" directory. => Scheduled to move on reboot.
 
 
"c:\ProgramData\BrowserProtect" directory move:
 
Could not move "c:\ProgramData\BrowserProtect" directory. => Scheduled to move on reboot.
 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2463}" => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2463}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found. 
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. 
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => value deleted successfully.
"HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. 
"HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8B9AB051-A6E4-49D5-BBD0-761DFEB2C033}" => Key deleted successfully.
HKCR\CLSID\{8B9AB051-A6E4-49D5-BBD0-761DFEB2C033} => Key not found. 
"HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2463}" => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} => Key not found. 
"HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}" => Key deleted successfully.
HKCR\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found. 
"HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D2D72ABF-DFC7-456C-86D8-69B639002ADB}" => Key deleted successfully.
HKCR\CLSID\{D2D72ABF-DFC7-456C-86D8-69B639002ADB} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BB972CB-156D-4811-9D36-9570AF1E2BB7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{5BB972CB-156D-4811-9D36-9570AF1E2BB7}" => Key deleted successfully.
"C:\Users\Owner\AppData\Local\getsavin" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}" => Key deleted successfully.
C:\Program Files (x86)\Delta => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}" => Key deleted successfully.
C:\Program Files (x86)\Yontoo => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}" => Key deleted successfully.
Firefox newtab deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0 => Key not found. 
C:\Program Files (x86)\FantastiGames\npExentCtl.dll not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@TelevisionFanatic.com/Plugin" => Key deleted successfully.
"C:\Program Files (x86)\TelevisionFanatic" => File/Directory not found.
HKLM\Software\Wow6432Node\MozillaPlugins\www.exent.com/GameTreatWidget => Key not found. 
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\babylon.xml => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\BrowserProtect.xml => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\delta.xml => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\Mp3Tube.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearch.xml => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\[email protected] => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\[email protected] => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\[email protected] => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\{4ac80c6c-0a1b-4b3a-ad7e-8a6d8f5e6928} => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll not found.
"C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde" => File/Directory not found.
"C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei" => File/Directory not found.
"C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl" => File/Directory not found.
"C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" => File/Directory not found.
"HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\SOFTWARE\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgei" => Key deleted successfully.
C:\Users\Owner\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde" => Key deleted successfully.
C:\Users\Owner\AppData\Roaming\BabSolution\CR\delta2.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc" => Key deleted successfully.
"C:\Program Files (x86)\Yontoo\YontooLayers.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbkdpahkifcigckmhiafindmaflfifgm" => Key deleted successfully.
SessionLauncher => Service deleted successfully.
X5XSEx_Pr143 => Service not found.
catchme => Service deleted successfully.
"C:\Users\Owner\AppData\Roaming\Yontoo" => File/Directory not found.
C:\ProgramData\C__Users_Owner_AppData_Local_Temp_wz9195_Crack_HideIPEasy.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0893EDC2-E291-473C-A6E4-6548BE1FF194}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0893EDC2-E291-473C-A6E4-6548BE1FF194}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12EECD40-99FB-4C17-8524-202623BF6F32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12EECD40-99FB-4C17-8524-202623BF6F32}" => Key deleted successfully.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key deleted successfully.
C:\Program Files (x86)\Ask.com => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E02C06A-1677-4331-83F4-EFD39B9B551A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E02C06A-1677-4331-83F4-EFD39B9B551A}" => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{225139B3-FC3A-491F-9748-6595EECEB145}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{225139B3-FC3A-491F-9748-6595EECEB145}" => Key deleted successfully.
C:\Windows\System32\Tasks\BrowserProtect => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect" => Key deleted successfully.
C:\Users\Owner\AppData\Roaming\BabSolution => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B190A9F-FB58-43D2-8FFF-4BAE5BD4C406}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B190A9F-FB58-43D2-8FFF-4BAE5BD4C406}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F0FA91F-9A06-48D3-801D-B9899409DA67}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F0FA91F-9A06-48D3-801D-B9899409DA67}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2E0E115-DD1A-4A8B-82FA-0ADB89E8FB69}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2E0E115-DD1A-4A8B-82FA-0ADB89E8FB69}" => Key deleted successfully.
C:\Windows\System32\Tasks\GorillaPrice => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GorillaPrice" => Key deleted successfully.
 
=========  netsh advfirewall reset =========
 
 
An error occurred while attempting to contact the  Windows Firewall service. Make sure that the service is running and try your request again.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
 
An error occurred while attempting to contact the  Windows Firewall service. Make sure that the service is running and try your request again.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1009.2 MB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-05-12 21:10:11)<=
 
c:\progra~3\browse~1 => Is moved successfully.
c:\ProgramData\BrowserProtect => Is moved successfully.
 
==== End of Fixlog 21:10:12 ====

  • 0

Advertisements


#17
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Adwcleaner system error "the program cant start because iertutil.dll is missing from your computer...


  • 0

#18
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Adwcleaner system error "the program cant start because iertutil.dll is missing from your computer...


Ok, we're going to need to replace that file. Let's get FRST to do a search on the machine for another copy to replace it with.\
  • Start FRST64 and uncheck any boxes that are already checked.
  • In the Search box type in iertutil.dll
  • Click the Search Files button and FRST will begin scanning your computer for a replacement copy.
  • Once the scan is finished, it will produce a log called Search.txt in the same location FRST is run from.
  • Please post that log in your next reply.

  • 0

#19
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2015 01
Ran by Owner (administrator) on OWNER-PC on 13-05-2015 16:11:35
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (All) =========================
(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\lsm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
(Farbar) C:\Users\Owner\Desktop\FRST64.exe
 
==================== Registry (All) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [162328 2011-02-11] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [386584 2011-02-11] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [417304 2011-02-11] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-24] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-24] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 28
HKLM\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-06-17] (Google Inc.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-01] (Google Inc.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2012-01-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll [2009-07-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll [2012-01-04] (Microsoft Corporation)
BootExecute: autocheck autochk * 
AlternateShell: cmd.exe
 
==================== Internet (All) ===========================
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...ms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...ms}&FORM=IE8SRC
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...g}&sourceid=ie7
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...ms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...ms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...g}&sourceid=ie7
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...Box&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...&rlz=1I7ADFA_en
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {9B97950D-482C-1D79-568F-FC7B9D40C785} URL = http://www.bing.com/...eferrer:source}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-06-25] (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll [2014-04-29] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL [2013-04-08] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-10] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-25] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-10] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-06-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-25] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll [2014-04-29] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-06-25] (Google Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2010-11-20] (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-20] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-13] (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-13] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll [2011-05-02] (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2011-05-02] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2009-05-23] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-13] (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-13] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2010-11-20] (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-20] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2013-05-28] (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2013-05-28] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation)
Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2012-11-14] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448 2011-06-15] (Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [70656 2012-11-14] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [28672 2009-07-13] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [326144 2011-06-15] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
 
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Keyword.URL: 
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3306144526-1543565107-3197362354-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3306144526-1543565107-3197362354-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3306144526-1543565107-3197362354-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-07] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\user.js [2013-05-06]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-01-16] (Apple Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\bing-zugo.xml [2011-08-25]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\flv-runner-b-customized-web-search.xml [2013-03-08]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\icqplugin-4.xml [2015-05-11]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\icqplugin-5.xml [2011-10-17]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\searchplugins\icqplugin-6.xml [2012-04-03]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old [2011-08-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom.xml [2015-05-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml [2015-05-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay.xml [2015-05-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml [2015-05-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\twitter.xml [2015-05-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia.xml [2015-05-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo.xml [2015-05-11]
FF Extension: Yahoo! Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-05-10]
FF Extension: GPComponent - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default\Extensions\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0} [2013-05-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-11]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015-05-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}] - C:\Users\Owner\AppData\Roaming\Mozilla\FireFox\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}.xpi
FF Extension: GPComponent - C:\Users\Owner\AppData\Roaming\Mozilla\FireFox\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}.xpi [2013-05-06]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn [2015-05-13]
FF HKLM-x32\...\Mozilla Firefox 23.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components [2015-05-11]
FF HKLM-x32\...\Mozilla Firefox 23.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins [2015-05-11]
FF HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Mozilla Firefox 23.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Mozilla Firefox 23.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\channel-prefs.js [2015-05-11]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapnjeoabhkpdiinmomghdncekhiib\7.13.1.0_0\background/registryAccess.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-02]
CHR Extension: (Norton Identity Protection) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-07-11]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2015-05-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
 
==================== Services (All) ========================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640 2013-05-11] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2013-02-04] (Two Pilots) [File not signed]
R3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-26] (Microsoft Corporation)
S2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation)
R3 BITS; C:\Windows\system32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-05-12] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-05-12] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-02] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation)
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2011-11-16] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-04-02] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2011-06-17] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2011-06-17] (Google Inc.)
S3 gusvc; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-21] (Google)
S3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation)
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [856400 2010-11-04] (Microsoft Corporation)
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [348152 2013-05-17] (Verizon) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [853504 2010-11-20] (Microsoft Corporation)
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [641504 2012-12-12] (Apple Inc.)
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2011-11-16] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation)
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7392648 2012-09-28] (LeapFrog Enterprises, Inc.)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [117656 2015-05-11] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation)
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [5632 2013-02-23] (The Neat Company) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2011-11-16] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [116560 2009-06-10] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-04-30] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2011-11-16] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
S3 RoxMediaDB10; C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [1124848 2009-06-26] (Sonic Solutions)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
R2 RpcSs; C:\Windows\System32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2011-11-16] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation)
R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation)
R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
R2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289472 2013-07-12] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-10] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation)
S3 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [74392 2009-04-30] (MicroVision Development, Inc.)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-20] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2011-11-16] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2011-06-15] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [258560 2010-11-20] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [204800 2010-11-20] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
R3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation)
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation)
R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-03] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2428952 2012-06-02] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [230400 2013-03-18] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (All) ==========================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [498688 2011-12-27] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-10] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-10] (Advanced Micro Devices)
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2011-05-13] (Google Inc)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] (Microsoft Corporation)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [2769400 2009-07-08] (Broadcom Corporation)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20150506.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458704 2012-06-01] (Microsoft Corporation)
R0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
R3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [174848 2010-06-07] (Creative Technology Ltd.)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation)
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
S3 Dot4; C:\Windows\System32\DRIVERS\Dot4.sys [145920 2009-07-13] (Microsoft Corporation)
S3 Dot4Print; C:\Windows\System32\DRIVERS\Dot4Prt.sys [19968 2010-11-20] (Microsoft Corporation)
S3 dot4usb; C:\Windows\System32\DRIVERS\dot4usb.sys [43008 2009-07-13] (Microsoft Corporation)
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983400 2013-04-09] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-17] (Symantec Corporation)
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-05-10] (Symantec Corporation)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-02-29] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-23] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
R3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation)
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
R0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [557848 2011-06-15] (Intel Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-10] (Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20150512.001\IDSvia64.sys [671448 2015-05-10] (Symantec Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10628640 2011-02-11] (Intel Corporation)
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation)
R3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-20] (Microsoft Corporation)
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95600 2012-06-01] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [151920 2012-06-01] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-20] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-26] (Microsoft Corporation)
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-08] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-26] (Microsoft Corporation)
R0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation)
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20150512.019_988\ENG64.SYS [129752 2015-05-12] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20150512.019_988\EX64.SYS [2137304 2015-05-12] (Symantec Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-10] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-10] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55280 2009-05-20] (Sonic Solutions)
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation)
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-27] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-28] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-28] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-28] (Microsoft Corporation)
S3 ssadbus; C:\Windows\System32\DRIVERS\ssadbus.sys [157672 2011-05-13] (MCCI Corporation)
S3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [16872 2011-05-13] (MCCI Corporation)
S3 ssadmdm; C:\Windows\System32\DRIVERS\ssadmdm.sys [177640 2011-05-13] (MCCI Corporation)
S3 ssadserd; C:\Windows\System32\DRIVERS\ssadserd.sys [146920 2011-05-13] (MCCI Corporation)
S3 sscdbus; C:\Windows\System32\DRIVERS\sscdbus.sys [136264 2010-11-11] (MCCI Corporation)
S3 sscdmdfl; C:\Windows\System32\DRIVERS\sscdmdfl.sys [19016 2010-11-11] (MCCI Corporation)
S3 sscdmdm; C:\Windows\System32\DRIVERS\sscdmdm.sys [172104 2010-11-11] (MCCI Corporation)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
R3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] (Microsoft Corporation)
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1910632 2013-05-07] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1910632 2013-05-07] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation)
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation)
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-20] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
R4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
R3 umbus; C:\Windows\system32\drivers\umbus.sys [48640 2010-11-20] (Microsoft Corporation)
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-24] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52736 2011-03-24] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-24] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2009-07-13] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] (Microsoft Corporation)
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-10] (Microsoft Corporation)
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2011-03-24] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-20] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785512 2012-07-25] (Microsoft Corporation)
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
S3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [73984 2009-08-13] (Microsoft Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-13 16:10 - 2015-05-13 16:11 - 00080449 _____ () C:\Users\Owner\Desktop\FRST.txt
2015-05-13 16:09 - 2015-05-13 16:09 - 00000000 ____D () C:\Users\Owner\Desktop\FRST-OlderVersion
2015-05-12 21:29 - 2015-05-12 21:05 - 02204160 _____ () C:\Users\Owner\Desktop\adwcleaner_4.203.exe
2015-05-12 21:18 - 2015-05-12 21:18 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2015-05-12 21:12 - 2015-05-12 21:12 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-05-12 21:02 - 2015-05-13 16:09 - 02104832 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2015-05-12 21:02 - 2015-05-12 21:02 - 00000608 _____ () C:\Users\Owner\Desktop\FRST64.exe - Shortcut (2).lnk
2015-05-12 20:54 - 2015-05-12 20:54 - 00000608 _____ () C:\Users\Owner\Desktop\FRST64.exe - Shortcut.lnk
2015-05-12 13:05 - 2015-05-13 16:11 - 00000000 ____D () C:\FRST
2015-05-11 19:11 - 2015-05-11 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-13 16:12 - 2011-09-07 00:47 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000UA.job
2015-05-13 15:57 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2015-05-13 15:39 - 2011-06-17 22:10 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 14:46 - 2011-06-15 20:10 - 02030830 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 10:39 - 2013-07-05 00:19 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2015-05-13 10:21 - 2009-07-13 21:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 10:21 - 2009-07-13 21:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 10:13 - 2011-09-08 02:54 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-13 10:12 - 2011-10-20 09:32 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-13 10:11 - 2013-03-08 15:04 - 00010632 _____ () C:\Windows\setupact.log
2015-05-13 10:11 - 2011-06-17 22:10 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 10:11 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 21:12 - 2013-07-05 00:22 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2015-05-12 21:12 - 2013-07-05 00:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-05-12 21:12 - 2011-09-07 00:47 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000Core.job
2015-05-12 21:09 - 2012-03-29 23:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-12 21:08 - 2013-03-08 15:07 - 00135258 _____ () C:\Windows\PFRO.log
2015-05-12 21:08 - 2011-06-15 20:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-12 21:07 - 2012-06-30 18:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 20:54 - 2013-07-05 08:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2015-05-12 13:05 - 2009-07-13 22:13 - 00005168 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 18:34 - 2011-06-15 20:09 - 00000000 ____D () C:\Users\Owner
2015-05-11 18:32 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-11 18:31 - 2013-03-14 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 18:31 - 2013-02-02 20:52 - 00000000 ____D () C:\ProgramData\Norton
2015-05-11 18:31 - 2012-08-26 14:11 - 00000000 ____D () C:\ProgramData\Skype
2015-05-11 18:31 - 2011-09-07 00:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-11 18:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-11 18:29 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2015-05-11 18:25 - 2011-09-01 00:54 - 00000000 ____D () C:\Program Files (x86)\Verizon
2015-05-11 18:25 - 2011-06-17 22:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2015-05-11 18:24 - 2012-08-26 14:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-11 18:24 - 2012-04-05 21:55 - 00000000 __RHD () C:\MSOCache
 
==================== Files in the root of some directories =======
 
2013-05-08 08:04 - 2013-02-09 14:55 - 0114176 _____ () C:\Users\Owner\AppData\Roaming\BabMaint.exe
2013-09-06 22:30 - 2013-09-06 22:30 - 0000042 _____ () C:\Users\Owner\AppData\Roaming\mbam.context.scan
2012-10-25 21:49 - 2012-11-21 12:20 - 0583306 _____ () C:\Users\Owner\AppData\Roaming\technic-launcher.jar
2012-10-25 21:49 - 2012-11-04 21:42 - 0579274 _____ () C:\Users\Owner\AppData\Roaming\technic-launcher.jar.bak
2011-08-21 20:30 - 2012-08-13 21:28 - 0005120 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-20 10:36 - 2013-05-20 10:36 - 0007605 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
2013-01-19 20:42 - 2013-01-19 20:42 - 0000057 _____ () C:\ProgramData\Ament.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-12 21:53
 
==================== End Of Log ============================

  • 0

#20
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hi :)

You appear to have clicked the Scan button, and not the Search Files button. Please repeat the steps in Post #18 and click the Search Files button, not the Scan button. :thumbsup:
  • 0

#21
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Farbar Recovery Scan Tool (x64) Version: 13-05-2015 01
Ran by Owner at 2015-05-13 16:20:56
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
 
================== Search Files: "iertutil.dll" =============
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20606_none_60c78d12bfd3657a\iertutil.dll
[2013-07-12 07:49][2013-05-28 19:44] 1796096 ____A (Microsoft Corporation) 91DB399906401A420831E1F00C9EBA26 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20600_none_60c18b56bfd8cd70\iertutil.dll
[2013-06-14 08:20][2013-05-16 14:35] 1796096 ____A (Microsoft Corporation) 3284096175E16A15B67908FC63089E72 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20593_none_60633b02c01f17c7\iertutil.dll
[2013-05-14 16:57][2013-04-04 13:46] 1796096 ____A (Microsoft Corporation) 1E121DD2991405CD3C8723325EE6EAF5 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20586_none_60710bccc01447db\iertutil.dll
[2013-04-11 07:37][2013-02-21 20:28] 1796096 ____A (Microsoft Corporation) 5BE7CAF9DACBF6C1C20AC6C9C2122600 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20580_none_606b0a10c019afd1\iertutil.dll
[2013-03-14 07:42][2013-02-01 20:29] 1796096 ____A (Microsoft Corporation) 5FDA7467F5B3B41A63DCD7E542B994B4 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20573_none_6078dadac00edfe5\iertutil.dll
[2013-02-16 10:01][2013-01-08 13:33] 1796096 ____A (Microsoft Corporation) ADA72DC8CA2FC44D05B4070054F8A2A1 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20565_none_6085ab5ac004f6a2\iertutil.dll
[2012-12-12 21:57][2012-11-13 18:27] 1793024 ____A (Microsoft Corporation) 9B35FC2316CBF198E5EEA405D96777F2 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20562_none_6082aa7cc007aa9d\iertutil.dll
[2012-11-15 16:36][2012-10-08 00:31] 1793024 ____A (Microsoft Corporation) F72FB9A16B8544BD3F3F58106E1CAC58 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20557_none_60927bdabffb0d5f\iertutil.dll
[2012-09-22 08:45][2012-08-24 00:07] 1793024 ____A (Microsoft Corporation) C5BF51D58A85AD2B8D392E21BB9A5D86 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20554_none_608f7afcbffdc15a\iertutil.dll
[2012-08-20 20:25][2012-06-28 15:46] 1793024 ____A (Microsoft Corporation) EC6CF836399ED2C4AAB70F17D65F7884 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20553_none_608e7ab2bffea803\iertutil.dll
[2012-07-11 23:42][2012-06-02 01:11] 1793024 ____A (Microsoft Corporation) 4739AD40B8240A177815D4976CD552AB [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20551_none_608c7a1ec0007555\iertutil.dll
[2012-06-15 17:27][2012-05-17 15:12] 1793024 ____A (Microsoft Corporation) A598B6A45346A21960D661C6A1E7552E [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20548_none_609e4c10bff20ac5\iertutil.dll
[2012-04-10 20:03][2012-02-27 17:53] 1792000 ____A (Microsoft Corporation) 9BC2189BB54C7416D32E91BA692508F4 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20546_none_609c4b7cbff3d817\iertutil.dll
[2012-03-29 22:27][2011-12-13 19:23] 1792000 ____A (Microsoft Corporation) B93C966BC42CF9D0DD00752DD85C06F6 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20537_none_60a81bb2bfead57d\iertutil.dll
[2011-10-16 17:12][2011-08-31 18:51] 1791488 ____A (Microsoft Corporation) A8CF11C575D22934378C78983B3D4755 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16496_none_5fdc9f15a6fec402\iertutil.dll
[2013-07-12 07:49][2013-05-28 18:33] 1796096 ____A (Microsoft Corporation) 501E7642455831A51448F82C1C468538 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16490_none_5fd69d59a7042bf8\iertutil.dll
[2013-06-14 08:20][2013-05-16 15:17] 1796096 ____A (Microsoft Corporation) 6057AA7FDF03309A18FAE4E9FCFE7D8F [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16483_none_5fe46e23a6f95c0c\iertutil.dll
[2013-05-14 16:57][2013-04-04 14:55] 1796096 ____A (Microsoft Corporation) 6B07400F62998EB6970807C0A69CF152 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16476_none_5ff23eeda6ee8c20\iertutil.dll
[2013-04-11 07:37][2013-02-21 20:32] 1796096 ____A (Microsoft Corporation) 9BDDA34DC4890169DE5BA21134B33EFB [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16470_none_5fec3d31a6f3f416\iertutil.dll
[2013-03-14 07:42][2013-02-01 20:23] 1796096 ____A (Microsoft Corporation) 73BDB1C0801D44BEA5F6749FD340CC0F [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16464_none_5ffb0e45a6e83d81\iertutil.dll
[2013-02-16 10:01][2013-01-08 14:56] 1796096 ____A (Microsoft Corporation) D171EAA745A2C0C583CDDA13D9088EE4 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16457_none_6008df0fa6dd6d95\iertutil.dll
[2012-12-12 21:57][2012-11-13 18:46] 1793024 ____A (Microsoft Corporation) 780E80E5502015EDAEC91DC0A0C96A79 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16455_none_6006de7ba6df3ae7\iertutil.dll
[2012-11-15 16:36][2012-10-08 00:41] 1793024 ____A (Microsoft Corporation) 3178C47DB9F1615E5334029607BD3459 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16450_none_6001dd09a6e3bc34\iertutil.dll
[2012-09-22 08:45][2012-08-23 23:44] 1793024 ____A (Microsoft Corporation) EB8A00E8E9931A7EC04F920B09D880D8 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16448_none_6014af45a6d46afb\iertutil.dll
[2012-08-20 20:25][2012-06-28 17:01] 1793024 ____A (Microsoft Corporation) B17ADBBBDC97148D28F995F32C380F2E [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16447_none_6013aefba6d551a4\iertutil.dll
[2012-07-11 23:42][2012-06-02 01:19] 1793024 ____A (Microsoft Corporation) C516284DE6DB833E77CC0E5217CDC6AA [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16446_none_6012aeb1a6d6384d\iertutil.dll
[2012-06-15 17:27][2012-05-17 15:27] 1793024 ____A (Microsoft Corporation) E0C68CE8A3C548B101ABC01DB3DDB7CA [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16443_none_600fadd3a6d8ec48\iertutil.dll
[2012-04-10 20:03][2012-02-27 18:04] 1792000 ____A (Microsoft Corporation) 1341915D4705A3BA68BC49E83024ADE0 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16441_none_600dad3fa6dab99a\iertutil.dll
[2012-03-29 22:27][2011-12-13 19:52] 1792000 ____A (Microsoft Corporation) CDF5B6AEC538E02D5579E2E791042A1A [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16437_none_601e7ee7a6cd35b3\iertutil.dll
[2011-10-16 17:12][2011-08-31 19:23] 1791488 ____A (Microsoft Corporation) 217557259182C86A6D3ADE11BC42B74A [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16434_none_601b7e09a6cfe9ae\iertutil.dll
[2011-08-21 18:55][2011-08-21 18:55] 1791488 ____A (Microsoft Corporation) AB0E44C70C5C732C1E312EAEABECC1D5 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21754_none_64c3ba7d7b064e80\iertutil.dll
[2011-08-11 20:19][2011-06-20 23:44] 2073600 ____A (Microsoft Corporation) D4336EC723CAC8D8BD63C681B97FD743 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21718_none_64f2fb557ae24418\iertutil.dll
[2011-06-15 22:18][2011-05-01 22:38] 2064384 ____A (Microsoft Corporation) F76BC64151ED46D9B81D4E1CBA5C29D4 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17638_none_6453beb261d4dc30\iertutil.dll
[2011-08-11 20:19][2011-06-20 22:26] 2073600 ____A (Microsoft Corporation) 640C3D0921F74FC8DE84E841A2F77B4B [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17608_none_64742e7661bc885d\iertutil.dll
[2011-06-15 22:18][2011-04-28 21:54] 2064384 ____A (Microsoft Corporation) 3B10CE9257F58352B555FADD898C5F12 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17514_none_64655b7c61c841cb\iertutil.dll
[2011-06-15 21:27][2010-11-20 04:19] 2064384 ____A (Microsoft Corporation) 683E0C9DA9E1EB9E4691DFAE0EC83E36 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.20992_none_62b01d337e021faa\iertutil.dll
[2011-08-11 20:19][2011-06-20 22:24] 2073088 ____A (Microsoft Corporation) 9410550060EDEBE6DCB4E7A5EBD3E314 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.20949_none_62ed2ed57dd34556\iertutil.dll
[2011-06-15 22:19][2011-04-22 12:13] 2063872 ____A (Microsoft Corporation) 07FF40742E8CAE88204B5B4F24270F6E [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16839_none_626e61f664ad899b\iertutil.dll
[2011-08-11 20:19][2011-06-20 22:34] 2072576 ____A (Microsoft Corporation) 3AB38B9BC2376194F7280F416E655E05 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16800_none_6285cf20649d51b9\iertutil.dll
[2011-06-15 22:19][2011-04-22 12:31] 2063360 ____A (Microsoft Corporation) 570C6B12E7BD623A85EA1F01C75C346A [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16385_none_623447b464d9be31\iertutil.dll
[2009-07-13 16:44][2009-07-13 18:15] 2058240 ____A (Microsoft Corporation) 13D1F490AF6C7649F51BA29F9CCBB778 [File is signed]
 
C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_10.2.9200.16521_none_695ea86a449a5cd0\iertutil.dll
[2013-04-02 07:11][2013-04-02 07:11] 2046464 ____A (Microsoft Corporation) 66D8CDC28A0AADDA34133AE733934658 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20606_none_bce628967830d6b0\iertutil.dll
[2013-07-12 07:49][2013-05-28 22:02] 2147840 ____A (Microsoft Corporation) 05B19A9135B6AD5057351D51E33D0004 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20600_none_bce026da78363ea6\iertutil.dll
[2013-06-14 08:20][2013-05-16 17:44] 2147840 ____A (Microsoft Corporation) 2698F5148312D8EEEDD803D3BDEBFBAA [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20593_none_bc81d686787c88fd\iertutil.dll
[2013-05-14 16:57][2013-04-04 16:31] 2147840 ____A (Microsoft Corporation) 7B06390BE5FBF8245F5ECFE1A984871F [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20586_none_bc8fa7507871b911\iertutil.dll
[2013-04-11 07:37][2013-02-21 23:29] 2147840 ____A (Microsoft Corporation) BB30C6576586A3F04FBBF8F343F6D609 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20580_none_bc89a59478772107\iertutil.dll
[2013-03-14 07:42][2013-02-02 00:08] 2147840 ____A (Microsoft Corporation) B114EF01C1A7C70711D778BCAA420157 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20573_none_bc97765e786c511b\iertutil.dll
[2013-02-16 10:01][2013-01-08 16:47] 2147840 ____A (Microsoft Corporation) 65906015A1E40A29750C3ED05B5B96B1 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20565_none_bca446de786267d8\iertutil.dll
[2012-12-12 21:57][2012-11-13 20:54] 2144768 ____A (Microsoft Corporation) B44FC029AAEEB5043A75A5E865BA1B11 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20562_none_bca1460078651bd3\iertutil.dll
[2012-11-15 16:36][2012-10-08 03:03] 2144768 ____A (Microsoft Corporation) 9D43EB7F46737294991EB75E72B7E710 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20557_none_bcb1175e78587e95\iertutil.dll
[2012-09-22 08:45][2012-08-24 02:47] 2144768 ____A (Microsoft Corporation) 6984FF326BD5C59DF9E962CC4407A4C2 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20554_none_bcae1680785b3290\iertutil.dll
[2012-08-20 20:25][2012-06-28 18:45] 2144768 ____A (Microsoft Corporation) B3B110B98A135FA154E2E01B8486A850 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20553_none_bcad1636785c1939\iertutil.dll
[2012-07-11 23:42][2012-06-02 04:03] 2144768 ____A (Microsoft Corporation) 714CB0F07D7C0A48C334B6A672EFFD44 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20551_none_bcab15a2785de68b\iertutil.dll
[2012-06-15 17:27][2012-05-17 17:40] 2144768 ____A (Microsoft Corporation) D310AFEF54A3815EB14A386DF70F361B [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20548_none_bcbce794784f7bfb\iertutil.dll
[2012-04-10 20:03][2012-02-27 20:01] 2144256 ____A (Microsoft Corporation) 318F557D3D7773AC201AA04400DC1A32 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20546_none_bcbae7007851494d\iertutil.dll
[2012-03-29 22:27][2011-12-13 23:03] 2144256 ____A (Microsoft Corporation) C791A78ACAF337DADBFCC7E1D44DFA77 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20537_none_bcc6b736784846b3\iertutil.dll
[2011-10-16 17:12][2011-08-31 21:34] 2143744 ____A (Microsoft Corporation) 20AE13E8248943F9192CBBB9DD08C648 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16496_none_bbfb3a995f5c3538\iertutil.dll
[2013-07-12 07:49][2013-05-28 22:27] 2147840 ____A (Microsoft Corporation) 6A6CAB59EA37C55D726EBABCEA012A44 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16490_none_bbf538dd5f619d2e\iertutil.dll
[2013-06-14 08:20][2013-05-16 19:53] 2147840 ____A (Microsoft Corporation) DE3DC975F1A9F82BAB9812A272018810 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16483_none_bc0309a75f56cd42\iertutil.dll
[2013-05-14 16:57][2013-04-04 17:54] 2147840 ____A (Microsoft Corporation) 2801567C850F1696D53C5E2CD1AE569A [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16476_none_bc10da715f4bfd56\iertutil.dll
[2013-04-11 07:37][2013-02-21 23:13] 2147840 ____A (Microsoft Corporation) 8D4DEA45FCDF9FCFD9E31232A07E6EF9 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16470_none_bc0ad8b55f51654c\iertutil.dll
[2013-03-14 07:42][2013-02-01 23:39] 2147840 ____A (Microsoft Corporation) A54A16DAE7497CDCB8C5A021C0F6FEB8 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16464_none_bc19a9c95f45aeb7\iertutil.dll
[2013-02-16 10:01][2013-01-08 18:05] 2147840 ____A (Microsoft Corporation) F431C3C86FCCC1C53814F043A6CAD825 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16457_none_bc277a935f3adecb\iertutil.dll
[2012-12-12 21:57][2012-11-13 22:55] 2144768 ____A (Microsoft Corporation) A0F52880DDD164F968BE903C1FECD27E [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16455_none_bc2579ff5f3cac1d\iertutil.dll
[2012-11-15 16:36][2012-10-08 04:15] 2144768 ____A (Microsoft Corporation) D25968D163EC487A50C8C6A91D4134B4 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16450_none_bc20788d5f412d6a\iertutil.dll
[2012-09-22 08:45][2012-08-24 03:12] 2144768 ____A (Microsoft Corporation) D841F7629505EE542E26E5F0A4D20101 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16448_none_bc334ac95f31dc31\iertutil.dll
[2012-08-20 20:25][2012-06-28 20:42] 2144768 ____A (Microsoft Corporation) E10A0704318A6F7E52787D09717D7C2C [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16447_none_bc324a7f5f32c2da\iertutil.dll
[2012-07-11 23:42][2012-06-02 04:59] 2144768 ____A (Microsoft Corporation) 78CA24E3B51C624007C1B8A7B8D6C9AF [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16446_none_bc314a355f33a983\iertutil.dll
[2012-06-15 17:27][2012-05-17 18:54] 2144768 ____A (Microsoft Corporation) B02D84F0923132869E1ABFE08E0D2314 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16443_none_bc2e49575f365d7e\iertutil.dll
[2012-04-10 20:03][2012-02-27 23:43] 2144256 ____A (Microsoft Corporation) DDDF8F6E16BEA898C07F9B2C8E7F59D2 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16441_none_bc2c48c35f382ad0\iertutil.dll
[2012-03-29 22:27][2011-12-13 23:59] 2144256 ____A (Microsoft Corporation) E57A6E4941EAA298433623B20F649C8B [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16437_none_bc3d1a6b5f2aa6e9\iertutil.dll
[2011-10-16 17:12][2011-08-31 22:12] 2143744 ____A (Microsoft Corporation) 51F1A71EF8185B959A6E06D98E489287 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16434_none_bc3a198d5f2d5ae4\iertutil.dll
[2011-08-21 18:55][2011-08-21 18:55] 2143232 ____A (Microsoft Corporation) FBD511357A9EEA1DAAFD3687E714CD95 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21754_none_c0e256013363bfb6\iertutil.dll
[2011-08-11 20:19][2011-06-20 23:12] 2454528 ____A (Microsoft Corporation) 304A5AF79625A8434F1BC85C450ED3B6 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21718_none_c11196d9333fb54e\iertutil.dll
[2011-06-15 22:18][2011-05-01 22:17] 2443776 ____A (Microsoft Corporation) 5137BEECB69F21647E41C72A33633895 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17638_none_c0725a361a324d66\iertutil.dll
[2011-08-11 20:19][2011-06-20 23:18] 2454528 ____A (Microsoft Corporation) 0671E714E911F5C71788CA736DC6FB45 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17608_none_c092c9fa1a19f993\iertutil.dll
[2011-06-15 22:18][2011-04-28 22:51] 2443776 ____A (Microsoft Corporation) 214338D755D4C1E0050D213AFA2A05E8 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17514_none_c083f7001a25b301\iertutil.dll
[2011-06-15 21:26][2010-11-20 05:26] 2444288 ____A (Microsoft Corporation) 5180380D353277D395D3B36D790AA93E [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.20992_none_beceb8b7365f90e0\iertutil.dll
[2011-08-11 20:19][2011-06-20 23:11] 2459648 ____A (Microsoft Corporation) 214F02C70AFA59DD8F377090A97A3F6F [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.20949_none_bf0bca593630b68c\iertutil.dll
[2011-06-15 22:19][2011-04-22 13:11] 2448384 ____A (Microsoft Corporation) C834FFD89950B6B1092180FA28782660 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16839_none_be8cfd7a1d0afad1\iertutil.dll
[2011-08-11 20:19][2011-06-20 23:19] 2458624 ____A (Microsoft Corporation) B7182DB252EB0E4BE4344C460898C789 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16800_none_bea46aa41cfac2ef\iertutil.dll
[2011-06-15 22:19][2011-04-22 13:13] 2448896 ____A (Microsoft Corporation) 156561022C47CC600130E81E42C4F285 [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16385_none_be52e3381d372f67\iertutil.dll
[2009-07-13 16:59][2009-07-13 18:41] 2440704 ____A (Microsoft Corporation) 39570395292A4702FDE94C345DF0C39E [File is signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_10.2.9200.16521_none_c57d43edfcf7ce06\iertutil.dll
[2013-04-02 07:11][2013-04-02 07:11] 2647552 ____A (Microsoft Corporation) 23C80181B93AA17DACB08A7474A8558B [File is signed]
 
C:\Windows\System32\iertutil.dll
[2013-07-12 07:49][2013-05-28 22:27] 2147840 ____A (Microsoft Corporation) 6A6CAB59EA37C55D726EBABCEA012A44 [File is signed]
 
====== End Of Search ======

  • 0

#22
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
There we go, now let's get that file replaced and continue with the cleaning. :thumbsup:


Step 1: Replace file with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
Replace: C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20606_none_60c78d12bfd3657a\iertutil.dll C:\windows\system32\iertutil.dll
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Once you have run this fix, please reboot the machine.


Step 2: Scan with AdwCleaner


Once the machine has rebooted, please try running AdwCleaner again, following the instructions below.
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything.
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

AdwCleaner Log

  • 0

#23
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

ok, i am having trouble starting frst "application was unable to start correctly 0xc000007b. ?? I downloaded it again to usb stick but am getting same..


  • 0

#24
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

ok, i am having trouble starting frst "application was unable to start correctly 0xc000007b. ?? I downloaded it again to usb stick but am getting same..


Ok, let's do this:

Click Start, All Programs, then select the Accessories folder.

Locate Command Prompt, right click on it, and select Run as Administrator

When you get to the Command Prompt, type this in: chkdsk /f

Once it finishes, please reboot the machine and try running the steps again.
  • 0

#25
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Ok command prompt that it cannot run because the volume is in use by another process...


  • 0

Advertisements


#26
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

the type of the file system is NTFS. Cannot lock current drive


  • 0

#27
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Ok command prompt that it cannot run because the volume is in use by another process...


Did it ask you if you wanted to run it the next time the machine boots? If so, go ahead and reboot the machine. :thumbsup:
  • 0

#28
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

It did the check and i ran command prompt after reboot again with the same result


  • 0

#29
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
I'm sorry for the delay, apparently the board ate my last reply.

Please go to the command prompt again and this time, type in this: sfc /scannow and hit Enter.

Once the scan finishes, it will produce a log called CBS.log that can be found here: C:\windows\logs.

Please attach it in your next reply.

Once it finishes, please try the Steps to replace the file and run a scan with AdwCleaner again.

If successful, please post the fixlog.txt and AdwCleaner logs along with the CBS log.
  • 0

#30
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Ok, I ran the scan and rebooted and tried chkdsk /f with the same result NTSF. I also tried to get the cbs log and got access denied.


  • 0






Similar Topics


Also tagged with one or more of these keywords: Freezing, Farbar wont download, Pop ups, Memory usage thru the roof, hard to use.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP