Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MSE and Avast won't run [Closed]

Started by happydummy , Jul 09 2015 10:17 AM

  • This topic is locked This topic is locked

#1
happydummy
Posted 09 July 2015 - 10:17 AM

happydummy

    New Member

  • Member
  • Pip
  • 3 posts

Hi, i've tried VIPRERescue and Superantispyware and it did clean up some malwares, but my AVs still wouldn't work. Here are my logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Pamela (administrator) on PAM-PC on 10-07-2015 00:04:17
Running from C:\Users\Pamela\Desktop
Loaded Profiles: Pamela (Available Profiles: User & Pamela & 1)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\WordWeb\wweb32.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Users\Pamela\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel® Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-25] (Creative Technology Ltd)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-09] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Run: [Google Update] => "C:\Users\Pamela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Run: [WordWeb] => C:\Program Files (x86)\WordWeb\wweb32.exe [77064 2012-04-21] ()
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1216416 2010-10-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Run: [Dropbox Update] => C:\Users\Pamela\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7800088 2015-07-07] (SUPERAntiSpyware)
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\MountPoints2: {e93aed03-633f-11e4-9f07-ac72895b8ba9} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-12-26]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-06-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-07]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a.lnk [2015-06-14]
ShortcutTarget: a.lnk -> C:\Users\Pamela\AppData\Roaming\obikgieavl.exe ()
Startup: C:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2012-11-03]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-09] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-11] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.ph/intl/en/
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004 -> DefaultScope {7E98594E-780A-49C5-ABF1-48F8DF63E2C4} URL = http://search.us.com...k={searchTerms}
SearchScopes: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004 -> {0A4E2796-4EFC-4FEF-83CC-6F49306126B5} URL = http://search.yahoo....petb&type=10603
SearchScopes: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004 -> {7E98594E-780A-49C5-ABF1-48F8DF63E2C4} URL = http://search.us.com...k={searchTerms}
SearchScopes: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004 -> {B6637189-9904-464C-917D-FD6D259F6F74} URL = http://search.yahoo....petb&type=10511
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-09] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-09] (Avast Software s.r.o.)
Toolbar: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8FD842BD-DEBA-451D-84C2-FC095A531AF5}: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-18] (VideoLAN)
FF Plugin HKU\S-1-5-21-3274271813-1450127335-1485058091-1004: @tools.google.com/Google Update;version=3 -> C:\Users\Pamela\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-3274271813-1450127335-1485058091-1004: @tools.google.com/Google Update;version=9 -> C:\Users\Pamela\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-07-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-09]
FF HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files (x86)\WordWeb\WCaptureMoz [2013-04-07]
FF HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR Profile: C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-12]
CHR Extension: (Google Docs) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-12]
CHR Extension: (Google Drive) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-12]
CHR Extension: (YouTube) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-12]
CHR Extension: (Google Search) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-12]
CHR Extension: (Visual CV: Online Resume Builder) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaficoeoafjilohgbmjkiflobhcbifnl [2014-12-12]
CHR Extension: (Google Sheets) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-12]
CHR Extension: (PDF Mergy) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-12-12]
CHR Extension: (StayFocusd) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-12-12]
CHR Extension: (Google Wallet) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-12]
CHR Extension: (CogniFit Brain Fitness) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pckogiikkcdjefncaekfjbdkmlfniagf [2014-12-12]
CHR Extension: (Gmail) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-12]
CHR Extension: (0h h1) - C:\Users\Pamela\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfbpnkceanpmmgpdahebjkenffkahfb [2014-12-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-09]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\WordWeb\wcxChrome.crx [2013-04-07]
CHR HKLM-x32\...\Chrome\Extension: [odpccdgkmiicgocepijnaeihjnjnomca] - C:\Program Files (x86)\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S3 MSSQL$SONY_MEDIAMGR2; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VSSS; C:\Users\Pamela\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [97314624 2015-06-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-09] ()
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67552 2015-04-14] (AVG Technologies CZ, s.r.o.)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-10 00:04 - 2015-07-10 00:04 - 00020686 _____ C:\Users\Pamela\Desktop\FRST.txt
2015-07-10 00:04 - 2015-07-10 00:04 - 00000000 ____D C:\FRST
2015-07-10 00:03 - 2015-07-10 00:03 - 02112512 _____ (Farbar) C:\Users\Pamela\Desktop\FRST64.exe
2015-07-10 00:03 - 2015-07-10 00:03 - 01636352 _____ (Farbar) C:\Users\Pamela\Desktop\FRST.exe
2015-07-09 23:09 - 2015-07-09 23:10 - 00163174 _____ C:\Users\Pamela\Desktop\20150709215155.xml
2015-07-09 21:51 - 2015-07-09 23:56 - 08933930 _____ C:\Users\Pamela\Desktop\20150709215155.csv
2015-07-09 21:51 - 2015-07-09 23:10 - 00000000 ____D C:\Users\Pamela\Desktop\Quarantine
2015-07-09 21:51 - 2015-07-09 23:09 - 00000000 ____D C:\Users\Pamela\Desktop\Definitions
2015-07-09 21:51 - 2015-07-09 21:51 - 00000012 _____ C:\Users\Pamela\Desktop\FSSC.dat
2015-07-09 21:51 - 2015-07-09 21:51 - 00000000 ____D C:\Users\Pamela\Desktop\x64
2015-07-09 21:51 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2015-07-09 21:51 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Users\Pamela\Desktop\gfiutl64.sys
2015-07-09 21:51 - 2013-09-04 14:57 - 00024040 _____ (ThreatTrack Security) C:\Users\Pamela\Desktop\gfiutl32.sys
2015-07-09 21:51 - 2013-09-04 14:57 - 00014656 _____ (ThreatTrack Security) C:\Users\Pamela\Desktop\gfiutil.dll
2015-07-09 21:51 - 2013-05-23 08:39 - 00070040 _____ (ThreatTrack Security) C:\Users\Pamela\Desktop\gfiarkup.dll
2015-07-09 21:51 - 2013-05-23 08:39 - 00043368 _____ (ThreatTrack Security) C:\Users\Pamela\Desktop\gfiark32.sys
2015-07-09 21:51 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2015-07-09 21:51 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Users\Pamela\Desktop\gfiark64.sys
2015-07-09 21:51 - 2013-05-23 08:39 - 00029080 _____ (ThreatTrack Security) C:\Users\Pamela\Desktop\gfiark.dll
2015-07-09 21:13 - 2015-07-09 21:33 - 233361408 _____ C:\Users\Pamela\Desktop\VIPRERescue41850.exe
2015-07-09 20:22 - 2015-07-09 20:58 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e650939f-2fbc-4611-8639-76ad2450b19a.job
2015-07-09 20:22 - 2015-07-09 20:58 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 837525c9-e531-4c40-8051-6eb9f84b7547.job
2015-07-09 20:22 - 2015-07-09 20:22 - 00003584 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 837525c9-e531-4c40-8051-6eb9f84b7547
2015-07-09 20:22 - 2015-07-09 20:22 - 00003510 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task e650939f-2fbc-4611-8639-76ad2450b19a
2015-07-09 20:22 - 2015-07-09 20:22 - 00001816 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-07-09 20:22 - 2015-07-09 20:22 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\SUPERAntiSpyware.com
2015-07-09 20:22 - 2015-07-09 20:22 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-07-09 20:22 - 2015-07-09 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-07-09 20:22 - 2015-07-09 20:22 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-09 19:49 - 2015-07-09 20:12 - 22457640 _____ (SUPERAntiSpyware) C:\Users\Pamela\Desktop\SUPERAntiSpyware.exe
2015-07-09 19:39 - 2015-07-09 19:39 - 00001930 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-09 19:39 - 2015-07-09 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-09 19:38 - 2015-07-09 19:39 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-09 19:38 - 2015-07-09 19:38 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-09 19:38 - 2015-07-09 19:38 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-09 19:38 - 2015-07-09 19:38 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-09 19:07 - 2015-07-09 19:14 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Pamela\Desktop\avast_free_antivirus_setup_online_cnet.exe
2015-07-09 18:59 - 2015-07-09 18:59 - 01415680 _____ (wj32) C:\Program Files\UI6UUI66.exe
2015-07-09 18:57 - 2015-07-09 18:57 - 01415680 _____ (wj32) C:\Program Files\9XLL9XLX.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\KBB2THHK.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\HT5HTH55.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\ET8N2KB2.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\RRFF3333.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\J77JJ7VJ.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\3333RRRR.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\Y477AGGV.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\EE2KKE22.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\8BEHKKKK.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\6UI66UUI.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\2KKEE2KK.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 01415680 _____ (wj32) C:\Program Files\YMMAYYMY.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 01415680 _____ (wj32) C:\Program Files\KKE2KKEK.exe
2015-07-07 22:34 - 2015-07-07 22:34 - 05023976 _____ (AVG Technologies) C:\Users\1\Downloads\avg_isc_stb_all_2015_ltst_206.exe
2015-07-07 22:30 - 2015-07-07 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-07 22:30 - 2015-07-07 22:30 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-07 22:30 - 2015-07-07 22:30 - 00000000 ____D C:\ProgramData\McAfee
2015-07-07 22:30 - 2015-07-07 22:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-07 22:27 - 2015-07-07 22:28 - 08585528 _____ (McAfee, Inc.) C:\Users\1\Downloads\SecurityScan_Release.exe
2015-07-07 22:26 - 2015-07-07 22:26 - 00113632 _____ C:\Users\1\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-07 22:26 - 2015-07-07 22:26 - 00002267 _____ C:\Users\1\Desktop\Google Chrome.lnk
2015-07-07 22:26 - 2015-07-07 22:26 - 00001425 _____ C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-07 22:26 - 2015-07-07 22:26 - 00000020 ___SH C:\Users\1\ntuser.ini
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Roaming\Intel Corporation
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Roaming\Intel
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Roaming\Apple Computer
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Roaming\Adobe
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Local\VirtualStore
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Local\GWX
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Local\Google
2015-07-07 22:26 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1\AppData\Local\Adobe
2015-07-07 22:25 - 2015-07-07 22:26 - 00000000 ____D C:\Users\1
2015-07-07 22:25 - 2012-07-17 22:59 - 00000000 ____D C:\Users\1\AppData\Roaming\Macromedia
2015-07-07 22:25 - 2012-07-17 22:36 - 00000000 ____D C:\Users\1\AppData\Local\Microsoft Help
2015-07-07 22:25 - 2009-07-14 12:54 - 00000000 ___RD C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-07 22:25 - 2009-07-14 12:49 - 00000000 ___RD C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-07 22:15 - 2015-07-07 22:15 - 01415680 _____ (wj32) C:\Program Files\I66UI666.exe
2015-07-07 22:15 - 2015-07-07 22:15 - 01415680 _____ (wj32) C:\Program Files\E22KE222.exe
2015-07-07 21:08 - 2015-07-07 21:08 - 01415680 _____ (wj32) C:\Program Files\KNKTWW2E.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 01415680 _____ (wj32) C:\Program Files\EKNNKKT8.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 01415680 _____ (wj32) C:\Program Files\2N2K82BK.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\UI66UIII.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\OC0COCCC.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\K8WKK8WW.exe
2015-07-07 11:10 - 2015-07-07 11:10 - 619471902 _____ C:\Windows\MEMORY.DMP
2015-07-07 11:10 - 2015-07-07 11:10 - 00262144 _____ C:\Windows\Minidump\070715-25537-01.dmp
2015-07-07 11:10 - 2015-07-07 11:10 - 00000000 ____D C:\Windows\Minidump
2015-07-07 11:00 - 2015-07-09 19:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-07 11:00 - 2015-07-07 11:00 - 01415680 _____ (wj32) C:\Program Files\SKG8K4GK.exe
2015-07-07 11:00 - 2015-07-07 11:00 - 01415680 _____ (wj32) C:\Program Files\KK8WKK88.exe
2015-07-07 10:46 - 2015-07-07 10:46 - 01415680 _____ (wj32) C:\Program Files\VJVJJVJ7.exe
2015-07-07 10:23 - 2015-07-07 10:23 - 01415680 _____ (wj32) C:\Program Files\69FFIIO0.exe
2015-07-07 09:56 - 2015-07-07 09:56 - 01415680 _____ (wj32) C:\Program Files\EM2AK2YI.exe
2015-07-01 19:42 - 2015-07-01 19:42 - 01415680 _____ (wj32) C:\Program Files\LLRRUX0L.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 01415680 _____ (wj32) C:\Program Files\MUMYYAKE.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 01415680 _____ (wj32) C:\Program Files\CCCLL663.exe
2015-07-01 19:31 - 2015-07-01 19:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-01 19:28 - 2015-07-01 19:28 - 01415680 _____ (wj32) C:\Program Files\0O636U6I.exe
2015-06-30 16:11 - 2015-06-30 16:11 - 00000000 ____D C:\Users\Pamela\AppData\Local\Avg2015
2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\MAYYMAYY.exe
2015-06-30 15:26 - 2015-06-30 15:26 - 00002055 _____ C:\ProgramData\1435649158.7308.bin
2015-06-30 15:26 - 2015-06-30 15:26 - 00000189 _____ C:\ProgramData\1435649158.6440.bin
2015-06-30 15:25 - 2015-06-30 15:26 - 00040992 _____ C:\ProgramData\1435649158.6560.bin
2015-06-30 15:25 - 2015-06-30 15:25 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\QuickScan
2015-06-30 15:22 - 2015-06-30 15:22 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\TuneUp Software
2015-06-30 15:20 - 2015-06-30 15:20 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-30 15:12 - 2015-07-07 22:35 - 00000000 ____D C:\ProgramData\MFAData
2015-06-30 15:12 - 2015-06-30 15:12 - 00000000 ____D C:\Users\Pamela\AppData\Local\MFAData
2015-06-30 15:10 - 2015-06-30 15:10 - 01415680 _____ (wj32) C:\Program Files\6KEYM6KA.exe
2015-06-30 15:03 - 2015-06-30 15:49 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\Panda Security
2015-06-30 15:03 - 2015-06-30 15:03 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-06-30 15:02 - 2015-06-30 16:00 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-06-30 14:57 - 2015-06-30 15:49 - 00000000 ____D C:\ProgramData\Panda Security
2015-06-30 12:20 - 2015-06-30 12:21 - 14243008 _____ (Microsoft Corporation) C:\Users\Pamela\Desktop\mseinstall.exe
2015-06-28 10:34 - 2015-06-28 10:34 - 01415680 _____ (wj32) C:\Program Files\SMJD74YJ.exe
2015-06-24 19:11 - 2015-06-24 19:11 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-24 19:10 - 2015-07-09 21:15 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004UA.job
2015-06-24 19:10 - 2015-07-09 19:15 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004Core.job
2015-06-24 19:10 - 2015-06-24 19:10 - 00003894 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004UA
2015-06-24 19:10 - 2015-06-24 19:10 - 00003498 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004Core
2015-06-24 19:10 - 2015-06-24 19:10 - 00000000 ____D C:\Users\Pamela\AppData\Local\Dropbox
2015-06-24 19:10 - 2015-06-24 19:10 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-24 18:42 - 2015-06-24 18:42 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\AVAST Software
2015-06-24 18:37 - 2015-06-24 18:37 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-06-24 18:37 - 2015-06-24 18:37 - 00000000 ____D C:\Windows\system32\vbox
2015-06-24 18:22 - 2015-06-24 18:22 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-24 18:15 - 2015-06-24 18:15 - 01415680 _____ (wj32) C:\Program Files\SSYAAGGS.exe
2015-06-24 18:15 - 2015-06-24 18:15 - 01415680 _____ (wj32) C:\Program Files\BEEKKNK8.exe
2015-06-24 18:12 - 2015-07-09 19:14 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-24 18:07 - 2015-06-24 18:07 - 01415680 _____ (wj32) C:\Program Files\SY114AA4.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 01415680 _____ (wj32) C:\Program Files\KWO4W4OW.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 01415680 _____ (wj32) C:\Program Files\7ADDJDGJ.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 01415680 _____ (wj32) C:\Program Files\JJMPSVJY.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 01415680 _____ (wj32) C:\Program Files\7N0GYEZO.exe
2015-06-16 20:29 - 2015-06-16 20:29 - 00000000 ____D C:\Users\User\AppData\Local\GWX
2015-06-14 18:30 - 2015-06-14 18:30 - 91607040 __RSH C:\Users\Pamela\AppData\Roaming\obikgieavl.exe
2015-06-13 09:54 - 2015-06-02 03:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-13 09:54 - 2015-06-02 02:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-13 09:54 - 2015-05-27 22:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-13 09:54 - 2015-05-27 22:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-13 09:54 - 2015-05-23 11:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-13 09:54 - 2015-05-23 11:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-13 09:54 - 2015-05-23 11:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-13 09:54 - 2015-05-23 11:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-13 09:54 - 2015-05-23 11:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-13 09:54 - 2015-05-23 11:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-13 09:54 - 2015-05-23 11:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-13 09:54 - 2015-05-23 11:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-13 09:54 - 2015-05-23 11:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-13 09:54 - 2015-05-23 11:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-13 09:54 - 2015-05-23 11:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-13 09:54 - 2015-05-23 11:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-13 09:54 - 2015-05-23 11:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-13 09:54 - 2015-05-23 10:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-13 09:54 - 2015-05-23 10:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-13 09:54 - 2015-05-23 10:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-13 09:54 - 2015-05-23 10:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-13 09:54 - 2015-05-23 10:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-13 09:54 - 2015-05-23 10:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-13 09:54 - 2015-05-23 10:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-13 09:54 - 2015-05-23 10:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-13 09:54 - 2015-05-23 10:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-13 09:54 - 2015-05-23 10:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-13 09:54 - 2015-05-23 10:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-13 09:54 - 2015-05-23 10:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-13 09:54 - 2015-05-23 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-13 09:54 - 2015-05-23 03:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-13 09:54 - 2015-05-23 03:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-13 09:54 - 2015-05-23 03:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-13 09:54 - 2015-05-23 03:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-13 09:54 - 2015-05-23 03:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-13 09:54 - 2015-05-23 03:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-13 09:54 - 2015-05-23 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-13 09:54 - 2015-05-23 02:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-13 09:54 - 2015-05-23 02:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-13 09:54 - 2015-05-23 02:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-13 09:54 - 2015-05-23 02:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-13 09:54 - 2015-05-23 02:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-13 09:54 - 2015-05-23 02:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-13 09:54 - 2015-05-23 02:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-13 09:54 - 2015-05-23 02:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-13 09:54 - 2015-05-23 02:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-13 09:54 - 2015-05-23 02:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-13 09:54 - 2015-05-23 02:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-13 09:54 - 2015-05-23 02:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-13 09:54 - 2015-05-23 02:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-13 09:54 - 2015-05-23 02:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-13 09:54 - 2015-05-23 02:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-13 09:54 - 2015-05-23 02:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-13 09:54 - 2015-05-23 02:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-13 09:54 - 2015-05-23 02:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-13 09:54 - 2015-05-23 02:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-13 09:54 - 2015-05-23 01:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-13 09:54 - 2015-05-23 01:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-13 09:54 - 2015-05-23 01:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-13 09:54 - 2015-05-23 01:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-13 09:53 - 2015-05-26 02:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-13 09:53 - 2015-05-26 02:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-13 09:53 - 2015-05-26 02:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-13 09:53 - 2015-05-26 02:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-13 09:53 - 2015-05-26 02:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-13 09:53 - 2015-05-26 02:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-13 09:53 - 2015-05-26 02:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-13 09:53 - 2015-05-26 02:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-13 09:53 - 2015-05-26 02:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-13 09:53 - 2015-05-26 02:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-13 09:53 - 2015-05-26 02:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-13 09:53 - 2015-05-26 02:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 02:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-13 09:53 - 2015-05-26 02:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-13 09:53 - 2015-05-26 02:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-13 09:53 - 2015-05-26 02:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-13 09:53 - 2015-05-26 02:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-13 09:53 - 2015-05-26 02:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-13 09:53 - 2015-05-26 02:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-13 09:53 - 2015-05-26 02:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-13 09:53 - 2015-05-26 02:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-13 09:53 - 2015-05-26 02:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-13 09:53 - 2015-05-26 02:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-13 09:53 - 2015-05-26 01:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-13 09:53 - 2015-05-26 01:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-13 09:53 - 2015-05-26 01:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-13 09:53 - 2015-05-26 01:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-13 09:53 - 2015-05-26 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-13 09:53 - 2015-05-26 01:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 01:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-13 09:53 - 2015-05-26 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-13 09:53 - 2015-05-26 00:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-13 09:53 - 2015-05-26 00:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 00:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 00:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-13 09:53 - 2015-05-26 00:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-13 09:53 - 2015-05-23 02:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-13 09:53 - 2015-05-23 02:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-13 09:53 - 2015-05-23 02:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-13 09:53 - 2015-05-23 02:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-13 09:53 - 2015-05-23 02:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-13 09:53 - 2015-05-23 02:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-13 09:53 - 2015-05-23 02:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-13 09:53 - 2015-05-21 21:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-13 09:53 - 2015-04-30 02:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-13 09:53 - 2015-04-30 02:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-13 09:53 - 2015-04-30 02:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-13 09:53 - 2015-04-30 02:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-13 09:53 - 2015-04-30 02:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-13 09:53 - 2015-04-30 02:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-13 09:53 - 2015-04-30 02:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-13 09:53 - 2015-04-30 02:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-13 09:53 - 2015-04-30 02:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-13 09:53 - 2015-04-30 02:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-13 09:52 - 2015-05-26 01:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-13 09:52 - 2015-04-25 02:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-13 09:52 - 2015-04-25 01:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-13 09:52 - 2015-04-11 11:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-10 00:00 - 2012-06-19 22:41 - 01482577 _____ C:\Windows\WindowsUpdate.log
2015-07-09 23:57 - 2014-11-12 23:18 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 23:57 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 23:57 - 2009-07-14 12:51 - 00121839 _____ C:\Windows\setupact.log
2015-07-09 23:10 - 2014-08-08 13:11 - 00000000 ____D C:\ProgramData\TheAdBlock
2015-07-09 21:44 - 2012-07-26 21:44 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004UA.job
2015-07-09 21:41 - 2013-09-29 12:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 21:40 - 2009-07-14 13:13 - 00849834 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 21:23 - 2014-11-12 23:18 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 21:07 - 2009-07-14 12:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 21:07 - 2009-07-14 12:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 20:57 - 2010-11-21 11:47 - 00627606 _____ C:\Windows\PFRO.log
2015-07-09 19:02 - 2012-07-16 03:48 - 00001945 _____ C:\Windows\epplauncher.mif
2015-07-09 18:29 - 2013-09-29 12:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 18:29 - 2012-07-17 04:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 18:29 - 2012-07-17 04:48 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-07 11:18 - 2013-01-13 21:06 - 00000000 ___RD C:\Users\Pamela\Dropbox
2015-07-07 11:18 - 2013-01-10 22:44 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\Dropbox
2015-07-07 11:17 - 2015-05-02 19:51 - 00000000 ____D C:\Users\Pamela\Desktop\4FMT
2015-07-01 19:44 - 2012-08-03 23:14 - 00000000 ____D C:\Users\Pamela\Iphone
2015-06-30 16:03 - 2015-05-02 20:14 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2015-06-30 16:01 - 2012-07-18 04:59 - 00113632 _____ C:\Users\Pamela\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 16:00 - 2009-07-14 12:45 - 04997024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-30 14:44 - 2012-07-26 21:44 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004Core.job
2015-06-30 13:02 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache
2015-06-16 21:30 - 2009-07-14 13:08 - 00032654 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-16 20:29 - 2012-07-16 04:54 - 00113632 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-15 20:41 - 2013-11-01 16:54 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\uTorrent
2015-06-15 20:29 - 2012-07-18 04:59 - 00000000 ____D C:\Users\Pamela
2015-06-14 18:07 - 2014-12-12 15:02 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-14 18:07 - 2014-05-07 17:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-14 18:07 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-13 10:43 - 2012-07-17 04:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-13 10:42 - 2013-08-16 22:54 - 00000000 ____D C:\Windows\system32\MRT
2015-06-13 10:35 - 2013-10-14 16:37 - 00000000 ____D C:\Users\Pamela\AppData\Roaming\vlc
 
==================== Files in the root of some directories =======
 
2015-07-01 19:28 - 2015-07-01 19:28 - 1415680 _____ (wj32) C:\Program Files\0O636U6I.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 1415680 _____ (wj32) C:\Program Files\2KKEE2KK.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 1415680 _____ (wj32) C:\Program Files\2N2K82BK.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 1415680 _____ (wj32) C:\Program Files\3333RRRR.exe
2015-07-07 10:23 - 2015-07-07 10:23 - 1415680 _____ (wj32) C:\Program Files\69FFIIO0.exe
2015-06-30 15:10 - 2015-06-30 15:10 - 1415680 _____ (wj32) C:\Program Files\6KEYM6KA.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 1415680 _____ (wj32) C:\Program Files\6UI66UUI.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 1415680 _____ (wj32) C:\Program Files\7ADDJDGJ.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 1415680 _____ (wj32) C:\Program Files\7N0GYEZO.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 1415680 _____ (wj32) C:\Program Files\8BEHKKKK.exe
2015-07-09 18:57 - 2015-07-09 18:57 - 1415680 _____ (wj32) C:\Program Files\9XLL9XLX.exe
2015-06-24 18:15 - 2015-06-24 18:15 - 1415680 _____ (wj32) C:\Program Files\BEEKKNK8.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 1415680 _____ (wj32) C:\Program Files\CCCLL663.exe
2015-07-07 22:15 - 2015-07-07 22:15 - 1415680 _____ (wj32) C:\Program Files\E22KE222.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 1415680 _____ (wj32) C:\Program Files\EE2KKE22.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 1415680 _____ (wj32) C:\Program Files\EKNNKKT8.exe
2015-07-07 09:56 - 2015-07-07 09:56 - 1415680 _____ (wj32) C:\Program Files\EM2AK2YI.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 1415680 _____ (wj32) C:\Program Files\ET8N2KB2.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 1415680 _____ (wj32) C:\Program Files\HT5HTH55.exe
2015-07-07 22:15 - 2015-07-07 22:15 - 1415680 _____ (wj32) C:\Program Files\I66UI666.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 1415680 _____ (wj32) C:\Program Files\J77JJ7VJ.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 1415680 _____ (wj32) C:\Program Files\JJMPSVJY.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 1415680 _____ (wj32) C:\Program Files\K8WKK8WW.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 1415680 _____ (wj32) C:\Program Files\KBB2THHK.exe
2015-07-07 11:00 - 2015-07-07 11:00 - 1415680 _____ (wj32) C:\Program Files\KK8WKK88.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 1415680 _____ (wj32) C:\Program Files\KKE2KKEK.exe
2015-07-07 21:08 - 2015-07-07 21:08 - 1415680 _____ (wj32) C:\Program Files\KNKTWW2E.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 1415680 _____ (wj32) C:\Program Files\KWO4W4OW.exe
2015-07-01 19:42 - 2015-07-01 19:42 - 1415680 _____ (wj32) C:\Program Files\LLRRUX0L.exe
2015-06-30 16:10 - 2015-06-30 16:10 - 1415680 _____ (wj32) C:\Program Files\MAYYMAYY.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 1415680 _____ (wj32) C:\Program Files\MUMYYAKE.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 1415680 _____ (wj32) C:\Program Files\OC0COCCC.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 1415680 _____ (wj32) C:\Program Files\RRFF3333.exe
2015-07-07 11:00 - 2015-07-07 11:00 - 1415680 _____ (wj32) C:\Program Files\SKG8K4GK.exe
2015-06-28 10:34 - 2015-06-28 10:34 - 1415680 _____ (wj32) C:\Program Files\SMJD74YJ.exe
2015-06-24 18:15 - 2015-06-24 18:15 - 1415680 _____ (wj32) C:\Program Files\SSYAAGGS.exe
2015-06-24 18:07 - 2015-06-24 18:07 - 1415680 _____ (wj32) C:\Program Files\SY114AA4.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 1415680 _____ (wj32) C:\Program Files\UI66UIII.exe
2015-07-09 18:59 - 2015-07-09 18:59 - 1415680 _____ (wj32) C:\Program Files\UI6UUI66.exe
2015-07-07 10:46 - 2015-07-07 10:46 - 1415680 _____ (wj32) C:\Program Files\VJVJJVJ7.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 1415680 _____ (wj32) C:\Program Files\Y477AGGV.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 1415680 _____ (wj32) C:\Program Files\YMMAYYMY.exe
2014-08-18 06:53 - 2014-10-03 17:37 - 0000004 _____ () C:\Users\Pamela\AppData\Roaming\appdataFr2.bin
2015-06-14 18:30 - 2015-06-14 18:30 - 91607040 __RSH () C:\Users\Pamela\AppData\Roaming\obikgieavl.exe
2013-01-09 19:16 - 2013-01-09 19:16 - 0018363 _____ () C:\Users\Pamela\AppData\Roaming\UserTile.png
2012-07-28 16:44 - 2015-02-11 19:25 - 0015360 _____ () C:\Users\Pamela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-18 14:13 - 2013-04-18 14:13 - 0000017 _____ () C:\Users\Pamela\AppData\Local\resmon.resmoncfg
2015-06-30 15:26 - 2015-06-30 15:26 - 0000189 _____ () C:\ProgramData\1435649158.6440.bin
2015-06-30 15:25 - 2015-06-30 15:26 - 0040992 _____ () C:\ProgramData\1435649158.6560.bin
2015-06-30 15:26 - 2015-06-30 15:26 - 0002055 _____ () C:\ProgramData\1435649158.7308.bin
2013-06-22 16:54 - 2013-06-22 17:22 - 0000869 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\Pamela\AppData\Local\Temp\6c9124dB.exe
C:\Users\Pamela\AppData\Local\Temp\cdo1154378158.dll
C:\Users\Pamela\AppData\Local\Temp\cdo1391071590.dll
C:\Users\Pamela\AppData\Local\Temp\cdo1716408344.dll
C:\Users\Pamela\AppData\Local\Temp\cdo1744940772.dll
C:\Users\Pamela\AppData\Local\Temp\cdo1867906726.dll
C:\Users\Pamela\AppData\Local\Temp\cdo1899911231.dll
C:\Users\Pamela\AppData\Local\Temp\cdo1987018765.dll
C:\Users\Pamela\AppData\Local\Temp\cdo204389721.dll
C:\Users\Pamela\AppData\Local\Temp\cdo2845641240.dll
C:\Users\Pamela\AppData\Local\Temp\cdo3295506971.dll
C:\Users\Pamela\AppData\Local\Temp\cdo4104143913.dll
C:\Users\Pamela\AppData\Local\Temp\cdo4189605377.dll
C:\Users\Pamela\AppData\Local\Temp\cdo4266271356.dll
C:\Users\Pamela\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Pamela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjw2xiv.dll
C:\Users\Pamela\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Pamela\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Pamela\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Pamela\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Pamela\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Pamela\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Pamela\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Pamela\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Pamela\AppData\Local\Temp\Quarantine.exe
C:\Users\Pamela\AppData\Local\Temp\ResetDevice.exe
C:\Users\Pamela\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Pamela\AppData\Local\Temp\{7E74EDB7-144C-4B6D-B312-1582664A14BE}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-09 20:15
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Pamela at 2015-07-10 00:05:08
Running from C:\Users\Pamela\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
1 (S-1-5-21-3274271813-1450127335-1485058091-1008 - Limited - Enabled) => C:\Users\1
Administrator (S-1-5-21-3274271813-1450127335-1485058091-500 - Administrator - Disabled)
Guest (S-1-5-21-3274271813-1450127335-1485058091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3274271813-1450127335-1485058091-1003 - Limited - Enabled)
Pamela (S-1-5-21-3274271813-1450127335-1485058091-1004 - Administrator - Enabled) => C:\Users\Pamela
User (S-1-5-21-3274271813-1450127335-1485058091-1000 - Administrator - Enabled) => C:\Users\User
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Able2Extract Professional 8.0 (HKLM-x32\...\{C894CC24-0DEC-4340-BCC9-DD4310DF3BED}_is1) (Version: 8.0 - Investintech.com Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dota 2 version 866 (HKLM-x32\...\{4CDB9F3A-D782-4305-84DC-33E57ED4A25F}_is1) (Version: 866 - Valve, Inc.)
Dropbox (HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 20 (HKLM-x32\...\{F4247229-CCB7-4CA5-A700-4A0057F67CF4}_is1) (Version:  - IBM)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Movie Maker 6.1 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2winmovie}}_is1) (Version:  - win-movie-maker-free)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WordWeb (HKLM-x32\...\WordWeb) (Version: 6 - WordWeb Software)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2015-07-07 22:30 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {20E50298-29B0-47E5-8C37-656608397F48} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004Core => C:\Users\Pamela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {324877EB-0BAB-4176-AD6D-63FB5F152F4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {40622307-A20B-4B27-A23B-BA0BA26DC223} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004Core => C:\Users\Pamela\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {478F5D57-197A-4A48-94F0-2897DE93FD5C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {62800E53-D991-4C2A-997C-A85EF77D7099} - System32\Tasks\Yahoo! Search Updater => C:\Users\User\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe <==== ATTENTION
Task: {6D08DF96-AC63-4EFF-8409-CA04CB3FB2D9} - System32\Tasks\SUPERAntiSpyware Scheduled Task 837525c9-e531-4c40-8051-6eb9f84b7547 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {99A6666C-9BD2-4570-93BE-0FD4BDF9BEAB} - System32\Tasks\Yahoo! Search => C:\Users\User\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe <==== ATTENTION
Task: {A28B6EE1-293F-435E-AA64-79DE6304CD66} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004UA => C:\Users\Pamela\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {AC06B85C-5BD5-450C-A4C6-6A46FF77407A} - System32\Tasks\{F9E6097D-A09C-467A-A4CD-EBA7B8C56CA0} => pcalua.exe -a "D:\Adobe Photoshop v7\Photoshop\Setup.exe" -d "D:\Adobe Photoshop v7\Photoshop"
Task: {B1F40447-B1A0-4D8F-A2E4-ACBBCE90DBAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)
Task: {C8475946-8DF2-4E3B-A06B-C53419A9B011} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-09] (Avast Software s.r.o.)
Task: {D26CB06C-C0FA-4E5F-B7A4-E2D2479A24A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004UA => C:\Users\Pamela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {D6D008CF-C724-4737-BBCE-B500AB58050D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EC6A0861-4CB7-409A-B1B2-3515958B5CBA} - System32\Tasks\SUPERAntiSpyware Scheduled Task e650939f-2fbc-4611-8639-76ad2450b19a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {ECA19F00-0D46-4915-8A43-013555105A62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)
Task: {F83DBDBE-5580-417A-AB75-A30B6661B7D2} - System32\Tasks\{F4342F0D-AB08-4F8F-9AB0-A514F5F29762} => pcalua.exe -a "C:\Program Files (x86)\4Media\MP4 to MP3 Converter 6\Uninstall.exe"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004Core.job => C:\Users\Pamela\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004UA.job => C:\Users\Pamela\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004Core.job => C:\Users\Pamela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274271813-1450127335-1485058091-1004UA.job => C:\Users\Pamela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 837525c9-e531-4c40-8051-6eb9f84b7547.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e650939f-2fbc-4611-8639-76ad2450b19a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-07-28 11:07 - 2011-07-28 11:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-06-19 22:50 - 2011-04-11 01:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-07-28 11:07 - 2011-07-28 11:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-04-07 00:37 - 2012-04-21 15:11 - 00077064 ____N () C:\Program Files (x86)\WordWeb\wweb32.exe
2013-04-07 00:37 - 2012-07-15 12:27 - 02216480 ____N () C:\Windows\wweb32.dll
2013-04-07 00:37 - 2012-07-15 12:25 - 00022800 ____N () C:\Program Files (x86)\WordWeb\WUCNT.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-09 19:38 - 2015-07-09 19:38 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-09 19:38 - 2015-07-09 19:38 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-09 19:38 - 2015-07-09 19:38 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2014-10-24 07:35 - 2014-10-24 07:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-06-19 22:51 - 2010-11-06 14:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-11-12 23:21 - 2014-11-06 07:56 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libglesv2.dll
2014-11-12 23:21 - 2014-11-06 07:56 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libegl.dll
2014-11-12 23:21 - 2014-11-06 07:57 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\pdf.dll
2014-11-12 23:21 - 2014-11-06 07:56 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\ffmpegsumo.dll
2014-11-12 23:21 - 2014-11-06 07:57 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Pam\AppData\Local:LlGPg7XT0KyZdVtE9rJamhR
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Microsoft Services Host => C:\Users\Pam\AppData\Roaming\winsrvcrs\KDk1Z90doc8w\svchost.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F13DA0AE-1642-4956-8147-2853EF750237}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{4364726A-8571-40BE-8DAF-FC191072FCF1}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{A3998470-4496-451C-96F5-56AC722BB127}] => (Allow) LPort=7935
FirewallRules: [{14F7E670-5EA9-4877-BDFA-EC183AF63015}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{6B175815-EA66-4164-A567-8E84B5F73131}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{60E6E2F7-F8AD-4C92-BAA3-5B99F06F235C}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{74EF646A-9D7D-41E9-931C-A7295CBB7011}] => (Block) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{F027D561-8BAC-44CC-8094-8D5D13F41EEF}] => (Block) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{23AE793D-A8CF-4A86-9932-BD7DFFE8CFA9}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{83B9D2BB-2A48-47CA-AC6F-40F944A2545E}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{2AA6FF61-904D-446C-AB8A-FDCEE7914729}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{817B921E-9C6E-4CCF-9585-60E18B8CDAE0}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{0A0013E5-669C-42D3-BC57-F33ED6D97EEE}] => (Allow) C:\Users\Pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1A4DE3AC-4976-4494-97E3-8C46A3BED0E3}] => (Allow) C:\Users\Pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0BD85646-5184-4850-8C8B-F8082C2457AD}C:\users\pamela\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\pamela\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C6DC829A-1D85-44A0-B9A3-98C489D47D86}C:\users\pamela\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\pamela\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5814677D-3B24-4892-92BC-1072BFE1E80D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{65ECD891-F259-4C17-B006-DFDBCE3B55C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{E17BD007-650F-4998-AD8F-62D23ADE4689}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E844DAB5-1C5D-4D88-B018-7975E31B79B0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0BCA98A8-77AD-4C6F-B1F4-30034C1B8F7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{86044E09-065D-4444-959D-9E31C9EE6B94}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{0CE52D8E-E771-437D-8237-24E1D4BB929E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{76D34892-568C-4832-A809-30A848502F6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{68606B37-36F0-4474-9C61-6C3DE828D5AE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{24A5A792-25A6-44DB-9C3E-1CBA5777BE8A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4094CBA0-2565-4B5B-A4DE-E3333B0ABEB1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{645E58CC-DA58-4B5A-A2F9-6538304A9C43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{4A452513-6057-4FF6-85F9-36FD6DD3B793}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D25CA2F1-91E2-493B-8F0E-F4B57FBBFAC4}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{0916D32B-768D-4E34-9153-FE61E151E9ED}C:\users\pamela\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pamela\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8019EE98-A946-4AAA-B11D-41B8275FB37D}C:\users\pamela\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pamela\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{5B1F7EF5-B44B-49C1-9CD6-6B11869D9E2A}C:\users\pamela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pamela\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CE764ADF-3DEC-4365-B5CD-BAE2DB7BE321}C:\users\pamela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pamela\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F75FBD50-1C05-4ADF-BE24-FB6BC23E0D71}C:\dota\dota 2\dota.exe] => (Allow) C:\dota\dota 2\dota.exe
FirewallRules: [UDP Query User{93222D5A-4A7B-4691-BB38-26FB622FE430}C:\dota\dota 2\dota.exe] => (Allow) C:\dota\dota 2\dota.exe
FirewallRules: [TCP Query User{E1E93916-84FF-4B40-9C33-27FA38D696DD}C:\dota\dota 2\dota.exe] => (Block) C:\dota\dota 2\dota.exe
FirewallRules: [UDP Query User{DBCF99EE-76D7-4929-A5D2-2C98DF86B43E}C:\dota\dota 2\dota.exe] => (Block) C:\dota\dota 2\dota.exe
FirewallRules: [TCP Query User{85296BFA-74A2-4C28-A276-9F69A8CA824E}C:\users\pamela\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pamela\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6D57B239-6F84-40C8-AC5C-E63C9952BE9E}C:\users\pamela\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pamela\appdata\roaming\spotify\spotify.exe
FirewallRules: [{011FB1E7-E701-4807-9E01-11E0523885EC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4A89DA46-B353-4689-BDF3-367F15258054}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C15349B6-7D4A-4138-8C58-39B2C9008123}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8535AD8E-C894-409F-97C8-F8636C9869F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6CD3FF6A-A982-4B59-A616-308E78DE1074}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{889FD6CE-81A3-4092-94DB-B88BAA50A892}C:\program files (x86)\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{BDBACB0D-3969-49FC-96A1-FB60F5E463E6}C:\program files (x86)\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [TCP Query User{5D0668AB-C13C-45A2-9E1D-BE3BA94954FA}C:\program files (x86)\ibm\spss\statistics\20\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\20\stats.exe
FirewallRules: [UDP Query User{616A23F7-311D-4398-AA21-CA5F73E48170}C:\program files (x86)\ibm\spss\statistics\20\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\20\stats.exe
FirewallRules: [{CD5959BA-5AAB-43EC-9C74-6A31300CBD4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2F0129E4-6313-44EB-942E-57EEAA5A8ADC}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{E864783C-134A-4EC5-9FED-53AFE298D9CF}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/09/2015 11:57:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 09:51:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 09:48:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 09:45:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 09:43:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 08:58:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 07:03:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 06:49:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 04:15:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 10:40:05 PM) (Source: MsiInstaller) (EventID: 11321) (User: Pam-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1321. SA_Error1321: StandardAction(0xC0070529): The Installer has insufficient privileges to modify this file: C:\Program Files (x86)\AVG\AVG2015\avgcrema.exe.
 
 
System errors:
=============
Error: (07/09/2015 11:57:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Assistant service to connect.
 
Error: (07/09/2015 10:49:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:51:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:51:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:51:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:51:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:51:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:51:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:50:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/09/2015 09:50:59 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
 
Microsoft Office:
=========================
Error: (03/29/2015 09:58:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (01/03/2015 10:42:53 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 74 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (09/07/2014 07:58:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5510 seconds with 2040 seconds of active time.  This session ended with a crash.
 
Error: (03/03/2014 09:47:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14528 seconds with 4680 seconds of active time.  This session ended with a crash.
 
Error: (09/15/2013 01:53:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 13160 seconds with 5400 seconds of active time.  This session ended with a crash.
 
Error: (09/02/2013 08:26:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (07/11/2013 05:48:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (01/29/2013 10:00:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9437 seconds with 4380 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 31%
Total physical RAM: 6038.17 MB
Available physical RAM: 4117.39 MB
Total Virtual: 12074.54 MB
Available Virtual: 10093.29 MB
 
==================== Drives ================================
 
Drive c: (PROGRAMS) (Fixed) (Total:301.92 GB) (Free:233.06 GB) NTFS
Drive e: (DATA) (Fixed) (Total:294.15 GB) (Free:247.63 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: DAB31D45)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=301.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=294.1 GB) - (Type=07 NTFS)
 
==================== End of log ============================

 


  • 0

Advertisements

#2
Essexboy
Posted 09 July 2015 - 10:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, sometimes this malware gets a bit uppity and blue screens when we try to remove it. If that occurs then just run the fix in safe mode. Avast and MBAM should start after the reboot

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
Startup: C:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a.lnk [2015-06-14]
ShortcutTarget: a.lnk -> C:\Users\Pamela\AppData\Roaming\obikgieavl.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Hosts: 0.0.0.1 mssplus.mcafee.com
CHR HKLM-x32\...\Chrome\Extension: [odpccdgkmiicgocepijnaeihjnjnomca] - C:\Program Files (x86)\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx [Not Found]
R2 VSSS; C:\Users\Pamela\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [97314624 2015-06-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
2015-07-09 18:59 - 2015-07-09 18:59 - 01415680 _____ (wj32) C:\Program Files\UI6UUI66.exe
2015-07-09 18:57 - 2015-07-09 18:57 - 01415680 _____ (wj32) C:\Program Files\9XLL9XLX.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\KBB2THHK.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\HT5HTH55.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\ET8N2KB2.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\RRFF3333.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\J77JJ7VJ.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\3333RRRR.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\Y477AGGV.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\EE2KKE22.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\8BEHKKKK.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\6UI66UUI.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\2KKEE2KK.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 01415680 _____ (wj32) C:\Program Files\YMMAYYMY.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 01415680 _____ (wj32) C:\Program Files\KKE2KKEK.exe
2015-07-07 22:15 - 2015-07-07 22:15 - 01415680 _____ (wj32) C:\Program Files\I66UI666.exe
2015-07-07 22:15 - 2015-07-07 22:15 - 01415680 _____ (wj32) C:\Program Files\E22KE222.exe
2015-07-07 21:08 - 2015-07-07 21:08 - 01415680 _____ (wj32) C:\Program Files\KNKTWW2E.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 01415680 _____ (wj32) C:\Program Files\EKNNKKT8.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 01415680 _____ (wj32) C:\Program Files\2N2K82BK.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\UI66UIII.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\OC0COCCC.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\K8WKK8WW.exe
2015-07-07 11:00 - 2015-07-07 11:00 - 01415680 _____ (wj32) C:\Program Files\SKG8K4GK.exe
2015-07-07 11:00 - 2015-07-07 11:00 - 01415680 _____ (wj32) C:\Program Files\KK8WKK88.exe
2015-07-07 10:46 - 2015-07-07 10:46 - 01415680 _____ (wj32) C:\Program Files\VJVJJVJ7.exe
2015-07-07 10:23 - 2015-07-07 10:23 - 01415680 _____ (wj32) C:\Program Files\69FFIIO0.exe
2015-07-07 09:56 - 2015-07-07 09:56 - 01415680 _____ (wj32) C:\Program Files\EM2AK2YI.exe
2015-07-01 19:42 - 2015-07-01 19:42 - 01415680 _____ (wj32) C:\Program Files\LLRRUX0L.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 01415680 _____ (wj32) C:\Program Files\MUMYYAKE.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 01415680 _____ (wj32) C:\Program Files\CCCLL663.exe
2015-07-01 19:28 - 2015-07-01 19:28 - 01415680 _____ (wj32) C:\Program Files\0O636U6I.exe
2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\MAYYMAYY.exe
2015-06-30 15:26 - 2015-06-30 15:26 - 00002055 _____ C:\ProgramData\1435649158.7308.bin
2015-06-30 15:26 - 2015-06-30 15:26 - 00000189 _____ C:\ProgramData\1435649158.6440.bin
2015-06-30 15:25 - 2015-06-30 15:26 - 00040992 _____ C:\ProgramData\1435649158.6560.bin
2015-06-30 15:10 - 2015-06-30 15:10 - 01415680 _____ (wj32) C:\Program Files\6KEYM6KA.exe
2015-06-28 10:34 - 2015-06-28 10:34 - 01415680 _____ (wj32) C:\Program Files\SMJD74YJ.exe
2015-06-24 18:15 - 2015-06-24 18:15 - 01415680 _____ (wj32) C:\Program Files\SSYAAGGS.exe
2015-06-24 18:15 - 2015-06-24 18:15 - 01415680 _____ (wj32) C:\Program Files\BEEKKNK8.exe
2015-06-24 18:07 - 2015-06-24 18:07 - 01415680 _____ (wj32) C:\Program Files\SY114AA4.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 01415680 _____ (wj32) C:\Program Files\KWO4W4OW.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 01415680 _____ (wj32) C:\Program Files\7ADDJDGJ.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 01415680 _____ (wj32) C:\Program Files\JJMPSVJY.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 01415680 _____ (wj32) C:\Program Files\7N0GYEZO.exe
2015-06-14 18:30 - 2015-06-14 18:30 - 91607040 __RSH C:\Users\Pamela\AppData\Roaming\obikgieavl.exe
Task: {62800E53-D991-4C2A-997C-A85EF77D7099} - System32\Tasks\Yahoo! Search Updater => C:\Users\User\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe <==== ATTENTION
Task: {99A6666C-9BD2-4570-93BE-0FD4BDF9BEAB} - System32\Tasks\Yahoo! Search => C:\Users\User\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe <==== ATTENTION
Task: {F83DBDBE-5580-417A-AB75-A30B6661B7D2} - System32\Tasks\{F4342F0D-AB08-4F8F-9AB0-A514F5F29762} => pcalua.exe -a "C:\Program Files (x86)\4Media\MP4 to MP3 Converter 6\Uninstall.exe"
AlternateDataStreams: C:\Users\Pam\AppData\Local:LlGPg7XT0KyZdVtE9rJamhR
C:\Users\User\AppData\Local\Pay-By-Ads
C:\Users\Pamela\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#3
happydummy
Posted 09 July 2015 - 06:23 PM

happydummy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Pamela at 2015-07-10 07:51:46 Run:1
Running from C:\Users\Pamela\Desktop
Loaded Profiles: Pamela (Available Profiles: User & Pamela & 1)
Boot Mode: Safe Mode (minimal)
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
Startup: C:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a.lnk [2015-06-14]
ShortcutTarget: a.lnk -> C:\Users\Pamela\AppData\Roaming\obikgieavl.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-3274271813-1450127335-1485058091-1004 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Hosts: 0.0.0.1 mssplus.mcafee.com
CHR HKLM-x32\...\Chrome\Extension: [odpccdgkmiicgocepijnaeihjnjnomca] - C:\Program Files (x86)\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx [Not Found]
R2 VSSS; C:\Users\Pamela\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [97314624 2015-06-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
2015-07-09 18:59 - 2015-07-09 18:59 - 01415680 _____ (wj32) C:\Program Files\UI6UUI66.exe
2015-07-09 18:57 - 2015-07-09 18:57 - 01415680 _____ (wj32) C:\Program Files\9XLL9XLX.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\KBB2THHK.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\HT5HTH55.exe
2015-07-09 18:51 - 2015-07-09 18:51 - 01415680 _____ (wj32) C:\Program Files\ET8N2KB2.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\RRFF3333.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\J77JJ7VJ.exe
2015-07-09 18:46 - 2015-07-09 18:46 - 01415680 _____ (wj32) C:\Program Files\3333RRRR.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\Y477AGGV.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\EE2KKE22.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\8BEHKKKK.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\6UI66UUI.exe
2015-07-09 16:15 - 2015-07-09 16:15 - 01415680 _____ (wj32) C:\Program Files\2KKEE2KK.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 01415680 _____ (wj32) C:\Program Files\YMMAYYMY.exe
2015-07-07 22:41 - 2015-07-07 22:41 - 01415680 _____ (wj32) C:\Program Files\KKE2KKEK.exe
2015-07-07 22:15 - 2015-07-07 22:15 - 01415680 _____ (wj32) C:\Program Files\I66UI666.exe
2015-07-07 22:15 - 2015-07-07 22:15 - 01415680 _____ (wj32) C:\Program Files\E22KE222.exe
2015-07-07 21:08 - 2015-07-07 21:08 - 01415680 _____ (wj32) C:\Program Files\KNKTWW2E.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 01415680 _____ (wj32) C:\Program Files\EKNNKKT8.exe
2015-07-07 21:07 - 2015-07-07 21:07 - 01415680 _____ (wj32) C:\Program Files\2N2K82BK.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\UI66UIII.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\OC0COCCC.exe
2015-07-07 11:14 - 2015-07-07 11:14 - 01415680 _____ (wj32) C:\Program Files\K8WKK8WW.exe
2015-07-07 11:00 - 2015-07-07 11:00 - 01415680 _____ (wj32) C:\Program Files\SKG8K4GK.exe
2015-07-07 11:00 - 2015-07-07 11:00 - 01415680 _____ (wj32) C:\Program Files\KK8WKK88.exe
2015-07-07 10:46 - 2015-07-07 10:46 - 01415680 _____ (wj32) C:\Program Files\VJVJJVJ7.exe
2015-07-07 10:23 - 2015-07-07 10:23 - 01415680 _____ (wj32) C:\Program Files\69FFIIO0.exe
2015-07-07 09:56 - 2015-07-07 09:56 - 01415680 _____ (wj32) C:\Program Files\EM2AK2YI.exe
2015-07-01 19:42 - 2015-07-01 19:42 - 01415680 _____ (wj32) C:\Program Files\LLRRUX0L.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 01415680 _____ (wj32) C:\Program Files\MUMYYAKE.exe
2015-07-01 19:34 - 2015-07-01 19:34 - 01415680 _____ (wj32) C:\Program Files\CCCLL663.exe
2015-07-01 19:28 - 2015-07-01 19:28 - 01415680 _____ (wj32) C:\Program Files\0O636U6I.exe
2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\MAYYMAYY.exe
2015-06-30 15:26 - 2015-06-30 15:26 - 00002055 _____ C:\ProgramData\1435649158.7308.bin
2015-06-30 15:26 - 2015-06-30 15:26 - 00000189 _____ C:\ProgramData\1435649158.6440.bin
2015-06-30 15:25 - 2015-06-30 15:26 - 00040992 _____ C:\ProgramData\1435649158.6560.bin
2015-06-30 15:10 - 2015-06-30 15:10 - 01415680 _____ (wj32) C:\Program Files\6KEYM6KA.exe
2015-06-28 10:34 - 2015-06-28 10:34 - 01415680 _____ (wj32) C:\Program Files\SMJD74YJ.exe
2015-06-24 18:15 - 2015-06-24 18:15 - 01415680 _____ (wj32) C:\Program Files\SSYAAGGS.exe
2015-06-24 18:15 - 2015-06-24 18:15 - 01415680 _____ (wj32) C:\Program Files\BEEKKNK8.exe
2015-06-24 18:07 - 2015-06-24 18:07 - 01415680 _____ (wj32) C:\Program Files\SY114AA4.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 01415680 _____ (wj32) C:\Program Files\KWO4W4OW.exe
2015-06-24 18:02 - 2015-06-24 18:02 - 01415680 _____ (wj32) C:\Program Files\7ADDJDGJ.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 01415680 _____ (wj32) C:\Program Files\JJMPSVJY.exe
2015-06-24 17:59 - 2015-06-24 17:59 - 01415680 _____ (wj32) C:\Program Files\7N0GYEZO.exe
2015-06-14 18:30 - 2015-06-14 18:30 - 91607040 __RSH C:\Users\Pamela\AppData\Roaming\obikgieavl.exe
Task: {62800E53-D991-4C2A-997C-A85EF77D7099} - System32\Tasks\Yahoo! Search Updater => C:\Users\User\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe <==== ATTENTION
Task: {99A6666C-9BD2-4570-93BE-0FD4BDF9BEAB} - System32\Tasks\Yahoo! Search => C:\Users\User\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe <==== ATTENTION
Task: {F83DBDBE-5580-417A-AB75-A30B6661B7D2} - System32\Tasks\{F4342F0D-AB08-4F8F-9AB0-A514F5F29762} => pcalua.exe -a "C:\Program Files (x86)\4Media\MP4 to MP3 Converter 6\Uninstall.exe"
AlternateDataStreams: C:\Users\Pam\AppData\Local:LlGPg7XT0KyZdVtE9rJamhR
C:\Users\User\AppData\Local\Pay-By-Ads
C:\Users\Pamela\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Error: Restore point can only be created in normal mode.
C:\Users\Pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a.lnk => moved successfully.
C:\Users\Pamela\AppData\Roaming\obikgieavl.exe => moved successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. 
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\odpccdgkmiicgocepijnaeihjnjnomca" => key removed successfully
VSSS => Service removed successfully
699fd52f => Service removed successfully
C:\Program Files\UI6UUI66.exe => moved successfully.
C:\Program Files\9XLL9XLX.exe => moved successfully.
C:\Program Files\KBB2THHK.exe => moved successfully.
C:\Program Files\HT5HTH55.exe => moved successfully.
C:\Program Files\ET8N2KB2.exe => moved successfully.
C:\Program Files\RRFF3333.exe => moved successfully.
C:\Program Files\J77JJ7VJ.exe => moved successfully.
C:\Program Files\3333RRRR.exe => moved successfully.
C:\Program Files\Y477AGGV.exe => moved successfully.
C:\Program Files\EE2KKE22.exe => moved successfully.
C:\Program Files\8BEHKKKK.exe => moved successfully.
C:\Program Files\6UI66UUI.exe => moved successfully.
C:\Program Files\2KKEE2KK.exe => moved successfully.
C:\Program Files\YMMAYYMY.exe => moved successfully.
C:\Program Files\KKE2KKEK.exe => moved successfully.
C:\Program Files\I66UI666.exe => moved successfully.
C:\Program Files\E22KE222.exe => moved successfully.
C:\Program Files\KNKTWW2E.exe => moved successfully.
C:\Program Files\EKNNKKT8.exe => moved successfully.
C:\Program Files\2N2K82BK.exe => moved successfully.
C:\Program Files\UI66UIII.exe => moved successfully.
C:\Program Files\OC0COCCC.exe => moved successfully.
C:\Program Files\K8WKK8WW.exe => moved successfully.
C:\Program Files\SKG8K4GK.exe => moved successfully.
C:\Program Files\KK8WKK88.exe => moved successfully.
C:\Program Files\VJVJJVJ7.exe => moved successfully.
C:\Program Files\69FFIIO0.exe => moved successfully.
C:\Program Files\EM2AK2YI.exe => moved successfully.
C:\Program Files\LLRRUX0L.exe => moved successfully.
C:\Program Files\MUMYYAKE.exe => moved successfully.
C:\Program Files\CCCLL663.exe => moved successfully.
C:\Program Files\0O636U6I.exe => moved successfully.
C:\Program Files\MAYYMAYY.exe => moved successfully.
C:\ProgramData\1435649158.7308.bin => moved successfully.
C:\ProgramData\1435649158.6440.bin => moved successfully.
C:\ProgramData\1435649158.6560.bin => moved successfully.
C:\Program Files\6KEYM6KA.exe => moved successfully.
C:\Program Files\SMJD74YJ.exe => moved successfully.
C:\Program Files\SSYAAGGS.exe => moved successfully.
C:\Program Files\BEEKKNK8.exe => moved successfully.
C:\Program Files\SY114AA4.exe => moved successfully.
C:\Program Files\KWO4W4OW.exe => moved successfully.
C:\Program Files\7ADDJDGJ.exe => moved successfully.
C:\Program Files\JJMPSVJY.exe => moved successfully.
C:\Program Files\7N0GYEZO.exe => moved successfully.
"C:\Users\Pamela\AppData\Roaming\obikgieavl.exe" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62800E53-D991-4C2A-997C-A85EF77D7099}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62800E53-D991-4C2A-997C-A85EF77D7099}" => key removed successfully
C:\Windows\System32\Tasks\Yahoo! Search Updater => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Search Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99A6666C-9BD2-4570-93BE-0FD4BDF9BEAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99A6666C-9BD2-4570-93BE-0FD4BDF9BEAB}" => key removed successfully
C:\Windows\System32\Tasks\Yahoo! Search => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Search" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F83DBDBE-5580-417A-AB75-A30B6661B7D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F83DBDBE-5580-417A-AB75-A30B6661B7D2}" => key removed successfully
C:\Windows\System32\Tasks\{F4342F0D-AB08-4F8F-9AB0-A514F5F29762} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F4342F0D-AB08-4F8F-9AB0-A514F5F29762}" => key removed successfully
C:\Users\Pam\AppData\Local => ":LlGPg7XT0KyZdVtE9rJamhR" ADS removed successfully.
C:\Users\User\AppData\Local\Pay-By-Ads => moved successfully.
C:\Users\Pamela\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe => moved successfully.
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3274271813-1450127335-1485058091-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to connect to BITS - 0x8007042c
The dependency service or group failed to start.
 
 
 
========= End of CMD: =========
 
EmptyTemp: => 3.1 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 07:53:19 ====

  • 0

#4
happydummy
Posted 09 July 2015 - 06:33 PM

happydummy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

AVs working now. By the way, can I delete all the files I've downloaded for this fix? (ie. VIPRERescue, SuperAntiSpyware, FRST and its logs) or should they just stay in my desktop?


  • 0

#5
Essexboy
Posted 10 July 2015 - 02:35 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No delete them as you should only run 1 antivirus programme

How is the computer behaving now ?

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#6
Essexboy
Posted 14 July 2015 - 08:54 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP