Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Missing .dll file [Solved]

Started by Peacemaker2.0 , Oct 27 2015 02:05 PM

  • This topic is locked This topic is locked

#1
Peacemaker2.0
Posted 27 October 2015 - 02:05 PM

Peacemaker2.0

    Member

  • Member
  • PipPip
  • 15 posts

Hello while trying to open a game i got an error msg saying that a .dll file is missing so i tried to find it online. i tried microsoft visual c++ but i'm not sure if it didn't work or i did something wrong but that game is still giving me the error msg and i tried looking for the file elsewhere and i got a couple malware etc from this adventure but i managed to remove most of them (i think) except for one that's in jap that refuses to get deleted. Thanks for the help pics attached

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-10-2015 02
Ran by Norma (administrator) on NORMA-PC (27-10-2015 15:55:01)
Running from C:\Users\Norma\Desktop
Loaded Profiles: Norma (Available Profiles: Norma & sharilyn & Guest)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\ApplicationHosting\ApplicationHosting.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\baidu\pps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(爱奇艺) C:\IQIYI Video\LStyle\QyClient.exe
(爱奇艺) C:\IQIYI Video\LStyle\QyPlayer.exe
(iQIYI.COM) C:\IQIYI Video\LStyle\QyKernel.exe
(爱奇艺) C:\IQIYI Video\LStyle\QyBrowser.exe
(爱奇艺) C:\IQIYI Video\LStyle\QyMiniPlayer.exe
(爱奇艺) C:\IQIYI Video\LStyle\QyFragment.exe
() C:\IQIYI Video\LStyle\Mobile\AndroidService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\...\Run: [apphide] => C:\Program Files\baidu\pps.exe [77824 2015-10-21] ()
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\...\Run: [HCDNClient] => C:\IQIYI Video\LStyle\QyKernel.exe [576104 2015-08-04] (iQIYI.COM)
Startup: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1010 series.lnk [2015-10-27]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1010 series.lnk -> C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 205.160.233.2 209.59.69.2
Tcpip\..\Interfaces\{0B0D20BA-5432-4902-BCFA-A8EC0A190B62}: [DhcpNameServer] 205.160.233.2 209.59.69.2
 
Internet Explorer:
==================
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNU71X8zMKdUmYOvbWN5ZGc8MldxlL4M5rh2mdD7hbkYuDnsDsaw5hQKOWO_TOD0GugDKjGeFERPFkg,,
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
BHO: °®ÆæÒÕÖúÊÖ -> {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} -> C:\IQIYI Video\LStyle\Accelerator\IEHelper.dll [2015-08-04] (爱奇艺)
 
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-08-04] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-15] (Oracle Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-27] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-27] (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-27] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3661653562-1552711580-3814472317-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin HKU\S-1-5-21-3661653562-1552711580-3814472317-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Norma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
 
Chrome: 
=======
CHR Profile: C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-10] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-10] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-26]
CHR Extension: (Google Search) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (SuddenlyMusic) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmfdbakibnloleopfpgaigmnmbjjpmgk [2015-07-08]
CHR Extension: (Google Sheets) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-10] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-22]
CHR Extension: (Google Wallet) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-10] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR Profile: C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-27]
CHR Extension: (Google Search) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Word Online) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-23]
CHR Extension: (Google Wallet) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\Norma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-11]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [808448 2015-10-25] () [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-27] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-27] (globalUpdate) [File not signed] <==== ATTENTION
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [164864 2009-07-13] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-13] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-27 15:55 - 2015-10-27 15:55 - 00014939 _____ C:\Users\Norma\Desktop\FRST.txt
2015-10-27 15:51 - 2015-10-27 15:52 - 01701376 _____ (Farbar) C:\Users\Norma\Downloads\FRST.exe
2015-10-27 15:42 - 2015-10-27 15:45 - 00000000 ____D C:\ProgramData\LocalStorage
2015-10-27 15:37 - 2015-10-27 15:37 - 00000000 ____D C:\Users\Norma\.android
2015-10-27 15:23 - 2015-10-27 15:37 - 00001270 _____ C:\Users\Norma\Desktop\全网影视.lnk
2015-10-27 15:23 - 2015-10-27 15:37 - 00000979 _____ C:\Users\Norma\Desktop\PPS游戏大厅.lnk
2015-10-27 15:23 - 2015-10-27 15:23 - 00000000 ____D C:\Users\Norma\AppData\Roaming\ppslog
2015-10-27 15:23 - 2015-10-27 15:23 - 00000000 ____D C:\Users\Norma\AppData\LocalLow\VirtualStore
2015-10-27 14:46 - 2015-10-27 14:58 - 00001026 _____ C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job
2015-10-27 14:43 - 2015-10-27 14:58 - 00000958 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-10-27 14:43 - 2015-10-27 14:58 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-10-27 14:43 - 2015-10-27 14:48 - 00000962 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-10-27 14:43 - 2015-10-27 14:43 - 00000000 ____D C:\Users\Norma\AppData\Local\globalUpdate
2015-10-27 14:43 - 2015-10-27 14:43 - 00000000 ____D C:\Program Files\globalUpdate
2015-10-27 14:37 - 2015-10-27 15:53 - 00000000 ____D C:\qycache
2015-10-27 14:37 - 2015-10-27 15:00 - 00000000 ____D C:\Users\Norma\AppData\Local\SysassistByHotWheel
2015-10-27 14:37 - 2015-10-27 14:37 - 00000000 ____D C:\Users\Norma\AppData\LocalLow\Unity
2015-10-27 14:37 - 2015-10-27 14:37 - 00000000 ____D C:\Users\Norma\AppData\Local\Unity
2015-10-27 14:37 - 2015-10-27 14:37 - 00000000 ____D C:\ppsfile
2015-10-27 14:36 - 2015-10-27 15:47 - 00000000 ____D C:\Users\Norma\AppData\Roaming\IQIYI Video
2015-10-27 14:36 - 2015-10-27 15:23 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-10-27 14:36 - 2015-10-27 14:37 - 00000000 ____D C:\IQIYI Video
2015-10-27 14:36 - 2015-10-27 14:36 - 00000000 ____D C:\Users\Public\QiYi
2015-10-27 14:31 - 2015-10-27 14:31 - 00000000 ____D C:\Program Files\baidu
2015-10-27 14:30 - 2015-10-27 14:30 - 00002385 _____ C:\Windows\system32\findit.xml
2015-10-27 14:30 - 2015-10-27 14:30 - 00000000 ____D C:\Users\Norma\Downloads\msvcp120x32__6629_i1726644727_il73
2015-10-27 14:30 - 2015-10-27 14:30 - 00000000 ____D C:\Users\Norma\AppData\Roaming\Mozilla
2015-10-27 14:30 - 2015-10-27 14:30 - 00000000 ____D C:\ProgramData\Medlights
2015-10-27 14:30 - 2015-10-27 14:30 - 00000000 ____D C:\ProgramData\ApplicationHosting
2015-10-27 14:26 - 2015-10-27 14:26 - 00000000 ____D C:\Users\Norma\AppData\Roaming\WinRAR
2015-10-27 14:26 - 2015-10-27 14:26 - 00000000 ____D C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-27 14:26 - 2015-10-27 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-27 14:26 - 2015-10-27 14:26 - 00000000 ____D C:\Program Files\WinRAR
2015-10-27 14:25 - 2015-10-27 14:26 - 01758688 _____ C:\Users\Norma\Downloads\wrar521.exe
2015-10-27 14:24 - 2015-10-27 14:47 - 00880370 _____ C:\Users\Norma\Downloads\msvcp120x32__6629_i1726644727_il73.rar
2015-10-27 14:11 - 2015-10-27 14:18 - 13391577 _____ C:\Users\Norma\Downloads\Cockatrice-WindowsClient (3).exe
2015-10-27 14:09 - 2015-06-06 19:08 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00064352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-27 14:09 - 2015-06-06 19:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-27 14:08 - 2015-10-27 14:08 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 13:37 - 2015-10-27 14:49 - 00000000 ____D C:\Program Files\Cockatrice
2015-10-27 13:31 - 2015-10-27 13:36 - 13391577 _____ C:\Users\Norma\Downloads\Cockatrice-WindowsClient (2).exe
2015-10-27 03:02 - 2015-07-30 09:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-27 01:02 - 2015-10-27 01:02 - 00929872 _____ (Google Inc.) C:\Users\Norma\Downloads\ChromeSetup (1).exe
2015-10-26 23:28 - 2015-09-18 14:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-26 23:28 - 2015-09-15 23:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-26 23:28 - 2015-09-15 23:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-26 23:28 - 2015-09-15 23:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-26 23:28 - 2015-09-15 23:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-26 23:28 - 2015-09-15 23:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-26 23:28 - 2015-09-15 23:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-26 23:28 - 2015-09-15 23:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-26 23:28 - 2015-09-15 23:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-26 23:28 - 2015-09-15 23:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-26 23:28 - 2015-09-15 23:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-26 23:28 - 2015-09-15 23:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-26 23:28 - 2015-09-15 23:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-26 23:28 - 2015-09-15 23:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-26 23:28 - 2015-09-15 23:23 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-26 23:28 - 2015-09-15 23:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-26 23:28 - 2015-09-15 23:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-26 23:28 - 2015-09-15 23:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-26 23:28 - 2015-09-15 23:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-26 23:28 - 2015-09-15 23:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-26 23:28 - 2015-09-15 23:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-26 23:28 - 2015-09-15 23:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-26 23:28 - 2015-09-15 23:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-26 23:28 - 2015-09-15 23:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-26 23:28 - 2015-09-15 23:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-26 23:28 - 2015-09-15 22:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-26 23:28 - 2015-09-15 22:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-26 23:28 - 2015-09-15 22:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-26 23:28 - 2015-09-15 22:56 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-26 23:28 - 2015-09-15 22:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-26 23:28 - 2015-09-15 22:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-26 23:28 - 2015-09-15 22:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-26 23:28 - 2015-09-15 22:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-26 23:28 - 2015-09-15 22:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-26 23:05 - 2015-09-28 23:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-26 23:05 - 2015-09-28 23:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-26 23:05 - 2015-09-28 23:02 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-26 23:05 - 2015-09-28 22:59 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-26 23:05 - 2015-09-28 22:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-26 23:05 - 2015-09-28 22:59 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-26 23:05 - 2015-09-28 22:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-26 23:05 - 2015-09-28 22:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-26 23:05 - 2015-09-28 22:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-26 23:05 - 2015-09-28 22:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-26 23:05 - 2015-09-28 22:58 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-26 23:05 - 2015-09-28 22:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-26 23:05 - 2015-09-28 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-26 23:05 - 2015-09-28 22:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-26 23:05 - 2015-09-28 22:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-26 23:05 - 2015-09-28 22:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-26 23:05 - 2015-09-28 22:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-26 23:05 - 2015-09-28 22:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-26 23:05 - 2015-09-28 22:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-26 23:05 - 2015-09-28 22:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-26 23:05 - 2015-09-28 21:43 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-26 23:05 - 2015-09-28 21:43 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-26 23:05 - 2015-09-28 21:43 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-26 23:05 - 2015-09-15 13:42 - 00139096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-26 23:05 - 2015-09-15 13:42 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-26 23:05 - 2015-09-15 13:36 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-26 23:05 - 2015-09-15 13:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-26 23:05 - 2015-09-15 13:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-26 23:05 - 2015-09-15 13:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-26 23:05 - 2015-09-15 13:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-26 23:05 - 2015-09-15 13:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-26 23:05 - 2015-09-15 13:35 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-26 23:05 - 2015-08-05 13:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-10-26 23:05 - 2015-08-05 13:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-10-26 23:05 - 2015-07-10 13:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-26 23:05 - 2015-07-10 13:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-10-26 23:05 - 2015-07-10 13:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-10-26 23:05 - 2015-07-09 13:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-26 23:05 - 2015-07-09 13:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-26 23:05 - 2015-07-01 16:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-26 23:05 - 2015-07-01 16:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-10-26 23:04 - 2015-08-05 13:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-26 22:59 - 2015-09-25 13:59 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-26 22:59 - 2015-09-25 13:59 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-26 22:59 - 2015-09-25 13:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-26 22:59 - 2015-09-25 13:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-26 22:59 - 2015-09-25 13:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-26 22:59 - 2015-09-25 13:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-26 22:59 - 2015-09-25 13:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-26 22:59 - 2015-09-25 13:58 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-26 22:59 - 2015-09-25 13:58 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-26 22:59 - 2015-09-25 13:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-26 22:59 - 2015-09-25 13:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-26 22:59 - 2015-09-01 22:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-10-26 22:59 - 2015-09-01 22:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-26 22:59 - 2015-09-01 22:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-10-26 22:59 - 2015-09-01 22:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-10-26 22:59 - 2015-09-01 21:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-26 22:59 - 2015-09-01 21:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-26 22:59 - 2015-08-06 13:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-26 22:59 - 2015-08-06 13:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-26 22:59 - 2015-07-30 13:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-26 22:59 - 2015-07-30 13:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-26 22:59 - 2015-07-30 13:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-26 22:59 - 2015-07-15 13:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-26 22:59 - 2015-07-15 13:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-10-26 22:59 - 2015-07-15 13:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-26 22:58 - 2015-10-01 13:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-26 22:58 - 2015-10-01 13:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-26 22:58 - 2015-10-01 13:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-26 22:58 - 2015-10-01 13:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-26 22:58 - 2015-10-01 13:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-26 22:58 - 2015-10-01 12:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-26 22:52 - 2015-07-14 22:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-26 22:52 - 2015-07-14 22:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-26 22:52 - 2015-07-14 22:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-26 22:52 - 2015-07-14 22:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-26 22:52 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-26 22:52 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-27 15:55 - 2015-04-25 14:08 - 00000000 ____D C:\FRST
2015-10-27 15:54 - 2015-07-30 04:06 - 00000000 ____D C:\Users\Norma\Desktop\FRST-OlderVersion
2015-10-27 15:54 - 2015-04-25 14:07 - 01701376 _____ (Farbar) C:\Users\Norma\Desktop\FRST.exe
2015-10-27 15:45 - 2015-04-10 14:55 - 00000000 ____D C:\Users\Norma\AppData\Local\VirtualStore
2015-10-27 15:37 - 2015-04-10 14:55 - 00000000 ____D C:\Users\Norma
2015-10-27 15:02 - 2015-04-10 15:35 - 01701520 _____ C:\Windows\WindowsUpdate.log
2015-10-27 15:01 - 2015-08-02 17:30 - 00000000 ____D C:\Program Files\Apple Software Update
2015-10-27 15:01 - 2015-04-25 17:56 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-27 14:58 - 2010-11-20 17:48 - 00013080 _____ C:\Windows\PFRO.log
2015-10-27 14:58 - 2009-07-14 00:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-27 14:58 - 2009-07-14 00:39 - 00073194 _____ C:\Windows\setupact.log
2015-10-27 14:58 - 2009-07-14 00:33 - 00285808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-27 14:57 - 2009-07-14 00:34 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-27 14:57 - 2009-07-14 00:34 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-27 14:42 - 2015-04-10 19:36 - 00063960 _____ C:\Users\Norma\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-27 14:36 - 2009-07-13 22:37 - 00000000 ___RD C:\Users\Public
2015-10-27 14:30 - 2015-04-25 18:28 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-27 14:30 - 2015-04-20 12:22 - 00001401 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-27 14:30 - 2015-04-10 14:55 - 00001405 _____ C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-27 14:30 - 2015-04-10 12:24 - 00001405 _____ C:\Users\sharilyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-27 04:02 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\rescache
2015-10-27 03:31 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-10-27 03:23 - 2011-04-11 22:24 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-27 00:56 - 2015-04-25 17:56 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
 
==================== Files in the root of some directories =======
 
2015-04-21 16:20 - 2015-04-25 12:03 - 0000020 _____ () C:\Users\Norma\AppData\Roaming\appdataFr3.bin
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo
2015-04-20 10:05 - 2015-04-20 10:05 - 1579520 _____ () C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe
2015-04-25 17:28 - 2015-04-25 17:39 - 0011338 _____ () C:\Users\Norma\AppData\Local\Temp-log.txt
2015-04-16 02:24 - 2015-04-16 02:24 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
C:\Users\Norma\AppData\Local\Temp\3224.exe
C:\Users\Norma\AppData\Local\Temp\5399iklit_559_setup.exe
C:\Users\Norma\AppData\Local\Temp\[email protected]
C:\Users\Norma\AppData\Local\Temp\masauto_runxx.dl.dll
C:\Users\Norma\AppData\Local\Temp\masblog_runxx.dl.dll
C:\Users\Norma\AppData\Local\Temp\masflag_runxx.dl.dll
C:\Users\Norma\AppData\Local\Temp\nsy2481.exe
C:\Users\Norma\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Norma\AppData\Local\Temp\ppstreamsetup_unfix.exe
C:\Users\Norma\AppData\Local\Temp\Quarantine.exe
C:\Users\Norma\AppData\Local\Temp\QYAgent_runxx.dl.dll
C:\Users\Norma\AppData\Local\Temp\setup.exe
C:\Users\Norma\AppData\Local\Temp\setup3.exe
C:\Users\Norma\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-27 03:54
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-10-2015 02
Ran by Norma (2015-10-27 15:55:46)
Running from C:\Users\Norma\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2015-04-10 18:55:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3661653562-1552711580-3814472317-500 - Administrator - Disabled)
Guest (S-1-5-21-3661653562-1552711580-3814472317-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3661653562-1552711580-3814472317-1002 - Limited - Enabled)
Norma (S-1-5-21-3661653562-1552711580-3814472317-1000 - Administrator - Enabled) => C:\Users\Norma
sharilyn (S-1-5-21-3661653562-1552711580-3814472317-1003 - Limited - Enabled) => C:\Users\sharilyn
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Apple Application Support (32-bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cockatrice (HKLM\...\Cockatrice) (Version:  - )
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HP Deskjet 1010 series Basic Device Software (HKLM\...\{12DE9DD8-1773-454D-97C0-C6616DDE394E}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1010 series Help (HKLM\...\{BFB6C2B0-9643-4B59-A706-71DEB3017A99}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Product Improvement Study for HP Deskjet 1010 series (HKLM\...\{43038EE2-C704-48EF-B9C9-88FA08D5E619}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
爱奇艺万能播放器 (HKLM\...\GeePlayer) (Version: 1.5.12.1411 - 爱奇艺) <==== ATTENTION
爱奇艺影音 (HKLM\...\IQIYI Video) (Version:  - 爱奇艺) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Norma\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Norma\AppData\Local\Temp\EA00\temp\BFD8.exe => No File
 
==================== Restore Points =========================
 
10-08-2015 00:17:00 Scheduled Checkpoint
17-08-2015 08:29:16 Scheduled Checkpoint
25-08-2015 11:23:15 Scheduled Checkpoint
02-09-2015 02:27:03 Scheduled Checkpoint
09-09-2015 21:49:16 Scheduled Checkpoint
17-09-2015 07:42:58 Scheduled Checkpoint
25-09-2015 15:56:49 Scheduled Checkpoint
03-10-2015 16:23:09 Scheduled Checkpoint
27-10-2015 00:54:38 Windows Update
27-10-2015 03:00:19 Windows Update
27-10-2015 14:08:50 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
27-10-2015 14:09:15 Windows Update
27-10-2015 14:19:36 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07CD2F94-A62D-4162-840E-79BA566C5FAA} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe [2015-10-27] (globalUpdate) <==== ATTENTION
Task: {1C2C1451-CE37-417A-A67F-1F972EFC5CCF} - System32\Tasks\{7ABBE00C-149D-4AEB-8881-ADF6F25C417C} => pcalua.exe -a "C:\ProgramData\Supreme AdBlocker\Supreme AdBlocker.exe" -c /progname=Supreme AdBlocker /progver=3.4.2 /progpub=Supreme AdBlocker /proguninstallurl=asdahjka.com /deleteappfolder=0  /VERYSILENT
Task: {33471B59-4057-4019-83C8-AFC6AA9AD4C6} - System32\Tasks\fWzkvhFfSu80kb1xUjqepq861uo => C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe [2015-04-20] () <==== ATTENTION
Task: {34A9DC9D-C596-476F-8B1C-6E5A2E184016} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe [2015-10-27] (globalUpdate) <==== ATTENTION
Task: {60520983-2F0F-4EEC-9214-F1B785834576} - System32\Tasks\HPCustParticipation HP Deskjet 1010 series => C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {7A09F06B-CE38-49A4-BC69-9E94DBEAEFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {92241E27-116C-4ACF-9AEC-A6A33B66412F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {CB652292-A2D4-4B98-8BE0-7C14F74FD927} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2AC3411-1B7C-4197-950D-608C03A074D1} - System32\Tasks\{BB3EF261-0700-4B75-A9A6-E5CE243FA87E} => pcalua.exe -a "C:\Program Files\Common Files\BigZunsoft\uninstall.exe" -c -f "C:\Program Files\Common Files\BigZunsoft\uninstall.dat" -a uninstallme 7DA4F09B-1444-4B1F-8DC3-EA690A50414C DeviceId=9152006a-98f7-1cc7-0d67-c68993157897 BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job => C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-15 16:27 - 2015-05-15 16:27 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-27 14:30 - 2015-10-25 05:47 - 00808448 _____ () C:\ProgramData\ApplicationHosting\ApplicationHosting.exe
2015-10-27 14:31 - 2015-10-21 22:08 - 00077824 ____H () C:\Program Files\baidu\pps.exe
2015-04-10 20:42 - 2014-02-10 16:44 - 04592128 _____ () C:\Users\Norma\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-10 20:42 - 2014-02-10 16:44 - 00112128 _____ () C:\Users\Norma\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-10-27 14:37 - 2015-08-04 09:36 - 00070728 _____ () C:\IQIYI Video\LStyle\zlib1.dll
2015-10-27 15:23 - 2015-08-04 09:37 - 06418024 _____ () C:\IQIYI Video\LStyle\puma.dll
2015-10-27 15:23 - 2015-08-04 09:37 - 01674344 _____ () C:\IQIYI Video\LStyle\libass.dll
2015-10-27 15:23 - 2015-08-04 09:37 - 01453672 _____ () C:\IQIYI Video\LStyle\Livenet5.dll
2015-10-27 15:23 - 2015-08-04 09:48 - 01600104 _____ () C:\IQIYI Video\LStyle\Mobile\QServProvider.dll
2015-10-27 15:23 - 2015-08-04 09:48 - 00728168 _____ () C:\IQIYI Video\LStyle\Mobile\AndroidService.exe
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 205.160.233.2 - 209.59.69.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{AE983D50-E993-4B02-BD0C-4ACD7734FF2F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5FC2815D-41A3-434F-88C4-CAF43F292026}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2AF9F6A4-7D52-4D43-ABAD-2014827A3A73}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C832083C-43A3-47C4-989B-A2EACD7F28D6}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{ACAA1483-AF0B-4F64-A3C0-50750528B34F}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{CA0D5478-7CD9-43FC-9EDA-68734F558663}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1F36ED8A-E1A5-4128-97C8-72A1EB4F1188}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2410D77A-2404-4547-B9DF-7F7264F8AC92}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{9428CDE7-793C-49F6-AEE2-25ADDA99FF3E}C:\windows.old\program files\magic 2015\dotp_d15.exe] => (Allow) C:\windows.old\program files\magic 2015\dotp_d15.exe
FirewallRules: [UDP Query User{425E1725-F24D-4D1D-ACBB-797058631BC1}C:\windows.old\program files\magic 2015\dotp_d15.exe] => (Allow) C:\windows.old\program files\magic 2015\dotp_d15.exe
FirewallRules: [{47FE35C9-8DC6-4C26-B29C-D827708F711B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{77C43079-F6C4-4174-B0FB-927E6F2B5E01}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D4CAC13F-7C45-4466-8A9C-59F1E82096DC}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6298E126-3349-4EDA-A7A3-264FB7404B42}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{295522EB-DFD3-460D-8DDC-70A031B3CA79}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A6EB8BDE-D337-4AD6-94F4-6FA474E1249A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1DE69FB6-9EBE-4540-B4A5-7B83916E91B2}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8ADA19C8-31D0-4A30-BC7C-0A66CAAA7CAB}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{75417FD4-F59C-43E2-9DBE-376D7FFDE35D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1D58C68D-DB20-47BC-829C-255FCAFCCFBB}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EBBB87CC-F180-4D9E-B836-47D8FF99CE71}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{723496E6-258B-4F42-8EDA-8D8C5CEA25E1}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{60B8FCE5-C093-4047-B902-6A9275BF838D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D0918DD4-2740-4F88-AA06-943457EF9F55}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{70232C82-627A-49A8-AB7F-7D00E5A9FC18}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0587C660-EADD-41B9-B3B4-DFB2C3139072}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{86DB2B0E-1306-4994-992D-AD45726AC3D7}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{001590E2-2EAF-4EF5-A903-B16EB54C41EA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1E46820B-6B80-4E93-920F-F9ECB8CCCDE6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E4937691-2A76-41B9-95A3-42C38BC3A030}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2B3ADB4-CD63-4313-92BD-40CD0E23650C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{54A79B60-37B7-4513-921E-2DD5A36F1E4C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{24381CCD-CC68-42EE-9955-C0DBE7C55EFE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D68AF40D-5B19-44E8-84DB-607152CB8B3F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EC23EA4B-1876-4141-9E77-76713F72CFF6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D760DCD2-E54F-4CEC-9F76-C7D1A6EC4725}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A84D651A-8898-4DE9-A137-EA2462A5BB29}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F63312EF-9DAA-49E4-B563-749DD10D59D4}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ABF14072-4AFA-4697-AD3C-4E3044B1DDEB}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F6F54590-E57E-4E93-8ACC-1C182D2D61EF}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9929021-75C7-42D8-8875-2ADBA6DEE54C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4EA3D77C-D37B-410F-A849-D1D63913D983}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B33CDA65-5ECE-4E45-8061-54B02010C996}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DFC82471-91C1-4D08-B882-658C2BD279A3}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8FB2110B-7E9C-4686-9AA6-EA71E6CA5BD3}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BDD2F8A6-46E7-4DA4-8973-05DC5F8A071C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E23F0C63-9208-4AF5-B995-737ABE21510F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6E1F2FB3-D0F7-4452-91B6-9A6A2FA2290C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E15CCCCA-C7B6-4274-A259-D599FFB9EE23}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2456C548-893F-4CCF-902D-1519734B0B4E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A85048E1-6266-470E-B57B-963EA5C31367}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4C27271C-8875-41D6-B887-AA2ED7C930DE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{686E7793-71BD-4468-BE73-BDAD20A5E9FD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{06F6CE92-6B5A-4B97-9FAE-A74A6464BC9C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7A8AB735-6D5E-4E56-A770-942615912B94}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{78564E19-17AF-4032-B48A-002A471D243C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{77FD5264-0628-4A20-9699-0F82B726805B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D078B2BD-5541-48D9-A285-A4675DBA0049}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BEA39276-30A4-4B3A-89D9-370F1311179D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7AE613DD-8041-43FD-9C79-82CDEED2AF34}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B5619815-1390-472D-B084-FFF97034886E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{547F9132-D32A-4028-8C63-D06BC8B0BAAA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DD3C0730-2E02-47CB-9CB2-2C7BD81E973F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D999C635-35A2-49D7-AFD0-812466B77246}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3F5CBFC2-0C2A-423A-AB3C-A8678ADE5647}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{59CBBB2D-E9D9-4E3B-8698-3889E496D752}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D900EFF5-DE3E-4C80-823E-318E9B535BA1}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BBEE83E1-2B8A-4365-A9E1-8DE776FA9581}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{73E722E0-0BA5-47C0-A113-880E0AF3F7DD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{305290A3-84B8-4F23-A934-83D898257186}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EEBB7245-7510-4973-AEC3-3E30B0BD4E1E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E857FEF8-4B9C-41FD-89F4-97C9E09C5F24}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E3FFA303-4466-48A5-A519-629E70005F78}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F445163D-26AF-49E2-AC2C-F21224D08578}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{033E6DED-4868-4718-8500-38E18FA04620}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8A6E7EC3-4E6D-4159-B217-EB47FCA0E3F6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A1ADD24C-7951-49FC-92F7-3E70E8CFEA12}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FD05536B-12B2-46B7-B950-ADD166A44C79}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9B4EE99F-8296-4F36-9649-F7985E48E0E8}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{492B719C-56BF-45B6-9A40-4B82433A89D5}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{100D47C7-5942-43D4-A8FB-DB98C4A0F34E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{990588ED-15EC-4AAB-B8B5-52466D22704E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{889938C7-6F74-4743-BE45-9EB397CED1A4}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{386DB3F2-EB68-4E7F-BAF8-83DA14F4A343}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DF06BD38-3EC8-41E8-AA04-5BB8A45238D9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{69FAB320-234B-4C34-9D99-788B5A5CC88D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{05C912C2-D2DA-440C-8BB4-31E0A32AE1A9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6275A1B7-DB90-492C-8197-E96AD307D169}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9FF90653-033E-40D7-BD88-7DA4C55C9995}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{194F469A-9B8E-4739-BE21-CDFF1EF9504B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7FAE283D-3574-4E62-86DB-9CE33C1635A3}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{817A8B34-388B-49E5-9D2E-5F96DCE0F5F1}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2277E245-7BEB-46E9-8BC7-714E0A899C40}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3734A595-CCB5-4C38-9E0E-D9697F4B9EB0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{31B0F39F-86A0-4091-9CFA-8618E9C081E5}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0A3311DD-D145-4917-B3A0-0583FA547D4D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{652DEA24-E63A-402B-A32B-493A3FF12CF2}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F06E9BE7-0E1D-4F58-A92C-D1B1442FBD34}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E7BEDD50-6FE5-4036-8CEA-74A8C6CDC769}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A3BF3041-85B7-4C24-9E41-DD92653DB265}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{09020F90-8222-4899-9020-569FD7B0210D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CF96DF90-6572-457C-8E5D-EB65F09FD33B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{43E8F928-ED7F-42D7-9EB5-890A3528B0F5}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{262E19DB-F060-4453-9296-EB35826A69B0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AC1F8032-0B86-4477-8428-3B34A20F150C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D1E2E665-2CDA-44EA-ADA4-F74959DA7740}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0AA592F0-97A7-42D9-B43A-0F900282B313}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{30E98880-E718-4D60-88E8-0353D6839DFE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7CE6293B-B857-423F-8F27-17A85EB93249}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F0C6E8F8-360F-436E-8B3C-34D40794AD84}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2F2332B-E32C-4C19-8BAB-03C8987652A6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{96488D65-5B3D-4B98-919C-F19A247533D9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{45BF5B32-E403-45DC-B4E3-26B43209D3CE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1239B246-1431-4F90-A1D9-2B7BFE08BDEE}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DE60DE65-D68C-4D5B-94B0-DEB1C76232F6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{266B9A3E-FAEB-44D9-B91C-CE49DAB2F79F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FF4CE3D4-DDA5-45DA-BC7B-115FC5AC8BEA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC021B06-DBD4-4F45-B73A-862277144792}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9A96BBB6-DEBF-4D0F-BA83-2A9D3103C247}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CFC8DDBA-F7B3-4862-A4A2-D1346FAAB10E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B4CC8EEC-6648-4B15-914D-EEF6638B8F70}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8C8C0093-2CCF-46E8-B561-FDA650C33235}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2ACC10FC-0356-402C-8090-C1178E78F7AA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1318F700-5127-4A3D-99AC-28C1E187DFDA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A6234941-3B87-47B7-8B3B-FFA5C7B5EFB3}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{94C24120-F101-4B4D-8C9D-465A436311D5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{37325CFC-E8E7-4F4A-BB8E-9D22038C0782}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FCB767A8-61F7-4022-8922-1C61509CFF3A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3000902E-8B0E-46CC-BCBF-26A23038876E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B9199BCB-921B-4A30-ACB6-60BBB20BFDAB}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{326B7A23-D2D2-4CDF-954A-D8461B4340D0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E830F5A8-889C-4AEC-8E2B-2F2956DDA611}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{14B079DB-7E54-473F-AD6D-64BCF6D0A6F8}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FCF25B0F-F055-4A05-819C-4E64BF47905F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8489CB2A-F6DD-495D-AB25-38C64EB57767}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{86CF446B-4998-415C-A2B6-D307EF5EDB6E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ED3BCBDB-9683-410A-B7F5-7CD14C0A42E6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ED9F8DF3-9E47-47A7-BC6F-970C9AE80192}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B71EDC4A-67DA-4DDC-A41E-1205FCB5CD0D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7E6B6E41-F5C3-40B3-B50E-64477DBCB3B4}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80A8FEF4-2C30-4F3E-8E8E-07B6D71B1706}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E6C6E4F5-FAB4-483D-96D2-D7BAF8BC38DC}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8074D8BC-49A3-42B5-B727-90A6DA7256CD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{238C77B7-1091-430C-8C42-824E35336B9B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F2A72451-71CA-4AB3-891B-87E71BAA75E6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EA087994-F30D-4CE0-B7EE-E77B5868A90D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CEAC234F-17BC-4F66-AF42-79F078AD6608}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B5E4C94B-EA13-420A-8ADA-0DF3BB44EC10}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B4489585-DA88-464A-9BED-C8DF0EB1CCFC}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A2140D4F-36EF-467C-87F3-3F936046B328}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8D1BA8C2-C9EB-4C6C-80CF-0414CD680335}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2905F500-9D5E-477F-8D75-64A916AAA48B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8C1CD6EB-9C04-4649-8960-430A82101194}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{79C57915-00BE-4D42-8B79-8A34B939DFB1}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8E2B4102-5989-4EF5-BA01-8981822057FD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C65344FA-69AD-42A8-906F-4C9E9D67CE83}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{301B2246-44BE-453A-B84E-ACF3F1D98834}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9E27E2FA-92C4-4C12-99AB-82B26DFCC033}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2A243F3A-4882-4D22-A78A-9355E7E0B4DB}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9BD51A25-E303-415B-8C69-848C01823AA8}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E8117D40-D02E-414E-BA23-CFA7C6BD97BD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{675FA3FB-9ECA-40AA-A675-D1C2BD34622F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8323B22D-7695-4156-96B9-A007C20518B8}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{16BA6ED7-536C-4FBF-8309-79BC75331B1D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{50D0A3C2-4FA7-4633-B182-3707209E5885}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{97040141-5C2F-40D4-B45F-CBAA170E2DEB}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D493C5B5-46A5-487E-B530-4134E0673D98}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{56671CDB-1EB9-4EB2-8B8E-08E8FBBE5835}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FE5CA98C-1812-47C8-994C-68FB8CAD57D6}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3F6322E2-5D2B-4D70-8C38-5D3041082035}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{70978499-5CA2-4745-A6BB-6D4A69BFFD87}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3D68C9D5-DFC4-4CCB-B8ED-5B5BB6CAFB7D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F235F5F8-B895-48D5-AB7A-C1BF6838BEF0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F65485FE-33A4-4814-BBA2-97A5EA59C89F}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EC86AABF-C998-420B-89DC-C10A652DC4EB}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7A4E0218-D7B0-45B8-A59E-A46296065159}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8EBAD511-3316-4016-B3BB-03751D3EB374}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5E6B4BAB-BD72-436B-9D70-470C7CB3AB00}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D35BFB24-EED7-4223-AB34-0C3A8755C083}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{65A98D9F-1D51-428E-85F7-A1DC257B97B5}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FEE3FE9B-E881-4297-B151-EF85695BB287}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9326B221-5A44-425F-A6BE-6E708E73F76B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9471F2FA-8127-434D-BAAC-849B6E970D69}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3EDB3609-46A9-44CE-9FB9-DB25832D3BB3}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{75EA7A0C-57AC-4D34-9CBF-AAE8268D13D1}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8C7564C0-0874-4C5E-8E6F-02527411B3FA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4053EEF2-A610-45E8-BA45-7EDAD6BD0445}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B63BC014-D325-4B5A-907E-48375B013C1A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B146DE17-1DB3-4CAA-8660-C8A252B568D9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{13BFAC5C-A32B-41B7-AB0B-69B00F539F8A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D49D52F9-B3D0-4FB7-B546-84EC3584C45D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E59118AF-B048-4808-B9B0-B2B7CA7288DF}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{45D4D4EE-C06D-4F7D-91CA-4F78FCEEF669}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{27A0ED11-53E7-4B0B-8B65-31664AB0A7CA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D6A86A79-9327-44EC-A619-D4661D67032E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{498A6D56-8E22-40E9-BC59-83E44AC68A0B}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{08B32CF6-71FB-465C-9783-1E00D02132D1}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{06B5BCC8-68C2-4418-A542-8C0FAD47E458}] => (Allow) C:\Users\Norma\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{C950FAE6-2FD3-4689-8832-669654ED8DCF}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{F6B00F7B-9276-4B80-99C0-0B3DF8883F93}] => (Allow) C:\Users\Norma\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{806807E2-5496-4631-8A44-0E5B51575D1D}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{B1105E8A-6F44-4D20-A3D4-1967587D94D1}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{A7B0DEAD-166C-4F04-9F1D-C38BBB9FE73E}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{21084635-790A-43AD-B763-DEA3B2B8E592}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{E6BEB43C-A57A-4125-A09E-EFCAA673589F}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{B2A4EB24-7AA3-4900-854D-A871D16DC435}] => (Allow) C:\Users\Norma\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{5075CE45-B2D2-4C68-91A6-99E69029CA75}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{293B01A9-6754-4C7A-B923-D10D7B540A66}] => (Allow) C:\IQIYI Video\LStyle\QyKernel.exe
FirewallRules: [{C57D255D-F016-43C2-B4BC-F95F45674D91}] => (Allow) C:\IQIYI Video\LStyle\QyMiniPlayer.exe
FirewallRules: [{9B55150C-19BE-4EAE-AFE0-981B7F705753}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{E4E20E15-A2AC-41C5-B45E-23464CCEF79D}] => (Allow) C:\Users\Norma\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{AA2F7482-1E7E-4C35-8936-11561BF99261}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{E8CF0370-BB91-4FA8-B61B-63592B90DA46}] => (Allow) C:\IQIYI Video\LStyle\QyKernel.exe
FirewallRules: [{02485459-DD66-4836-8CCF-8B37F659F782}] => (Allow) C:\IQIYI Video\LStyle\QyMiniPlayer.exe
FirewallRules: [{AF186C5F-F8D7-4695-82FF-3E9C5ACFDE89}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/27/2015 02:59:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/27/2015 02:22:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/27/2015 03:54:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/27/2015 03:26:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/27/2015 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5199311
 
Error: (10/27/2015 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5199311
 
Error: (10/27/2015 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/26/2015 09:32:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/04/2015 01:33:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10511472
 
Error: (10/04/2015 01:33:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (10/27/2015 03:35:06 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (10/26/2015 09:31:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:48:32 PM on ‎10/‎5/‎2015 was unexpected.
 
Error: (10/05/2015 08:16:44 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 115.8.0.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/05/2015 08:16:44 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.203.1153.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/05/2015 08:16:44 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.203.1153.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/05/2015 08:16:44 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.203.1153.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/04/2015 04:55:03 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 115.8.0.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/04/2015 04:55:03 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.203.1153.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/04/2015 04:55:03 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.203.1153.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/04/2015 04:55:03 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.203.1153.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 55%
Total physical RAM: 3543.25 MB
Available physical RAM: 1591.97 MB
Total Virtual: 7084.8 MB
Available Virtual: 5124.42 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:133.75 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 012E6B2F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 

Attached Thumbnails

  • missing.PNG
  • ddd.PNG

  • 0

Advertisements

#2
Essexboy
Posted 27 October 2015 - 02:21 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, first did you install the following programmes :

IQIYI
Baidu

We will look at the missing dll once clean

Re-install Chrome

Malware has changed your Chromeupdate. The only way to clear this is to re-install

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome.
Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

THEN

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNU71X8zMKdUmYOvbWN5ZGc8MldxlL4M5rh2mdD7hbkYuDnsDsaw5hQKOWO_TOD0GugDKjGeFERPFkg,,
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
BHO: °®ÆæÒÕÖúÊÖ -> {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} -> C:\IQIYI Video\LStyle\Accelerator\IEHelper.dll [2015-08-04] (???)
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-08-04] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [808448 2015-10-25] () [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-27] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-27] (globalUpdate) [File not signed] <==== ATTENTION
2015-10-27 14:46 - 2015-10-27 14:58 - 00001026 _____ C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job
2015-10-27 14:43 - 2015-10-27 14:58 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-10-27 14:43 - 2015-10-27 14:48 - 00000962 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-10-27 14:43 - 2015-10-27 14:43 - 00000000 ____D C:\Users\Norma\AppData\Local\globalUpdate
2015-10-27 14:43 - 2015-10-27 14:43 - 00000000 ____D C:\Program Files\globalUpdate
2015-10-27 14:37 - 2015-10-27 15:53 - 00000000 ____D C:\qycache
2015-10-27 14:37 - 2015-10-27 15:00 - 00000000 ____D C:\Users\Norma\AppData\Local\SysassistByHotWheel
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo
2015-04-20 10:05 - 2015-04-20 10:05 - 1579520 _____ () C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Norma\AppData\Local\Temp\EA00\temp\BFD8.exe => No File
Task: {07CD2F94-A62D-4162-840E-79BA566C5FAA} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe [2015-10-27] (globalUpdate) <==== ATTENTION
Task: {1C2C1451-CE37-417A-A67F-1F972EFC5CCF} - System32\Tasks\{7ABBE00C-149D-4AEB-8881-ADF6F25C417C} => pcalua.exe -a "C:\ProgramData\Supreme AdBlocker\Supreme AdBlocker.exe" -c /progname=Supreme AdBlocker /progver=3.4.2 /progpub=Supreme AdBlocker /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT
Task: {33471B59-4057-4019-83C8-AFC6AA9AD4C6} - System32\Tasks\fWzkvhFfSu80kb1xUjqepq861uo => C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe [2015-04-20] () <==== ATTENTION
Task: {34A9DC9D-C596-476F-8B1C-6E5A2E184016} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe [2015-10-27] (globalUpdate) <==== ATTENTION
Task: {D2AC3411-1B7C-4197-950D-608C03A074D1} - System32\Tasks\{BB3EF261-0700-4B75-A9A6-E5CE243FA87E} => pcalua.exe -a "C:\Program Files\Common Files\BigZunsoft\uninstall.exe" -c -f "C:\Program Files\Common Files\BigZunsoft\uninstall.dat" -a uninstallme 7DA4F09B-1444-4B1F-8DC3-EA690A50414C DeviceId=9152006a-98f7-1cc7-0d67-c68993157897 BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
C:\ProgramData\\ApplicationHosting
C:\Program Files\globalUpdate
C:\Program Files\Common Files\BigZunsoft\
C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe
C:\ProgramData\Supreme AdBlocker
Task: C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job => C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

FINALLY

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
Peacemaker2.0
Posted 27 October 2015 - 04:17 PM

Peacemaker2.0

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

yes to those files

 

Fix result of Farbar Recovery Scan Tool (x86) Version:25-10-2015 02
Ran by Norma (2015-10-27 17:52:29) Run:2
Running from C:\Users\Norma\Desktop
Loaded Profiles: Norma (Available Profiles: Norma & sharilyn & Guest)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNU71X8zMKdUmYOvbWN5ZGc8MldxlL4M5rh2mdD7hbkYuDnsDsaw5hQKOWO_TOD0GugDKjGeFERPFkg,,
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqmUgBeMMr6L1AxexXeuO1PdL1pVgNOikEOq3NkD-Vp0DKnDMMVSEKnGTDUwNyPUzukaUIs3ctDFqNULSpmqjWMZw2U2783zzSbmMkQEURJn_tgNQK4ODFbO-D1kbN7vw_v7zHYrkXkDqshqUZb566h2fsw,,&q={searchTerms}
BHO: °®ÆæÒÕÖúÊÖ -> {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} -> C:\IQIYI Video\LStyle\Accelerator\IEHelper.dll [2015-08-04] (???)
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-08-04] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [808448 2015-10-25] () [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-27] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-27] (globalUpdate) [File not signed] <==== ATTENTION
2015-10-27 14:46 - 2015-10-27 14:58 - 00001026 _____ C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job
2015-10-27 14:43 - 2015-10-27 14:58 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-10-27 14:43 - 2015-10-27 14:48 - 00000962 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-10-27 14:43 - 2015-10-27 14:43 - 00000000 ____D C:\Users\Norma\AppData\Local\globalUpdate
2015-10-27 14:43 - 2015-10-27 14:43 - 00000000 ____D C:\Program Files\globalUpdate
2015-10-27 14:37 - 2015-10-27 15:53 - 00000000 ____D C:\qycache
2015-10-27 14:37 - 2015-10-27 15:00 - 00000000 ____D C:\Users\Norma\AppData\Local\SysassistByHotWheel
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo
2015-04-20 10:05 - 2015-04-20 10:05 - 1579520 _____ () C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe
CustomCLSID: HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Norma\AppData\Local\Temp\EA00\temp\BFD8.exe => No File
Task: {07CD2F94-A62D-4162-840E-79BA566C5FAA} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe [2015-10-27] (globalUpdate) <==== ATTENTION
Task: {1C2C1451-CE37-417A-A67F-1F972EFC5CCF} - System32\Tasks\{7ABBE00C-149D-4AEB-8881-ADF6F25C417C} => pcalua.exe -a "C:\ProgramData\Supreme AdBlocker\Supreme AdBlocker.exe" -c /progname=Supreme AdBlocker /progver=3.4.2 /progpub=Supreme AdBlocker /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT
Task: {33471B59-4057-4019-83C8-AFC6AA9AD4C6} - System32\Tasks\fWzkvhFfSu80kb1xUjqepq861uo => C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe [2015-04-20] () <==== ATTENTION
Task: {34A9DC9D-C596-476F-8B1C-6E5A2E184016} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe [2015-10-27] (globalUpdate) <==== ATTENTION
Task: {D2AC3411-1B7C-4197-950D-608C03A074D1} - System32\Tasks\{BB3EF261-0700-4B75-A9A6-E5CE243FA87E} => pcalua.exe -a "C:\Program Files\Common Files\BigZunsoft\uninstall.exe" -c -f "C:\Program Files\Common Files\BigZunsoft\uninstall.dat" -a uninstallme 7DA4F09B-1444-4B1F-8DC3-EA690A50414C DeviceId=9152006a-98f7-1cc7-0d67-c68993157897 BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
C:\ProgramData\\ApplicationHosting
C:\Program Files\globalUpdate
C:\Program Files\Common Files\BigZunsoft\
C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe
C:\ProgramData\Supreme AdBlocker
Task: C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job => C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully.
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch" => key removed successfully.
HKCR\CLSID\ielnksrch => key not found. 
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully.
HKCR\CLSID\{ielnksrch} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}" => key removed successfully.
"HKCR\CLSID\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}" => key removed successfully.
"HKLM\Software\MozillaPlugins\@iqiyi.com/npclient" => key removed successfully.
C:\IQIYI Video\LStyle\npclient.dll => moved successfully
"HKLM\Software\MozillaPlugins\@iqiyi.com/npWebPlayer" => key removed successfully.
ApplicationHosting => Service stopped successfully.
ApplicationHosting => service removed successfully.
globalUpdate => service removed successfully.
globalUpdatem => service removed successfully.
C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job => moved successfully
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => moved successfully
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => moved successfully
C:\Users\Norma\AppData\Local\globalUpdate => moved successfully
C:\Program Files\globalUpdate => moved successfully
 
"C:\qycache" folder move:
 
Could not move "C:\qycache" => Scheduled to move on reboot.
 
C:\Users\Norma\AppData\Local\SysassistByHotWheel => moved successfully
C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo => moved successfully
C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe => moved successfully
"HKU\S-1-5-21-3661653562-1552711580-3814472317-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07CD2F94-A62D-4162-840E-79BA566C5FAA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07CD2F94-A62D-4162-840E-79BA566C5FAA}" => key removed successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C2C1451-CE37-417A-A67F-1F972EFC5CCF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C2C1451-CE37-417A-A67F-1F972EFC5CCF}" => key removed successfully.
C:\Windows\System32\Tasks\{7ABBE00C-149D-4AEB-8881-ADF6F25C417C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7ABBE00C-149D-4AEB-8881-ADF6F25C417C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{33471B59-4057-4019-83C8-AFC6AA9AD4C6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33471B59-4057-4019-83C8-AFC6AA9AD4C6}" => key removed successfully.
C:\Windows\System32\Tasks\fWzkvhFfSu80kb1xUjqepq861uo => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fWzkvhFfSu80kb1xUjqepq861uo" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{34A9DC9D-C596-476F-8B1C-6E5A2E184016}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34A9DC9D-C596-476F-8B1C-6E5A2E184016}" => key removed successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2AC3411-1B7C-4197-950D-608C03A074D1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2AC3411-1B7C-4197-950D-608C03A074D1}" => key removed successfully.
C:\Windows\System32\Tasks\{BB3EF261-0700-4B75-A9A6-E5CE243FA87E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB3EF261-0700-4B75-A9A6-E5CE243FA87E}" => key removed successfully.
C:\ProgramData\\ApplicationHosting => moved successfully
"C:\Program Files\globalUpdate" => not found.
"C:\Program Files\Common Files\BigZunsoft" => not found.
"C:\Users\Norma\AppData\Roaming\fWzkvhFfSu80kb1xUjqepq861uo.exe" => not found.
C:\ProgramData\Supreme AdBlocker => moved successfully
C:\Windows\Tasks\fWzkvhFfSu80kb1xUjqepq861uo.job => not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => not found.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {BAD6FE92-2039-46E2-B392-84E8BE42BF73}.
Unable to cancel {BE7CBAFA-B2FF-4121-83FA-234111FEC715}.
Unable to cancel {5817D466-9BCD-47FA-9677-5459029C0B7D}.
{05CF2F92-87BA-4CFB-8E7D-2F7580E024CF} canceled.
{C7C06F77-11F3-4308-8FEE-4B2D0FEB49D7} canceled.
{C6382F81-E872-425C-AED8-A8737322557F} canceled.
3 out of 6 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 1.1 GB temporary data Removed.
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-10-27 17:55:13)
 
C:\qycache => is moved successfully
 
==== End of Fixlog 17:55:14 ====
 
# AdwCleaner v5.015 - Logfile created 27/10/2015 at 18:10:49
# Updated 26/10/2015 by Xplode
# Database : 2015-10-26.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Norma - NORMA-PC
# Running from : C:\Users\Norma\Downloads\adwcleaner_5.015.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\IQIYI Video
[-] Folder Deleted : C:\qycache
[-] Folder Deleted : C:\ppsfile
[-] Folder Deleted : C:\ProgramData\IQIYI Video
[-] Folder Deleted : C:\Users\Norma\AppData\Local\SysassistByHotWheel
[-] Folder Deleted : C:\Users\Norma\AppData\Roaming\IQIYI Video
[-] Folder Deleted : C:\Users\Norma\AppData\Roaming\ppslog
 
***** [ Files ] *****
 
[-] File Deleted : C:\Windows\system32\roboot.exe
[-] File Deleted : C:\Windows\system32\findit.xml
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
[-] Shortcut Disinfected : C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Norma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Norma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\sharilyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\sharilyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\sharilyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [HCDNClient]
[-] Key Deleted : HKLM\SOFTWARE\Classes\qygameclient
[-] Key Deleted : HKLM\SOFTWARE\Classes\HCDNProxy
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\GEEPLAYER.DIR
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPLICATIONS\GEEPLAYER.EXE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PPStream.exe
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\GeePlayer.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{307B3CDB-9EE3-4137-9D18-F9AD6537ECEB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-31BE-43AE-B064-B9C62C883259}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5CD76C57-6893-478A-B776-47E7C82504BE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3-5CD0-40D3-BD87-DAFF37889F50}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E1D75F62-CBBD-45C7-9D1D-6B5ECEC2E006}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\QyGameClient
[-] Key Deleted : HKCU\Software\PPStream
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\QiYi
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PPStream
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GeePlayer
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-21-3661653562-1552711580-3814472317-1000\Software\AppDataLow\Software\QiYi
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [14570 bytes] ##########
 

  • 0

#4
Essexboy
Posted 28 October 2015 - 08:47 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK now do you have MSCVP120.dll file on the system ?  If so then copy it to the programme file folder of the programme that is missing it
 
If not then do the following https://www.native-i...l-file-windows/

Meanwhile how is the computer behaving ?
  • 0

#5
Peacemaker2.0
Posted 28 October 2015 - 09:20 AM

Peacemaker2.0

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

It's running okay but my music and video files still have the jap thing on them. When i click on them i have to chose what to open them with.

 

 

Attached Thumbnails

  • sssssdd.PNG

  • 0

#6
Essexboy
Posted 28 October 2015 - 09:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What is your music player ?

Have you set that player as default http://www.dummies.c...-windows-7.html
  • 0

#7
Peacemaker2.0
Posted 29 October 2015 - 07:20 AM

Peacemaker2.0

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Yes that fixed the problem thank so much for  the help


  • 0

#8
Essexboy
Posted 29 October 2015 - 08:33 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Any further problems before I tidy up ?


  • 0

#9
Essexboy
Posted 30 October 2015 - 03:11 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#10
Peacemaker2.0
Posted 31 October 2015 - 11:26 PM

Peacemaker2.0

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

okay thank you for all the help  :D


  • 0

#11
Essexboy
Posted 01 November 2015 - 04:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP