Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Web browser not working [Solved]


  • This topic is locked This topic is locked

#1
jsburdge

jsburdge

    New Member

  • Member
  • Pip
  • 8 posts

I am having trouble getting any of my web browsers to work even though I am connected to the internet.  Was working on this in the systems section and was told to run FRST.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Phillip (administrator) on PHILLIP-PC on 11-05-2015 21:44:57
Running from C:\Users\Phillip\Desktop
Loaded Profiles: Phillip (Available profiles: Phillip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
() C:\Users\Phillip\AppData\Local\PennyBee\PennyBeeW.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(System Alerts LLC) C:\Users\Phillip\AppData\Local\DesktopTemperature\DesktopTemperature.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\StormWatch.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Pay By Ads LTD) C:\Users\Phillip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrsetup.exe
(Pay By Ads LTD) C:\Users\Phillip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [357376 2009-09-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-09] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [mcagent_exe] => C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [DellComms] => C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe [206064 2009-05-05] (SupportSoft, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295072 2013-01-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-09-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-04] (Google Inc.)
HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\Run: [Yahoo! Search] => C:\Users\Phillip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [634624 2015-01-02] (Pay By Ads LTD)
HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\Run: [PennyBee] => C:\Users\Phillip\AppData\Local\PennyBee\PennyBeeW.exe [338432 2014-12-25] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2603312 2013-10-30] ()
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [2869720 2013-10-29] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-12-25]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Phillip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2013-01-04]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Phillip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk [2015-01-02]
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\Phillip\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Startup: C:\Users\Phillip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2013-10-30]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Phillip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk [2015-01-02]
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (Weather Protector LLC)
Startup: C:\Users\Phillip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk [2015-01-02]
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo...20029,0,31,7939
URLSearchHook: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D2F1C87E-E5AB-4CF8-A8A2-11E186B90FB5} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {32C7A833-A88E-47C9-88E9-88BF6973F4CA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> {2F91AE5C-6EDD-4E73-9F71-C7E4EECC8172} URL = http://rts.dsrlte.co...rchTerms}&r=314
SearchScopes: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> {32C7A833-A88E-47C9-88E9-88BF6973F4CA} URL = 
SearchScopes: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...sa&d=2013-11-1117:33:39&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> {E5A6CE1A-1E56-4750-9EBB-59D598DE2682} URL = https://search.yahoo...01,20028,0,31,0
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> C:\Program Files (x86)\McAfee\MSK\mskapbho64.dll No File
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-04-24] (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-18] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-25] (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17] (Kaspersky Lab ZAO)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2014-07-29] (Yahoo! Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll No File
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll [2012-12-18] (Babylon BHO)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17] (Kaspersky Lab ZAO)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-04-24] (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-02] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll [2014-09-10] (AVG Secure Search)
BHO-x32: BatBrowse 1.0.0.6 -> {a7262c86-7809-4d76-a726-5a379f1a3158} -> C:\Program Files (x86)\BatBrowse\BatBrowseBHO.dll [2015-01-02] (BatBrowse)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-18] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-02] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17] (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-18] (Google Inc.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll [2012-12-18] (Babylon Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll [2014-09-10] (AVG Secure Search)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-18] (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2014-07-29] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-08-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-4204421207-2302213490-1209804939-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2009-07-23] (Cozi Group, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-18] (AVG Secure Search)
Winsock: Catalog9 01 C:\Windows\SysWOW64\CatWSPrx.dll [330672 2015-01-02] (Catalytix Web Services)
Winsock: Catalog9 02 C:\Windows\SysWOW64\CatWSPrx.dll [330672 2015-01-02] (Catalytix Web Services)
Winsock: Catalog9 03 C:\Windows\SysWOW64\CatWSPrx.dll [330672 2015-01-02] (Catalytix Web Services)
Winsock: Catalog9 04 C:\Windows\SysWOW64\CatWSPrx.dll [330672 2015-01-02] (Catalytix Web Services)
Winsock: Catalog9 05 C:\Users\Phillip\AppData\Local\DesktopTemperature\Yqy2GK.dll [307224 2014-12-16] ()
Winsock: Catalog9 06 C:\Users\Phillip\AppData\Local\DesktopTemperature\Yqy2GK.dll [307224 2014-12-16] ()
Winsock: Catalog9 07 C:\Users\Phillip\AppData\Local\DesktopTemperature\Yqy2GK.dll [307224 2014-12-16] ()
Winsock: Catalog9 08 C:\Users\Phillip\AppData\Local\DesktopTemperature\Yqy2GK.dll [307224 2014-12-16] ()
Winsock: Catalog9 09 C:\Users\Phillip\AppData\Local\DesktopTemperature\Yqy2GK.dll [307224 2014-12-16] ()
Winsock: Catalog9 20 C:\Users\Phillip\AppData\Local\DesktopTemperature\Yqy2GK.dll [307224 2014-12-16] ()
Winsock: Catalog9 21 C:\Windows\SysWOW64\CatWSPrx.dll [330672 2015-01-02] (Catalytix Web Services)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BFDF6E01-31F1-4456-BE5A-2D6E3595CDDC}: [NameServer] 208.255.222.222,208.67.220.220
 
FireFox:
========
FF ProfilePath: C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\gwxdseee.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-01-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-01-04] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4204421207-2302213490-1209804939-1001: @nsroblox.roblox.com/launcher -> C:\Users\Phillip\AppData\Local\Roblox\Versions\version-7bba248538754234\\NPRobloxProxy.dll [2013-07-10] ( ROBLOX Corporation)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-01-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-01-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-01-04]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49 [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.0.49\avg.crx [2014-01-29]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.exe [143488 2013-10-30] () [File not signed]
S3 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356376 2013-01-04] (Kaspersky Lab ZAO)
S4 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2015-01-03] (Just Develop It) <==== ATTENTION
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-22] (Weather Protector LLC)
S4 Update BatBrowse; C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe [524528 2015-01-02] ()
S4 Util BatBrowse; C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe [524528 2015-01-02] ()
S4 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-18] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]
S2 mcmscsvc; %ProgramFiles(x86)%\McAfee\MSC\mcmscsvc.exe [X]
S2 McNASvc; %CommonProgramFiles(x86)%\mcafee\mna\mcnasvc.exe [X]
S2 McProxy; C:\PROGRA~2\COMMON~1\McAfee\McProxy\McProxy.exe [X]
S2 MpfService; %ProgramFiles(x86)%\McAfee\MPF\MPFSrv.exe [X]
S2 MSK80Service; "C:\Program Files (x86)\McAfee\MSK\MskSrver.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-18] (AVG Technologies)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-04-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-10-25] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55056 2013-04-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-24] (Kaspersky Lab ZAO)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2009-04-09] (McAfee, Inc.)
R1 {a459d632-5225-4bb9-9a0b-002544d16f6e}w64; C:\Windows\System32\drivers\{a459d632-5225-4bb9-9a0b-002544d16f6e}w64.sys [61112 2014-08-17] (StdLib)
R1 {c97511ae-4154-409f-acea-ebd22476ac29}w64; C:\Windows\System32\drivers\{c97511ae-4154-409f-acea-ebd22476ac29}w64.sys [48776 2014-12-18] (StdLib)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-11 21:44 - 2015-05-11 21:45 - 00027247 _____ () C:\Users\Phillip\Desktop\FRST.txt
2015-05-11 21:44 - 2015-05-11 21:42 - 02102784 _____ (Farbar) C:\Users\Phillip\Desktop\FRST64.exe
2015-05-11 21:43 - 2015-05-11 21:45 - 00000000 ____D () C:\FRST
2015-05-09 13:00 - 2015-05-09 13:00 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-09 13:00 - 2015-05-09 13:00 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-09 13:00 - 2015-05-09 13:00 - 00000000 ____D () C:\Users\Phillip\AppData\Roaming\Mozilla
2015-05-09 13:00 - 2015-05-09 13:00 - 00000000 ____D () C:\Users\Phillip\AppData\Local\Mozilla
2015-05-09 13:00 - 2015-05-09 13:00 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-09 13:00 - 2015-05-09 13:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-09 12:38 - 2015-05-09 12:41 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-09 12:38 - 2015-05-09 12:38 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-09 12:13 - 2015-05-09 12:13 - 00000000 ____D () C:\7c817ec4f72b4d9934aa5322ac
2015-05-09 12:04 - 2015-05-09 12:55 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-09 12:04 - 2015-04-01 11:16 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-09 11:57 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-09 11:57 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-05-09 11:55 - 2015-04-01 20:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-09 11:55 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-09 11:55 - 2015-03-24 23:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-09 11:55 - 2015-03-24 23:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-09 11:55 - 2015-03-24 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-09 11:55 - 2015-03-24 23:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-09 11:55 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-09 11:55 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-09 11:55 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-09 11:55 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-09 11:55 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-09 11:55 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-09 11:55 - 2015-03-13 00:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-09 11:55 - 2015-03-13 00:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-09 11:55 - 2015-03-13 00:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-09 11:55 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-09 11:55 - 2015-03-13 00:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-09 11:55 - 2015-03-13 00:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-09 11:55 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-09 11:55 - 2015-03-13 00:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-09 11:55 - 2015-03-13 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-09 11:55 - 2015-03-12 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-09 11:55 - 2015-03-12 23:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-09 11:55 - 2015-03-12 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-09 11:55 - 2015-03-12 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-09 11:55 - 2015-03-12 23:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-09 11:55 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-09 11:55 - 2015-03-12 23:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-09 11:55 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-09 11:55 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-09 11:55 - 2015-03-12 23:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-09 11:55 - 2015-03-12 23:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-09 11:55 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-09 11:55 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-09 11:55 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-09 11:55 - 2015-03-12 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-09 11:55 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-09 11:55 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-09 11:55 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-09 11:55 - 2015-03-12 23:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-09 11:55 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-09 11:55 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-09 11:55 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-09 11:55 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-09 11:55 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-09 11:55 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-09 11:55 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-09 11:55 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-09 11:55 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-09 11:55 - 2015-03-12 23:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-09 11:55 - 2015-03-12 23:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-09 11:55 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-09 11:55 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-09 11:55 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-09 11:55 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-09 11:55 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-09 11:55 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-09 11:55 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-09 11:55 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-09 11:55 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-09 11:55 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-09 11:55 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-09 11:55 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-09 11:55 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-09 11:55 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-09 11:55 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-09 11:55 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-09 11:55 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-05-09 11:55 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-05-09 11:55 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-09 11:55 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-05-09 11:54 - 2015-03-17 01:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-09 11:54 - 2015-03-17 01:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-09 11:54 - 2015-03-17 01:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-09 11:54 - 2015-03-17 01:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-09 11:54 - 2015-03-17 01:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-09 11:54 - 2015-03-17 01:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-09 11:54 - 2015-03-17 01:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-09 11:54 - 2015-03-17 01:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-09 11:54 - 2015-03-17 01:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-09 11:54 - 2015-03-17 01:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-09 11:54 - 2015-03-17 01:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-09 11:54 - 2015-03-17 01:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-09 11:54 - 2015-03-17 01:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-09 11:54 - 2015-03-17 01:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-09 11:54 - 2015-03-17 01:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-09 11:54 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-09 11:54 - 2015-03-17 00:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-09 11:54 - 2015-03-17 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-09 11:54 - 2015-03-17 00:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-09 11:54 - 2015-03-17 00:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-09 11:54 - 2015-03-17 00:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-09 11:54 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-09 11:54 - 2015-03-17 00:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-09 11:54 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-09 11:54 - 2015-03-17 00:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-09 11:54 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-09 11:54 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 11:54 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-09 11:54 - 2015-03-16 23:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-09 11:54 - 2015-03-16 23:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-09 11:54 - 2015-03-16 23:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-09 11:54 - 2015-03-16 23:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 11:54 - 2015-03-16 23:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 11:54 - 2015-03-16 23:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-09 11:54 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-09 11:54 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-09 11:54 - 2014-12-18 21:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-09 11:54 - 2014-12-06 00:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-09 11:54 - 2014-12-05 23:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-05-09 11:54 - 2014-12-05 23:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-05-09 11:53 - 2015-03-22 23:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-09 11:53 - 2015-03-22 23:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-09 11:53 - 2015-03-22 23:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-09 11:53 - 2015-03-22 23:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-09 11:53 - 2015-03-22 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-09 11:53 - 2015-03-22 23:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-09 11:53 - 2015-03-22 23:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-09 11:53 - 2015-03-22 23:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-09 11:53 - 2015-01-27 19:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-05-09 11:52 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-09 11:52 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-09 11:52 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-09 11:52 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-09 11:52 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-09 11:52 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-09 11:52 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-09 11:52 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-09 11:52 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-09 11:52 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-09 11:52 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-09 11:52 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-09 11:52 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-09 11:52 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-05-09 11:52 - 2015-01-08 23:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-05-09 11:52 - 2015-01-08 23:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-05-09 11:52 - 2015-01-08 23:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-05-09 11:52 - 2015-01-08 22:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-05-09 11:52 - 2014-12-07 23:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-09 11:52 - 2014-12-07 22:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-05-09 11:52 - 2014-11-25 23:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-09 11:52 - 2014-11-25 23:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-05-09 11:52 - 2014-10-03 22:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-05-09 11:52 - 2014-10-03 21:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-05-09 11:52 - 2014-10-03 21:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-04-16 00:10 - 2015-04-16 00:10 - 40859656 ____N () C:\Users\Phillip\Desktop\Firefox Setup 37.0.2.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-11 21:32 - 2013-10-30 16:31 - 00000300 _____ () C:\Windows\Tasks\UpdaterEX.job
2015-05-11 21:22 - 2015-01-02 18:50 - 00000300 _____ () C:\Windows\Tasks\PennyBee.job
2015-05-11 21:22 - 2013-01-04 22:57 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-11 21:21 - 2013-07-13 11:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-11 21:21 - 2009-07-14 01:10 - 01460436 _____ () C:\Windows\WindowsUpdate.log
2015-05-11 19:30 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-11 19:30 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-11 19:22 - 2013-01-04 22:57 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-11 19:21 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-11 19:21 - 2009-07-14 00:51 - 00031038 _____ () C:\Windows\setupact.log
2015-05-11 19:19 - 2015-01-02 19:00 - 00000280 _____ () C:\Windows\Tasks\ArcadeParlor.job
2015-05-11 16:30 - 2009-07-14 01:13 - 00782010 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 16:06 - 2013-01-04 21:45 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-11 04:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-09 13:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-09 12:59 - 2013-01-04 22:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-09 12:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2015-05-09 12:41 - 2009-07-14 00:45 - 00269128 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-09 12:38 - 2015-01-03 11:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-09 12:38 - 2014-09-08 10:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-09 12:38 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-09 12:14 - 2014-09-08 11:42 - 00774624 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-09 11:34 - 2009-12-12 05:11 - 00000000 ____D () C:\DELL
2015-05-09 11:33 - 2015-01-04 16:34 - 00003432 _____ () C:\Windows\System32\Tasks\BrowserProtect
 
==================== Files in the root of some directories =======
 
2013-07-27 19:42 - 2015-01-02 21:40 - 0000192 _____ () C:\Users\Phillip\AppData\Roaming\WB.CFG
2013-06-23 20:40 - 2013-12-22 22:10 - 0000006 _____ () C:\Users\Phillip\AppData\Roaming\WBPU-TTL.DAT
2013-01-04 21:49 - 2013-01-04 21:49 - 0017408 _____ () C:\Users\Phillip\AppData\Local\WebpageIcons.db
 
Some content of TEMP:
====================
C:\Users\Phillip\AppData\Local\Temp\BackupSetup.exe
C:\Users\Phillip\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe
C:\Users\Phillip\AppData\Local\Temp\jre-6u38-windows-i586-iftw.exe
C:\Users\Phillip\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Phillip\AppData\Local\Temp\lowproc.exe
C:\Users\Phillip\AppData\Local\Temp\oi_{2CC72347-1058-4A19-BBBB-762FF32A5C5B}.exe
C:\Users\Phillip\AppData\Local\Temp\SpOrder.dll
C:\Users\Phillip\AppData\Local\Temp\stubhelper.dll
C:\Users\Phillip\AppData\Local\Temp\SymCCIS.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2013-11-28 04:48
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Phillip at 2015-05-11 21:45:43
Running from C:\Users\Phillip\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4204421207-2302213490-1209804939-500 - Administrator - Disabled)
Guest (S-1-5-21-4204421207-2302213490-1209804939-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4204421207-2302213490-1209804939-1002 - Limited - Enabled)
Phillip (S-1-5-21-4204421207-2302213490-1209804939-1001 - Administrator - Enabled) => C:\Users\Phillip
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Anti-Virus (Disabled - Out of date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcadeParlor (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\{B74443DB-5A88-4583-860A-F0D06EF399E3}) (Version:  - ArcadeParlor)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Babylon toolbar  (HKLM-x32\...\BabylonToolbar) (Version: 1.8.7.2 - BabylonToolbar) <==== ATTENTION
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
BatBrowse 1.0.0 (HKLM\...\BatBrowse) (Version: 1.0.0 - BatBrowse) <==== ATTENTION
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Complete Care Consumer Service Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
Dell Communications (Support Software) (HKLM-x32\...\{351DE0AB-7787-4497-9A7A-4AA9E3A4E290}) (Version: 1.0.09094 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.303 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Desktop Temperature Monitor (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\Desktop Temperature Monitor) (Version: 1.26.2.0 - System Alerts LLC)
Extended Update (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\UpdaterEX) (Version:  - ) <==== ATTENTION
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1968 - Intel Corporation)
iTunes (HKLM\...\{7FCDABCC-1A1E-4D61-909D-BA9495172774}) (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java™ 6 Update 16 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Java™ 6 Update 38 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216038FF}) (Version: 6.0.380 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Anti-Virus 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version:  - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MiPony 2.0.2 (HKLM-x32\...\MiPony) (Version: 2.0.2 - )
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.31 - Symantec Corporation)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - PC Utilities Software Limited) <==== ATTENTION
PennyBeeUpdate (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\PennyBee) (Version: 1.0.7.0 - PennyBeeUpdate) <==== ATTENTION!
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
QualXServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.11 - Dell Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
StormWatch (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\StormWatch) (Version: 1.0.1.36 - StormWatch) <==== ATTENTION!
Update for Mipony Download Manager (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\DSite) (Version:  - ) <==== ATTENTION
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
Yahoo! Search (HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\...\Yahoo! Search) (Version:  - Pay-By-Ads) <==== ATTENTION
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
12-09-2014 12:38:22 Windows Update
19-09-2014 16:11:38 Windows Update
02-01-2015 19:09:29 Installed DirectX
03-01-2015 00:05:19 Windows Update
03-01-2015 10:17:45 Windows Update
03-01-2015 10:52:57 Windows Update
09-05-2015 11:58:37 Windows Update
09-05-2015 12:46:40 Windows Update
11-05-2015 19:19:03 Installed Microsoft Fix it 50267
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-05-11 19:19 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {24CA55D8-9D05-4515-8AB6-1049F9C27D04} - System32\Tasks\ArcadeParlor => C:\Users\Phillip\AppData\Local\ArcadeParlor\versioncheck.exe [2015-01-02] ()
Task: {32097F69-0BCA-4AE0-8BD8-17EC85873683} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3F9AD96A-D25E-49B9-9EBB-36F7B31DFD9B} - System32\Tasks\DSite => C:\Users\Phillip\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-03-26] () <==== ATTENTION
Task: {47ADC39A-E73C-4BC7-93A1-A8AAF0B360D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {5385D7F2-ED02-44EC-9684-9E90ED6A2F93} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-18] (Adobe Systems Incorporated)
Task: {56F74ABF-0E23-4C00-ACD3-DCD72F7DE2C1} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5B8F0413-7118-415A-9EFD-19648D9DF6DA} - System32\Tasks\PennyBee => C:\Users\Phillip\AppData\Roaming\PennyBee\UpdateProc\UpdateTask.exe [2014-12-25] () <==== ATTENTION
Task: {606E22F5-3E5D-49C3-AD6C-60CAF66D3439} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {640C72DF-26B1-400C-9C51-BE106D767C7B} - System32\Tasks\Yahoo! Search => C:\Users\Phillip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [2015-01-02] (Pay By Ads LTD) <==== ATTENTION
Task: {6DED4BD5-8CD7-4784-A7CB-615AF3097618} - System32\Tasks\UpdaterEX => C:\Users\Phillip\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {8771F795-1447-455D-8530-092292495546} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {B370E618-6A91-4B03-8B07-2904217A179F} - System32\Tasks\{40DEB74C-322F-4438-983C-1AF14A61F22A} => pcalua.exe -a "C:\Program Files (x86)\McAfee\MSC\mcuninst.exe"
Task: {B44CF7B6-51D2-410D-8F05-ED06A7507D51} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {BB37B41A-E201-4687-AA9F-FB435F5A462E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {C23CB652-6079-4A85-8753-A83E2AABFAB9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C2B72105-E28E-4C65-9927-A0583270ED11} - System32\Tasks\Norton Security Scan for Phillip => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.31\Nss.exe [2014-08-21] (Symantec Corporation)
Task: {D400F45F-9F5E-4FA8-93EB-CF44D82557F4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4204421207-2302213490-1209804939-1001
Task: {EA43226D-C16D-4B95-BAD6-1099A2946C98} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4204421207-2302213490-1209804939-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {EE957896-88F9-4FA0-ACDB-13AD45FE404C} - System32\Tasks\Yahoo! Search Updater => C:\Users\Phillip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrsetup.exe [2015-01-02] (Pay By Ads LTD) <==== ATTENTION
Task: {F0B57F88-1A98-4024-ADD3-0F7D555CDDC7} - System32\Tasks\D1234567\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {F3CA5A9C-3AF4-4083-AB41-6DB2DD35B5E2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4204421207-2302213490-1209804939-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ArcadeParlor.job => C:\Users\Phillip\AppData\Local\ArcadeParlor\versioncheck.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Phillip.job => C:\PROGRA~2\NORTON~2\Engine\410~1.31\Nss.exe
Task: C:\Windows\Tasks\PennyBee.job => C:\Users\Phillip\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\Phillip\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) ==============
 
2009-12-25 05:42 - 2009-07-16 20:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2014-12-25 08:27 - 2014-12-25 08:27 - 00338432 _____ () C:\Users\Phillip\AppData\Local\PennyBee\PennyBeeW.exe
2015-01-17 16:21 - 2015-01-17 16:21 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\1ee85489e15cf6d5c256721d357a27cd\VistaBridgeLibrary.ni.dll
2015-01-03 11:05 - 2015-01-03 11:05 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-19 18:32 - 2013-09-19 18:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2009-10-15 05:10 - 2009-10-15 05:10 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2014-12-16 21:06 - 2014-12-16 21:06 - 00307224 _____ () C:\Users\Phillip\AppData\Local\DesktopTemperature\Yqy2GK.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Phillip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: 70e6ca8c => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrowserProtect => 2
MSCONFIG\Services: DockLoginService => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: sprtsvc_DellComms => 2
MSCONFIG\Services: sprtsvc_DellSupportCenter => 2
MSCONFIG\Services: SWUpdater => 2
MSCONFIG\Services: Update BatBrowse => 2
MSCONFIG\Services: Util BatBrowse => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
MSCONFIG\Services: wltrysvc => 2
MSCONFIG\Services: YahooAUService => 2
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{E6E508EC-6CE6-4505-B5B1-D314852D69F5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{81D27738-E86B-451F-B7A9-ED83DC7341DE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A62BA03-8A2C-44E6-BEFB-2379D09B1304}] => (Allow) svchost.exe
FirewallRules: [{7F1240F9-4DCA-4A54-A37B-1E39E075EE9A}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{93AC345C-488C-4502-A048-5F814166887D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{530E9463-4A36-43F8-981E-9A48FC9E1576}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{A8677778-7117-4CB6-B551-087629EE825E}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [TCP Query User{ED8E84DD-039D-4614-9DCB-AF3494BE85D7}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{4C562B7A-1EFD-4572-978A-E9158CE83B9E}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{34FC91D5-131A-4C79-B52A-0EB46C8A83DF}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{37C64963-7CAE-476E-B553-DEE46BFEB7B0}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{3D6B6BB8-9509-4D34-9082-CF52E40AB3B0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{7557949B-7B13-4B28-A5CA-0112B3047A22}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EDEC3FD4-6710-4D97-8F3D-BB371534E11F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F9D795A6-04D1-4465-985F-6CBB7AED23E0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{96D4EB82-74FA-4F93-8755-8D0DDA81E48A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2CEA7E57-38A8-44C6-9D7A-97C4E3E6B012}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5DB36F11-656E-4D24-9A58-AE1615CE0108}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{16878A02-5289-4C70-9F70-3D4D65C1CC18}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{58148CE5-9FE6-4899-AC31-0B9E0D4859EC}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{49F33648-D35C-4E70-B4CE-8D9BFAD7F3B0}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{23DCE33E-C8AC-40AE-8E7C-87841A4A9F1C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5423FD34-FA5B-4B39-81FE-8C607BE785BD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{1AD0B38E-4E05-4061-B4D2-F38FBC8D0B10}C:\program files (x86)\ea games\command & conquer the first decade\command & conquer™ generals zero hour\generals.exe] => (Block) C:\program files (x86)\ea games\command & conquer the first decade\command & conquer™ generals zero hour\generals.exe
FirewallRules: [UDP Query User{D8E6D902-A5A9-44C6-B9FC-FEEE72AE2995}C:\program files (x86)\ea games\command & conquer the first decade\command & conquer™ generals zero hour\generals.exe] => (Block) C:\program files (x86)\ea games\command & conquer the first decade\command & conquer™ generals zero hour\generals.exe
FirewallRules: [TCP Query User{55D041E2-9EE9-47A9-89ED-D430847D27FE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{E888281D-5F5E-4D95-940F-348ED7948C8B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{B9B85025-2274-4615-AD5A-6E5E3B669E72}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{75284B50-9809-4EC9-BA52-E6DF0C3A0C87}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{B8152ADC-CB74-4D45-974E-7BDD6DF8A79C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D0303E3-7A55-47BC-BCAB-3F61CDCA78BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: NETGEAR WNDR3400v2 N600 Wireless Router
Description: NETGEAR WNDR3400v2 N600 Wireless Router
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/11/2015 09:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17728, time stamp: 0x55024724
Faulting module name: MSHTML.dll, version: 11.0.9600.17728, time stamp: 0x55025c47
Exception code: 0xc0000005
Fault offset: 0x000a37a5
Faulting process id: 0x22e0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (05/11/2015 08:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17728, time stamp: 0x55024724
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x0003980e
Faulting process id: 0xa9c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (05/11/2015 08:29:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vprot.exe, version: 18.1.9.799, time stamp: 0x53f5e060
Faulting module name: WS2_32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba68
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1248
Faulting application start time: 0xvprot.exe0
Faulting application path: vprot.exe1
Faulting module path: vprot.exe2
Report Id: vprot.exe3
 
Error: (05/11/2015 07:27:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jusched.exe, version: 2.1.65.20, time stamp: 0x53bfb0a4
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x0003980e
Faulting process id: 0x1264
Faulting application start time: 0xjusched.exe0
Faulting application path: jusched.exe1
Faulting module path: jusched.exe2
Report Id: jusched.exe3
 
Error: (05/11/2015 07:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dsrlte.exe, version: 1.1.0.2, time stamp: 0x54919656
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x0003980e
Faulting process id: 0xf70
Faulting application start time: 0xdsrlte.exe0
Faulting application path: dsrlte.exe1
Faulting module path: dsrlte.exe2
Report Id: dsrlte.exe3
 
Error: (05/11/2015 07:23:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RealUpgrade.exe, version: 16.0.0.282, time stamp: 0x50b94197
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x0003980e
Faulting process id: 0xa04
Faulting application start time: 0xRealUpgrade.exe0
Faulting application path: RealUpgrade.exe1
Faulting module path: RealUpgrade.exe2
Report Id: RealUpgrade.exe3
 
Error: (05/11/2015 07:23:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DataSafeOnline.exe, version: 1.1.0.8998, time stamp: 0x4a4d2495
Faulting module name: mscorwks.dll, version: 2.0.50727.5485, time stamp: 0x53a121fa
Exception code: 0xc0000005
Fault offset: 0x00030ff8
Faulting process id: 0x%9
Faulting application start time: 0xDataSafeOnline.exe0
Faulting application path: DataSafeOnline.exe1
Faulting module path: DataSafeOnline.exe2
Report Id: DataSafeOnline.exe3
 
Error: (05/11/2015 07:23:00 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Fatal Execution Engine Error (7101FB1E) (80131506)
 
Error: (05/11/2015 04:17:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17728, time stamp: 0x55024724
Faulting module name: MSHTML.dll, version: 11.0.9600.17728, time stamp: 0x55025c47
Exception code: 0xc0000005
Fault offset: 0x000a37a5
Faulting process id: 0x24f8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (05/11/2015 04:06:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avp.exe, version: 13.0.1.4210, time stamp: 0x509157b4
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e2
Exception code: 0xc0000005
Fault offset: 0x0003980e
Faulting process id: 0x1264
Faulting application start time: 0xavp.exe0
Faulting application path: avp.exe1
Faulting module path: avp.exe2
Report Id: avp.exe3
 
 
System errors:
=============
Error: (05/11/2015 09:43:26 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (05/11/2015 09:43:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error: (05/11/2015 09:21:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (05/11/2015 09:21:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (05/11/2015 09:21:21 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (05/11/2015 09:21:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (05/11/2015 09:21:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (05/11/2015 09:21:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (05/11/2015 09:21:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (05/11/2015 09:21:18 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
 
Microsoft Office Sessions:
=========================
Error: (05/11/2015 09:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1772855024724MSHTML.dll11.0.9600.1772855025c47c0000005000a37a522e001d08c5455c89310C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\MSHTML.dll9d7d8ab8-f847-11e4-a03b-0026b916eb84
 
Error: (05/11/2015 08:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1772855024724ntdll.dll6.1.7601.187985507b3e0c00000050003980ea9c01d08c4aedcdc8faC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll2e52b8ee-f83e-11e4-a03b-0026b916eb84
 
Error: (05/11/2015 08:29:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vprot.exe18.1.9.79953f5e060WS2_32.dll6.1.7601.175144ce7ba68c000000500000000124801d08c4168cda2a1C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exeC:\Windows\syswow64\WS2_32.dllff307290-f83d-11e4-a03b-0026b916eb84
 
Error: (05/11/2015 07:27:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jusched.exe2.1.65.2053bfb0a4ntdll.dll6.1.7601.187985507b3e0c00000050003980e126401d08c416971e194C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\SysWOW64\ntdll.dll5be2eeed-f835-11e4-a03b-0026b916eb84
 
Error: (05/11/2015 07:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dsrlte.exe1.1.0.254919656ntdll.dll6.1.7601.187985507b3e0c00000050003980ef7001d08c41b330a331C:\Users\Phillip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exeC:\Windows\SysWOW64\ntdll.dllf38d1bc1-f834-11e4-a03b-0026b916eb84
 
Error: (05/11/2015 07:23:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RealUpgrade.exe16.0.0.28250b94197ntdll.dll6.1.7601.187985507b3e0c00000050003980ea0401d08c414db4bbd8C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exeC:\Windows\SysWOW64\ntdll.dllb9ada717-f834-11e4-a03b-0026b916eb84
 
Error: (05/11/2015 07:23:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DataSafeOnline.exe1.1.0.89984a4d2495mscorwks.dll2.0.50727.548553a121fac000000500030ff8
 
Error: (05/11/2015 07:23:00 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Fatal Execution Engine Error (7101FB1E) (80131506)
 
Error: (05/11/2015 04:17:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1772855024724MSHTML.dll11.0.9600.1772855025c47c0000005000a37a524f801d08c276b93686bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\MSHTML.dllb0ca6f49-f81a-11e4-bb7a-0026b916eb84
 
Error: (05/11/2015 04:06:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avp.exe13.0.1.4210509157b4ntdll.dll6.1.7601.187985507b3e2c00000050003980e126401d08a7be71255c2C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exeC:\Windows\SysWOW64\ntdll.dll2d0aec8d-f819-11e4-bb7a-0026b916eb84
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-11 04:06:41.144
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-11 04:06:41.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-17 15:06:24.345
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-17 15:06:24.283
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-20 03:38:04.952
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-20 03:38:04.874
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-20 03:38:04.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-20 03:38:04.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-20 03:37:03.891
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-20 03:37:03.798
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 36%
Total physical RAM: 3892.54 MB
Available physical RAM: 2463.28 MB
Total Pagefile: 7783.28 MB
Available Pagefile: 6123.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.4 GB) (Free:196.65 GB) NTFS
Drive d: () (Fixed) (Total:176.5 GB) (Free:122.59 GB) NTFS
Drive f: () (Removable) (Total:3.74 GB) (Free:0.98 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E635605C)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=279.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=176.5 GB) - (Type=OF Extended)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

 


  • 0

Advertisements


#2
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post the appropriate logs in the Virus, Spyware, Malware Removal forum and wait for help.

Hi and welcome to Geeks to Go. :)

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:
  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Next:

A few questions first if I may as follows...

1 - Were you able to download the Farbar Recovery Scan Tool with the infected machine or not ? If the latter did you use another machine to do so and in turn transfer via a USB drive ?

2 - Is the licence for the presently installed Kaspersky Anti-Virus still valid and or has it expired ?

Java Advice:

There has been a recent severe exploitation of this software. Even though this exploit has been reportedly fixed there is still a vulnerability with the software, the below is currently all that it is installed Java related:-

Java 6 Update 16
Java 6 Update 38
Java 7 Update 65


So you need to uninstall all(if still present via Uninstall a program or Programs and Features located in the Control Panel)...Your choice if you wish to go ahead and reinstall but as mentioned I advise against it and for the present I do not even have anything Java related installed on my machines.

Please let myself know what you wish to do about this in your next reply please and if you opt to re-install I will provide both the appropriate instructions and safety advice etc.

Uninstall Software:

All of the below is either adware related, not required and or utter dross etc in my humble opinion...

Now please click on Start(Windows 7 Orb) >> Control Panel >> Uninstall a program or Programs and Features and remove the following (if present):

ArcadeParlor
AVG SafeGuard toolbar
Babylon toolbar
BatBrowse
Desktop Temperature Monitor
Extended Update
McAfee SecurityCenter
MiPony
MyPC Backup
Norton Security Scan
Optimizer Pro
PennyBeeUpdate
StormWatch
Update for Mipony Download Manager
Yahoo! Search
Yahoo! Toolbar


To do so click once on each of the above to highlight, then click on Uninstall/Change and follow the prompts.

Note: Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into keeping the program.

Next:

Let myself know when completed the above, the answers to my questions plus your decision about Java. Also please inform myself if you encountered any problems uninstalling the software.
  • 0

#3
jsburdge

jsburdge

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hello Dakeyras,

 

#1:  I had to download FRST from another computer (Mac) and transfer via USB.

#2: Kaspersky AV license has expired.

 

I have removed all of the Java updates and my IE, Firefox, etc. browsers started working again.  I do not plan to reinstalling but if I run into a application/website that requires it what should I do?

 

Uninstalled all of the software you had listed with exception of the Babylon Toolbar.  When I hit the uninstall button nothing happens and it is still showing up in the uninstall menu. 

 

Also since I have internet capabilities now on the problem laptop do you want me to use it from this point forward or continue to transfer programs using a USB?


  • 0

#4
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

#2: Kaspersky AV license has expired.

Ok do you plan to renew the license and or do you wish to install a freeware Anti-Virus I can recommend ? If the latter do leave Kaspersky installed for the time being as that will require a specific methodology to remove.

I do not plan to reinstalling but if I run into a application/website that requires it what should I do?

You can follow the advice in the below article:-

How to Disable Java in your Web Browser

Uninstalled all of the software you had listed with exception of the Babylon Toolbar. When I hit the uninstall button nothing happens and it is still showing up in the uninstall menu.

Acknowledged.

Also since I have internet capabilities now on the problem laptop do you want me to use it from this point forward or continue to transfer programs using a USB?

We should be able to use the problem laptop from now on. Your Mac machine should be fine but it would be prudent to disinfect your USB drive as a precaution...

Download/Install & Run Panda USB Vaccine:

Please download the installer for Panda USB Vaccine from here to the desktop.
  • Right-click on USBVaccineSetup.exe and select Run as Administrator >> follow the prompts in the installation wizard.
  • At the configuration screen(settings)...
  • Ensure both Run Panda USB Vaccine automatically when computer boots (/resident mode) & Automatically vaccinate any newly inserted USB key are selected >> plus NTFS support
  • Now click on Next> >> ensure Launch Panda USB Vaccine is selected >> click on Finish.
  • Connect your USB Drive to your machine...it will be automatically vaccinated.
  • Once it has been vaccinated, remove the USB Drive via right-clicking on the Safely Remove Hardware and Eject Media system tray icon and then select Eject USB Mass Storage Device.
Note: You may uninstall Panda USB Vaccine when we have completed the Malware Removal process if you so wish. Though my advice would be to keep it installed.

Temp' Disable Windows Defender:

This is so it will not hinder the Custom FRST Script below. How to do so can be read here.

Re-enable it again after the Custom FRST Script has been processed/your machine has rebooted etc.

Custom FRST Script:

Please download the attached fixlist.txt(see below) and save to the desktop.

  • Now right-click on FRST.exe and select Run as Administrator to start FRST.
After the tool has checked for any updates and The tool is ready to use is denoted:-
  • Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
  • Your machine should now automatically reboot itself.
  • Post the contents of the newly created Fixlog in your next reply.
Note: If FRST advises there is a new updated version to be downloaded, do so/allow this. Also if the Fixlog created is too large to post, merely attach it in your next reply:

How to add an attachment to a new topic or reply

Next:

When completed the above, please post back the following in the order asked for:
  • How is your computer performing now, any further symptoms and or problems encountered?
  • Answer to my Anti-Virus software query.
  • Fix Log from the Custom FRST Script.

  • 0

#5
jsburdge

jsburdge

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

#1: IE, Firefox browsers are working fine now and so far no problems with internet.  Computer seems to be running normal.  No problems.

 

#2: I would be happy with freeware AV.

 

Log attached.

Attached Files


  • 0

#6
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

#1: IE, Firefox browsers are working fine now and so far no problems with internet. Computer seems to be running normal. No problems.

Good.

#2: I would be happy with freeware AV.

Acknowledged, we will address this in due course.

Log attached.

Thanks, the logs from the below two scans should be small enough to post normally etc.

Temp' disable Windows Defender again for the duration of the below two scans, then re-enable again afterwards.

Scan with JRT:

Please download Junkware Removal Tool to your desktop.
  • Right-click on on JRT.exe and select Run as Administrator to launch the application >> follow the on-screen prompt.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply.
Scan with AdwCleaner:

Please download Adwcleaner from here and save to your desktop.
  • Right-click on adwcleaner.exe and select Run as Administrator to launch the application >> follow the prompts.
  • Once the main GUI(graphical user interface) has loaded click on the Scan tab >> once the scan is complete click on the Cleaning tab and follow the prompts.
  • Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
Note: The log can also be located at C: >> AdwCleaner >> AdwCleaner[S0].txt
  • 0

#7
jsburdge

jsburdge

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Sorry for the delay.  I had to go out of town for business.

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.1 (05.14.2015:1)
OS: Windows 7 Home Premium x64
Ran by Phillip on Fri 05/15/2015 at  9:38:17.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\TOOLBARUPDATER.EXE-403DEDAE.pf
Successfully deleted: [File] C:\Windows\prefetch\TOOLBARUPDATER.EXE-61A5FF51.pf
Successfully deleted: [File] C:\Users\Phillip\AppData\Roaming\PennyBee\UpdateProc\UpdateTask.exe

 

~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\babylon
Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\Users\Phillip\appdata\local\visi_coupon
Successfully deleted: [Folder] C:\Users\Phillip\appdata\locallow\babylontoolbar
Successfully deleted: [Folder] C:\Users\Phillip\appdata\locallow\yahoocouponaddon
Successfully deleted: [Folder] C:\Users\Phillip\AppData\Roaming\babylon
Successfully deleted: [Folder] C:\Users\Phillip\AppData\Roaming\microsoft\windows\start menu\programs\browserprotect
Successfully deleted: [Folder] C:\Users\Phillip\documents\optimizer pro
Successfully deleted: [Folder] C:\Users\Phillip\AppData\Roaming\PennyBee

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/15/2015 at  9:47:53.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

# AdwCleaner v4.204 - Logfile created 15/05/2015 at 10:47:08
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Phillip - PHILLIP-PC
# Running from : C:\Users\Phillip\Desktop\adwcleaner_4.204.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKCU\Software\a4dddeb06ee510
Key Deleted : HKLM\SOFTWARE\a4dddeb06ee510
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\PennyBee
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\CoinisRS
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Mozilla Firefox v37.0.2 (x86 en-US)

*************************

AdwCleaner[R0].txt - [9805 bytes] - [15/05/2015 10:44:43]
AdwCleaner[S0].txt - [9524 bytes] - [15/05/2015 10:47:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9583  bytes] ##########


  • 0

#8
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

Sorry for the delay. I had to go out of town for business.

Fair play and not a problem, lets proceed as follows shall we...

Malwarebytes Anti-Malware:

Please download the installer to your desktop.
  • Right-click on mbam-setup-2.1.6.1022.exe and select Run as Administrator, then follow the prompts to install the program.
  • If the GUI(graphical user interface) for Malwarebytes Anti-Malware does not automatically appear, launch the application manually.
  • Click on Update Now >>, then click on the Settings tab >> Detection and Protection.
  • Under the Detection Options, ensure the following are selected:-
Use Advanced Heuristics Engine (Shuriken)
Scan for rootkits
Scan within archives
  • Now click on the Scan tab, ensure Threat Scan is selected >> click on Start Scan.
Note: If the following message is denoted, 'Could not load DDA driver'. Click on Yes, then allow your computer to reboot and continue afterwards etc.
  • If threats are detected, select Remove Selected or Quarantine >> click on the Apply Actions button >> click on Yes at the prompt to reboot.
  • Upon completion of the scan(or after the reboot), click on the History tab.
  • Click on Application Logs >> double-click on Scan Log.
  • Now click on the Export tab >> Copy to Clipboard, paste the log into your next reply for my review.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Uninstall Kaspersky Anti-Virus:

Please download the uninstall tool from here and save to the desktop.
  • Right-click on kavremover.exe and select Run as Administrator.
  • Follow the prompts and once the tool has finished processing, reboot your machine when advised to.
Note: There will be a notepad file on the desktop named kavremvr xxxx-xx-xx xx-xx-xx (pid xxxx).log, I have no need to review this unless you encountered a problem running the tool.

Install MSE:

Please download the installer for Microsoft Security Essentials and save to the desktop.
  • Once downloaded, right-click on the installer for Microsoft Security Essentials(mseinstall.exe) and select and select Run as Administrator.
  • Follow the prompts to install >> when asked if you want to turn one the Windows Firewall, agree to this...
  • Update >> Carry Out a Complete Scan, let MSE Fix/Remove anything it finds.
Note: This article explains the various features of the software, Getting started with Microsoft Security Essentials

Next:

When completed the above, please post back the following in the order asked for:
  • How is your computer performing now, any further symptoms and or problems encountered?
  • Malwarebytes Anti-Malware Log.
  • Did MSE find/remove anything?

  • 0

#9
jsburdge

jsburdge

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Computer is still working fine and no problems encountered.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/15/2015
Scan Time: 5:05:06 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.15.05
Rootkit Database: v2015.05.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Phillip

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346508
Time Elapsed: 27 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.PennyBee.A, HKU\S-1-5-21-4204421207-2302213490-1209804939-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\PennyBee.exe, Quarantined, [ac4511826a2050e63d3e6a7d56ad2dd3],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.PennyBee.A, C:\Users\Phillip\AppData\Local\ICSharpCode.net\PennyBeeW.exe_Url_fbh1oo015ynpfsuprtwtiym3dummp5m5, Quarantined, [539e068d2268c472c56b04bb43c0ea16],
PUP.Optional.PennyBee.A, C:\Users\Phillip\AppData\Local\ICSharpCode.net\PennyBeeW.exe_Url_fbh1oo015ynpfsuprtwtiym3dummp5m5\1.0.7.0, Quarantined, [539e068d2268c472c56b04bb43c0ea16],

Files: 1
PUP.Optional.PennyBee.A, C:\Users\Phillip\AppData\Local\ICSharpCode.net\PennyBeeW.exe_Url_fbh1oo015ynpfsuprtwtiym3dummp5m5\1.0.7.0\user.config, Quarantined, [539e068d2268c472c56b04bb43c0ea16],

Physical Sectors: 0
(No malicious items detected)

(end)

 

MSE did not find anything on its scan.  Kaspersky AV has been removed per your instruction.


Edited by jsburdge, 16 May 2015 - 06:51 AM.

  • 0

#10
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

Computer is still working fine and no problems encountered.

Good.

MSE did not find anything on its scan. Kaspersky AV has been removed per your instruction.

Acknowledged and congratulations your computer appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Slow Computer/browser?

Also so is this:

What to do if your Computer is running slowly

Clean-Up with DelFix:

Please download DelFix to your desktop.
  • Right-click on delfix.exe and select Run as Administrator to launch the application.
  • Referring to the image below, select the three options denoted:
DF2.gif
  • Then click on Run.
  • Once it has finished processing, a notepad file named DelFix.txt will open. Post the contents in your next reply for my review.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.
  • After you have posted the aforementioned DelFix.txt, delete it and empty the Recycle Bin.
Note: The above application/overall process will flush old System Restore points and create a new clean one. It should also clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Other installed security software:

Your presently installed security application, Microsoft Security Essentials automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Further reading/resources:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

As is this: Computer Security - a short guide to staying safer online

And these are worth reading also: Understanding Windows Firewall settings & Securing Your Router

Keep Your System Updated:

Microsoft releases patches for Windows and other products regularly:
  • Click on Start(Windows 7 Orb) >> All Programs >> Windows Update.
  • In the navigation pane, click Check for updates.
  • After Windows Update has finished checking for updates, click View available updates.
  • Click to select the check box for any found, then click Install.
  • When completed Reboot(restart) your computer if not prompted to do so.
Plus check Automatic Updates is enabled.

Check your third party software is up to date:

Certain software such as Adobe related for example can be exploited by malware if it is not up-to date. I advise you consider downloading and installing Heimdal Free. Further information about this application can be read on the download page.

Be careful when opening attachments and downloading files:

1 - Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.

2 - Never open emails from unknown senders.

4 - Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.

5 - Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives at MajorGeeks.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze. Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

I will further add; P2P software has the ability to create a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their infected dross onto your computer. Further to that, if your P2P software is not configured correctly you may be sharing more files than you realise. There have been cases where people's address books, passwords, other personal, private and financial details have been exposed to the file sharing network by a badly configured P2P applications

My friendly advice is to avoid these types of software applications.

Consider the below extra/layered security for your machine:

Custom Host File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:Only use one of the above!

CryptoPrevent Tool:

How to prevent your computer from becoming infected by CryptoLocker

WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

Any questions? Feel free to ask, if not stay safe!
  • 0

#11
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP