Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Updateflashplayer.exe keeps popping up.


  • This topic is locked This topic is locked
32 replies to this topic

#1 cpdion

cpdion

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:12:14 PM

Posted 22 August 2014 - 09:18 PM

 Well I looked this up and other people are saying they are having the same thing. They say it is from opening some kind of email, but I hardly get emails, but I am not sure. Anyway updateflashplayer.exe (it also has random numbers in it) keeps popping up and asking for permission to make changes to me computer. At first it was popping up like every 2 hours. Now if I start opening it IT KEEPS POPPING UP SECOND AFTER SECOND FOR LIKE 20 TIMES!This has been going on for a while. I think my brother did it, but he won't admit it so I will never really know how it happened. I know there was something about how you should not post the logs, but attach them, but it only said it for attach.txt. so i attached the dds.txt file and pasted it.

 

 

 

 

 

 

Attached File  attach.txt   10.98KB   0 downloads  Attached File  dds.txt   47.62KB   0 downloads  

 

 

DDS FILES:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17239  BrowserJavaVersion: 10.65.2
Run by Lisa at 22:06:56 on 2014-08-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6009.2580 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\OpenDownloaderManager\ODM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
svchost.exe
C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\splwow64.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
svchost.exe
svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\consent.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Windows\SysWOW64\cmd.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
C:\Windows\system32\consent.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [Facebook Update] "C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [Open Download Manager] C:\Program Files (x86)\OpenDownloaderManager\odm.exe -autorun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
uRun: [GoogleChromeAutoLaunch_A963AF10D41C891DDF74F25191F896A3] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [obununuo] "C:\Users\Lisa\AppData\Local\pmrxciqb.exe"
uRun: [uxsqumrq] "C:\Users\Lisa\AppData\Local\ftmbftun.exe"
uRun: [wmxhmtrl] "C:\Users\Lisa\AppData\Local\lnxnrbjh.exe"
uRun: [fbffvguv] "C:\Users\Lisa\AppData\Local\ksqkmgfn.exe"
uRun: [dcvwmnif] "C:\Users\Lisa\AppData\Local\nqnvgvvj.exe"
uRun: [aabddxgj] "C:\Users\Lisa\AppData\Local\gxjiiqou.exe"
uRun: [gcouijrg] "C:\Users\Lisa\AppData\Local\mtohoimn.exe"
uRun: [vdfxxgnd] "C:\Users\Lisa\AppData\Local\fmdvsdoh.exe"
uRun: [bhouqppw] "C:\Users\Lisa\AppData\Local\wqwiwtfg.exe"
uRun: [edgslvdg] "C:\Users\Lisa\AppData\Local\jcgfjtoa.exe"
uRun: [bexuvgqo] "C:\Users\Lisa\AppData\Local\ujlveuwg.exe"
uRun: [Owemyxgau] C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
uRun: [xwlukcal] "C:\Users\Lisa\AppData\Local\tgwxupsa.exe"
uRun: [Gepeuninesuldy] C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
uRun: [Iroxy] C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
uRun: [jnoiuicb] "C:\Users\Lisa\AppData\Local\akxhcokx.exe"
uRun: [Wyguosno] C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
uRun: [putbocao] "C:\Users\Lisa\AppData\Local\wxpufssv.exe"
uRun: [Buguicuzoltaa] C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
uRun: [gncbitsc] "C:\Users\Lisa\AppData\Local\imjkkxco.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Lisa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all with Open Download Manager - C:\Program Files (x86)\OpenDownloaderManager\dlall.htm
IE: Download selected with Open Download Manager - C:\Program Files (x86)\OpenDownloaderManager\dlselected.htm
IE: Download video with Open Download Manager - C:\Program Files (x86)\OpenDownloaderManager\dlfvideo.htm
IE: Download with Open Download Manager - C:\Program Files (x86)\OpenDownloaderManager\dllink.htm
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: live.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{8F19E1EA-1E94-4B39-82B5-9B0F94B0A67E} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{8F19E1EA-1E94-4B39-82B5-9B0F94B0A67E}\14454523876376230523 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8F19E1EA-1E94-4B39-82B5-9B0F94B0A67E}\2375942554136373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8F19E1EA-1E94-4B39-82B5-9B0F94B0A67E}\75962756C6563737F513 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{8F19E1EA-1E94-4B39-82B5-9B0F94B0A67E}\8457D60786275697723702960586F6E656 : DHCPNameServer = 172.20.10.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-26 16152]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-7-4 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-7-4 348552]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-2-9 53488]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-5-15 2356912]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2014-3-26 328928]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-26 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-11-24 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-3-26 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2014-3-26 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2014-3-26 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2014-3-26 328928]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-7-4 241456]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe [2014-3-25 1025712]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-7-4 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-10-6 189912]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-7-18 762192]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-5-26 1695040]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-5-26 363800]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-5-26 134696]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2012-5-26 21568]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-5-26 615976]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-5-26 39976]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-7-4 72128]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-5-26 176096]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-5-26 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-26 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-26 788760]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-7-4 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-7-4 523792]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-1-21 422712]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-26 685160]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-11-24 201304]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2014-8-16 24368]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-4-23 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-16 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-26 122584]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-7-4 225216]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-1-21 96592]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-7-4 106552]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-5-26 313448]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-28 1255736]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-11-24 201304]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-08-23 01:59:31 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Saviha
2014-08-23 01:40:18 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ymyneq
2014-08-22 20:58:18 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yzyfket
2014-08-22 20:05:08 132608 ----a-w- C:\Users\Lisa\AppData\Local\imjkkxco.exe
2014-08-22 20:04:41 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-22 10:20:24 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-22 10:18:19 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ircuuggu
2014-08-22 10:18:02 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Uwweaxag
2014-08-21 21:02:40 132096 ----a-w- C:\Users\Lisa\AppData\Local\wxpufssv.exe
2014-08-21 16:17:24 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Hutoite
2014-08-21 16:14:20 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-21 10:20:20 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Afuxriap
2014-08-21 02:27:09 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Peqiaz
2014-08-21 02:23:53 98304 ----a-w- C:\Users\Lisa\AppData\Local\hkiwuxep.exe
2014-08-21 02:10:50 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Adexve
2014-08-21 00:30:14 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Vauvqaz
2014-08-20 22:32:42 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Igaxuvky
2014-08-20 21:54:04 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Odypops
2014-08-20 21:15:42 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Enecorly
2014-08-20 21:14:08 132096 ----a-w- C:\Users\Lisa\AppData\Local\akxhcokx.exe
2014-08-20 18:19:21 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Daryca
2014-08-20 17:51:11 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-20 16:27:38 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Esmony
2014-08-20 14:29:03 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Etlyedav
2014-08-20 13:53:21 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Sapume
2014-08-20 13:33:55 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-20 05:55:45 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Owhodu
2014-08-20 05:52:09 86016 ----a-w- C:\Users\Lisa\AppData\Local\qjojndus.exe
2014-08-20 04:59:05 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Bypoudte
2014-08-20 03:20:19 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-20 03:17:10 122880 ----a-w- C:\Users\Lisa\AppData\Local\mplssuve.exe
2014-08-19 19:31:29 164864 ----a-w- C:\Users\Lisa\AppData\Local\tgwxupsa.exe
2014-08-19 02:22:40 86016 ----a-w- C:\Users\Lisa\AppData\Local\njjudrfv.exe
2014-08-19 01:48:37 86016 ----a-w- C:\Users\Lisa\AppData\Local\pxpnlkid.exe
2014-08-18 23:08:14 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-18 22:25:01 86016 ----a-w- C:\Users\Lisa\AppData\Local\adafhgir.exe
2014-08-18 21:54:36 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Exohrei
2014-08-18 21:02:07 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-18 21:00:59 165376 ----a-w- C:\Users\Lisa\AppData\Local\ujlveuwg.exe
2014-08-18 13:59:50 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Vaenvuih
2014-08-18 07:32:04 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ubykta
2014-08-18 04:27:03 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Fabemo
2014-08-18 02:26:41 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Xyzutob
2014-08-18 01:54:44 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ziqiadne
2014-08-18 00:29:22 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yvdoeq
2014-08-17 22:31:24 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Xoehhagu
2014-08-17 21:55:44 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ovitesdu
2014-08-17 20:13:28 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Emnihe
2014-08-17 18:27:58 165376 ----a-w- C:\Users\Lisa\AppData\Local\jcgfjtoa.exe
2014-08-17 16:14:05 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Efroav
2014-08-17 15:55:06 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Koqeaxwo
2014-08-17 08:14:29 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Qybyvo
2014-08-17 06:14:34 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ettyyhro
2014-08-17 05:57:14 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Almoiw
2014-08-17 04:14:37 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Fatakoi
2014-08-16 22:16:18 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Wyynda
2014-08-16 21:59:13 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ageqowb
2014-08-16 20:16:32 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Usypyw
2014-08-16 19:22:24 162816 ----a-w- C:\Users\Lisa\AppData\Local\wqwiwtfg.exe
2014-08-16 18:59:19 114176 ----a-w- C:\Windows\SysWow64\PCWizard.cpl
2014-08-16 18:59:18 -------- d-----w- C:\Program Files (x86)\CPUID
2014-08-16 18:36:50 -------- d-----w- C:\Users\Lisa\AppData\Local\The Witcher 2
2014-08-16 18:20:24 -------- d-----w- C:\Users\Lisa\AppData\Local\The Witcher
2014-08-16 18:17:14 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Guxonita
2014-08-16 17:42:58 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yziwnozy
2014-08-16 16:35:53 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Oxxiofv
2014-08-16 06:06:01 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-16 06:06:01 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-16 06:06:01 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-16 06:06:01 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-16 06:06:01 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-16 06:06:01 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-16 06:05:41 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-16 06:05:41 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-16 04:47:16 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-08-16 04:47:16 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-08-16 04:47:16 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-08-16 04:47:16 2363392 ----a-w- C:\Windows\SysWow64\msi.dll
2014-08-16 04:47:16 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-08-16 04:47:16 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-08-16 04:47:16 112064 ----a-w- C:\Windows\System32\consent.exe
2014-08-16 04:47:11 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-08-16 04:47:11 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-08-16 04:47:08 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-16 04:47:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-08-15 21:29:08 160768 ----a-w- C:\Users\Lisa\AppData\Local\fmdvsdoh.exe
2014-08-15 12:28:55 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ipkazi
2014-08-15 10:41:26 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Gyunuqse
2014-08-15 10:38:05 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Omusdysa
2014-08-15 08:16:11 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Sadyyvp
2014-08-14 02:16:43 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Edupeze
2014-08-14 01:46:17 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Fakayxki
2014-08-14 00:15:32 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Lolued
2014-08-13 17:48:41 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Amuqbibi
2014-08-13 14:25:24 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Reyrnax
2014-08-13 13:50:59 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ismyziy
2014-08-13 12:27:10 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Etdytiav
2014-08-13 10:25:00 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Okagcazi
2014-08-13 09:51:09 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Zawyloo
2014-08-13 08:15:12 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Itxaapky
2014-08-13 02:28:45 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Itulere
2014-08-13 01:54:32 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Dybyneo
2014-08-13 00:29:03 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Vinuvaav
2014-08-12 22:23:04 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ixhyafon
2014-08-12 02:18:24 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Cedoliu
2014-08-12 01:46:47 -------- d-----w- C:\Program Files\iPod
2014-08-12 01:46:46 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-12 01:46:46 -------- d-----w- C:\Program Files\iTunes
2014-08-12 01:46:46 -------- d-----w- C:\Program Files (x86)\iTunes
2014-08-12 01:44:22 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ozefuf
2014-08-12 01:16:45 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Uqoqofu
2014-08-11 23:54:52 -------- d-----w- C:\ProgramData\Package Cache
2014-08-11 22:20:20 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ekikxic
2014-08-11 21:58:58 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Tofoiluz
2014-08-11 12:20:50 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Uwcugyi
2014-08-11 10:11:25 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Peasrag
2014-08-11 10:09:32 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ynlyywo
2014-08-11 08:47:12 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yvucha
2014-08-11 07:31:10 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Kubuyqtu
2014-08-11 02:21:35 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ycilhaa
2014-08-11 01:46:20 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Kimebo
2014-08-11 00:21:15 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Voqiaqo
2014-08-10 22:22:29 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Pahubyyx
2014-08-10 21:48:08 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Rorahewi
2014-08-10 20:23:01 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Osofogif
2014-08-10 18:23:53 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Nayhedr
2014-08-10 17:50:20 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Kydeky
2014-08-10 16:25:06 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Igtoaxyk
2014-08-10 15:15:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 14:29:38 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Giuwfu
2014-08-10 14:06:29 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yqquqo
2014-08-10 10:24:09 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Niatuper
2014-08-10 09:49:38 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yfkiuwyl
2014-08-10 08:39:32 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Aqgaovbo
2014-08-10 04:25:27 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Nuhuwaug
2014-08-10 02:25:23 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Afwyel
2014-08-10 01:51:23 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Noydvup
2014-08-10 00:26:04 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Apiwaqmu
2014-08-09 22:26:46 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yxqazua
2014-08-09 22:13:00 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Uwucmoy
2014-08-09 20:28:15 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Feofek
2014-08-09 18:25:09 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Uparuvky
2014-08-08 02:16:56 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Asviohfi
2014-08-08 01:42:59 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yvbuubn
2014-08-08 00:25:33 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ahyfaruq
2014-08-07 23:37:50 -------- d-----w- C:\Users\Lisa\AppData\Local\Ubisoft
2014-08-07 22:23:44 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ryfogiu
2014-08-07 21:46:49 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Yduhdiix
2014-08-07 21:42:15 153600 ----a-w- C:\Users\Lisa\AppData\Local\mtohoimn.exe
2014-08-07 01:54:31 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Abpaax
2014-08-07 01:20:26 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Exazus
2014-08-06 23:24:27 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Utuksu
2014-08-06 23:22:04 153600 ----a-w- C:\Users\Lisa\AppData\Local\gxjiiqou.exe
2014-08-06 02:15:17 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ygfoyr
2014-08-06 01:58:03 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Edaqdi
2014-08-06 00:15:46 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Biawisig
2014-08-05 22:29:29 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Vealywr
2014-08-05 22:28:24 153600 ----a-w- C:\Users\Lisa\AppData\Local\nqnvgvvj.exe
2014-08-05 08:13:33 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Uqegxiw
2014-08-05 06:13:51 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ozmicu
2014-08-05 05:43:51 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Xuesyqu
2014-08-05 04:13:00 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ridiefc
2014-08-05 02:12:44 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Aksuby
2014-08-05 01:42:53 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Afsocah
2014-08-05 00:12:55 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Upyqxo
2014-08-04 22:13:31 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Xihiyb
2014-08-04 22:11:37 145408 ----a-w- C:\Users\Lisa\AppData\Local\ksqkmgfn.exe
2014-08-04 02:14:22 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Ywolukpe
2014-08-04 01:44:11 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Oqycam
2014-08-04 01:11:57 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Zoitoh
2014-08-03 20:24:44 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Bauwnyli
2014-08-03 18:51:15 117760 ----a-w- C:\Users\Lisa\AppData\Local\lnxnrbjh.exe
2014-08-03 07:48:21 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Lagyanf
2014-08-02 19:17:33 168448 ----a-w- C:\Users\Lisa\AppData\Local\ftmbftun.exe
2014-08-02 13:42:51 155648 ----a-w- C:\Users\Lisa\AppData\Local\pmrxciqb.exe
2014-08-02 00:06:29 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-02 00:06:14 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-02 00:06:14 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-02 00:05:34 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-02 00:05:34 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-02 00:05:34 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-08-02 00:05:34 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-08-01 14:34:02 -------- d-----w- C:\Users\Lisa\AppData\Local\WarThunder
2014-08-01 14:34:02 -------- d-----w- C:\ProgramData\WarThunder
2014-07-31 12:29:26 -------- d-----w- C:\Users\Lisa\AppData\Roaming\StunlockStudios
2014-07-30 21:03:47 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-26 16:57:33 -------- d-----w- C:\Users\Lisa\AppData\Roaming\java
2014-07-26 09:08:14 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2014-07-26 09:08:14 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2014-07-26 09:08:12 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2014-07-26 09:07:21 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2014-07-26 09:07:14 -------- d-----w- C:\Riot Games
2014-07-26 09:04:04 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Riot Games
2014-07-24 21:17:42 -------- d-----w- C:\Users\Lisa\AppData\Roaming\RIFT
.
==================== Find3M  ====================
.
2014-08-18 23:07:01 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-18 22:37:34 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-07 02:06:41 529920 ----a-w- C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-07-26 16:30:09 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-22 19:14:46 137376 ----a-w- C:\Windows\System32\vcomp120.dll
2014-07-21 11:17:37 0 ----a-w- C:\Windows\SysWow64\shoFF4B.tmp
2014-07-20 04:48:50 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-20 04:48:50 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-13 11:05:49 0 ----a-w- C:\Windows\SysWow64\sho44B6.tmp
2014-07-06 10:35:48 0 ----a-w- C:\Windows\SysWow64\sho8410.tmp
2014-07-02 08:36:21 0 ----a-w- C:\Windows\SysWow64\sho4A49.tmp
2014-06-27 10:38:58 0 ----a-w- C:\Windows\SysWow64\sho6FA2.tmp
2014-06-25 10:32:05 0 ----a-w- C:\Windows\SysWow64\shoD858.tmp
2014-06-20 14:38:22 72128 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-06-20 14:31:06 348552 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-06-20 14:30:38 189912 ----a-w- C:\Windows\System32\mfevtps.exe
2014-06-20 14:26:02 786296 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-06-20 14:23:40 523792 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-06-20 14:21:48 313544 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2014-06-20 14:20:54 181704 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-12 08:24:04 0 ----a-w- C:\Windows\SysWow64\sho7B82.tmp
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-06-03 09:58:38 0 ----a-w- C:\Windows\SysWow64\sho7714.tmp
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-05-27 10:02:45 0 ----a-w- C:\Windows\SysWow64\sho4E36.tmp
.
============= FINISH: 22:08:58.32 ===============
 

 

 

 

 

 

 

 

 

 

 

 

 



BC AdBot (Login to Remove)

 


#2 cpdion

cpdion
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:12:14 PM

Posted 22 August 2014 - 09:37 PM

.


Edited by cpdion, 22 August 2014 - 09:41 PM.


#3 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,078 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:14 PM

Posted 23 August 2014 - 06:19 AM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi cpdion, 

I must give you this warning:
 
Looking through your logs, one or more of your infections has been identified as a Backdoor Trojan. These threats have backdoor functionality which allows hackers to remotely control your computer, steal critical system information, and download and execute files.
 
I highly suggest you to disconnect this PC from the Internet immediately, and if possible use a clean computer and a flash drive to transfer the programs I request for you to run. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. It would be wise to contact those same financial institutions to notify them of your situation.
 
Due to the nature of this trojan, your computer is very likely to be compromised. There is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
 
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
 
We can still clean this machine, but I can't guarantee that it will be 100% secure afterwards. If you decide to continue cleaning this machine, follow on with the rest of the steps posted below. If you do not want to clean this machine, please let me know.
 
--------------

Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#4 cpdion

cpdion
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:12:14 PM

Posted 23 August 2014 - 11:31 AM

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2014
Ran by Lisa (administrator) on LISA-PC on 23-08-2014 12:24:05
Running from C:\Users\Lisa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(OpenDownloadManager.com) C:\Program Files (x86)\OpenDownloaderManager\ODM.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
(Meskisift Corporatien) C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
(PowerCmd Software) C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
(Mesrisift Corporatien) C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
(CrystalIDEA Software) C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-01-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-14] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4365984 2012-03-12] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-03-16] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-13] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Facebook Update] => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-15] (Facebook Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-05] (Electronic Arts)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Open Download Manager] => C:\Program Files (x86)\OpenDownloaderManager\odm.exe [6369280 2013-05-31] (OpenDownloadManager.com)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [GoogleChromeAutoLaunch_A963AF10D41C891DDF74F25191F896A3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-06-28] (Google Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [obununuo] => C:\Users\Lisa\AppData\Local\pmrxciqb.exe [155648 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [uxsqumrq] => C:\Users\Lisa\AppData\Local\ftmbftun.exe [168448 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [wmxhmtrl] => C:\Users\Lisa\AppData\Local\lnxnrbjh.exe [117760 2014-08-03] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [fbffvguv] => C:\Users\Lisa\AppData\Local\ksqkmgfn.exe [145408 2014-08-04] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [dcvwmnif] => C:\Users\Lisa\AppData\Local\nqnvgvvj.exe [153600 2014-08-05] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [aabddxgj] => C:\Users\Lisa\AppData\Local\gxjiiqou.exe [153600 2014-08-06] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gcouijrg] => C:\Users\Lisa\AppData\Local\mtohoimn.exe [153600 2014-08-07] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [vdfxxgnd] => C:\Users\Lisa\AppData\Local\fmdvsdoh.exe [160768 2014-08-15] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bhouqppw] => C:\Users\Lisa\AppData\Local\wqwiwtfg.exe [162816 2014-08-16] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [edgslvdg] => C:\Users\Lisa\AppData\Local\jcgfjtoa.exe [165376 2014-08-17] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bexuvgqo] => C:\Users\Lisa\AppData\Local\ujlveuwg.exe [165376 2014-08-18] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Owemyxgau] => C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe [368640 2013-09-24] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [xwlukcal] => C:\Users\Lisa\AppData\Local\tgwxupsa.exe [164864 2014-08-19] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Gepeuninesuldy] => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [307322 2013-04-17] (Meskisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Iroxy] => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [460288 2014-03-13] (PowerCmd Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [jnoiuicb] => C:\Users\Lisa\AppData\Local\akxhcokx.exe [132096 2014-08-20] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Wyguosno] => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [308409 2014-05-25] (Mesrisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [putbocao] => C:\Users\Lisa\AppData\Local\wxpufssv.exe [132096 2014-08-21] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Buguicuzoltaa] => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [413184 2012-07-12] (CrystalIDEA Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gncbitsc] => C:\Users\Lisa\AppData\Local\imjkkxco.exe [132608 2014-08-22] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Igful] => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [277504 2012-07-19] (M1crosoft Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\MountPoints2: {2f949a7c-b3b4-11e3-9791-c01885bc5d88} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\MountPoints2: {cdee40c8-a6f4-11e1-bda5-806e6f6e6963} - D:\Autorun.exe
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1010 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1010 series.lnk -> C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3F9B7245-D3E7-43AD-A837-9886B9105873} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US440&p={SearchTerms}
SearchScopes: HKCU - {3F9B7245-D3E7-43AD-A837-9886B9105873} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US440&p={SearchTerms}
SearchScopes: HKCU - {C2AB3595-E55C-42A0-B934-70A8A1C42D2D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Lisa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Lisa\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-07-04]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-07-04]
 
Chrome: 
=======
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-10]
CHR Extension: (MapsGalaxy) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb [2014-08-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\McAfee\MSC\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-03-16] (Dell Inc.) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
U3 mfeapfk01; No ImagePath
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTPASp50a64; System32\Drivers\NTPASp50a64.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-23 12:24 - 2014-08-23 12:25 - 00032914 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-08-23 12:22 - 2014-08-23 12:24 - 00000000 ____D () C:\FRST
2014-08-23 12:22 - 2014-08-23 12:22 - 02103296 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2014-08-23 12:14 - 2014-08-23 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 392046224
2014-08-23 12:14 - 2014-08-23 12:14 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 392046224.job
2014-08-23 12:14 - 2014-08-23 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-23 12:09 - 2014-08-23 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-23 04:20 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2038411680.job
2014-08-23 04:20 - 2014-08-23 04:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2038411680
2014-08-23 04:20 - 2014-08-23 04:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ydpyyny
2014-08-23 04:02 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3089754028.job
2014-08-23 04:02 - 2014-08-23 04:02 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3089754028
2014-08-23 04:02 - 2014-08-23 04:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubyfinv
2014-08-23 00:15 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2979509591.job
2014-08-23 00:15 - 2014-08-23 00:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2979509591
2014-08-23 00:15 - 2014-08-23 00:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Paaqnaes
2014-08-22 22:40 - 2014-08-22 22:40 - 00011243 _____ () C:\Users\Lisa\Downloads\attach.txt
2014-08-22 22:29 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2191080318.job
2014-08-22 22:29 - 2014-08-22 22:29 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2191080318
2014-08-22 22:29 - 2014-08-22 22:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Egihnil
2014-08-22 22:08 - 2014-08-22 22:13 - 00048762 _____ () C:\Users\Lisa\Desktop\dds.txt
2014-08-22 21:59 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1855888854.job
2014-08-22 21:59 - 2014-08-22 21:59 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1855888854
2014-08-22 21:59 - 2014-08-22 21:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Saviha
2014-08-22 21:54 - 2014-08-22 21:57 - 00011243 _____ () C:\Users\Lisa\Desktop\attach.txt
2014-08-22 21:52 - 2014-08-22 21:52 - 00688992 ____R (Swearware) C:\Users\Lisa\Downloads\dds.com
2014-08-22 21:40 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2194090041.job
2014-08-22 21:40 - 2014-08-22 21:40 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2194090041
2014-08-22 21:40 - 2014-08-22 21:40 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ymyneq
2014-08-22 21:26 - 2014-08-22 21:26 - 00003728 ____N () C:\bootsqm.dat
2014-08-22 17:53 - 2014-08-22 17:53 - 00000017 _____ () C:\Users\Lisa\AppData\Local\resmon.resmoncfg
2014-08-22 16:58 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 371833040.job
2014-08-22 16:58 - 2014-08-22 16:58 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 371833040
2014-08-22 16:58 - 2014-08-22 16:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yzyfket
2014-08-22 16:05 - 2014-08-22 16:05 - 00132608 _____ () C:\Users\Lisa\AppData\Local\imjkkxco.exe
2014-08-22 16:04 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 3431837355.job
2014-08-22 16:04 - 2014-08-22 16:04 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 3431837355
2014-08-22 16:04 - 2014-08-22 16:04 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-22 15:58 - 2014-08-22 15:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-08-22 06:20 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3488534018.job
2014-08-22 06:20 - 2014-08-22 06:20 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3488534018
2014-08-22 06:20 - 2014-08-22 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-22 06:18 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 966665472.job
2014-08-22 06:18 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3715843453.job
2014-08-22 06:18 - 2014-08-22 06:18 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 966665472
2014-08-22 06:18 - 2014-08-22 06:18 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3715843453
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwweaxag
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ircuuggu
2014-08-21 17:02 - 2014-08-21 17:02 - 00132096 _____ () C:\Users\Lisa\AppData\Local\wxpufssv.exe
2014-08-21 12:17 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1586098165.job
2014-08-21 12:17 - 2014-08-21 12:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1586098165
2014-08-21 12:17 - 2014-08-21 12:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Hutoite
2014-08-21 12:14 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 927385066.job
2014-08-21 12:14 - 2014-08-21 12:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 927385066
2014-08-21 12:14 - 2014-08-21 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-21 06:20 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2836356992.job
2014-08-21 06:20 - 2014-08-21 06:20 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2836356992
2014-08-21 06:20 - 2014-08-21 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afuxriap
2014-08-20 22:27 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 752820688.job
2014-08-20 22:27 - 2014-08-20 22:27 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 752820688
2014-08-20 22:27 - 2014-08-20 22:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peqiaz
2014-08-20 22:23 - 2014-08-20 22:23 - 00098304 _____ () C:\Users\Lisa\AppData\Local\hkiwuxep.exe
2014-08-20 22:10 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1640359643.job
2014-08-20 22:10 - 2014-08-20 22:10 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1640359643
2014-08-20 22:10 - 2014-08-20 22:10 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Adexve
2014-08-20 20:30 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2106932050.job
2014-08-20 20:30 - 2014-08-20 20:30 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2106932050
2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vauvqaz
2014-08-20 18:32 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3150405157.job
2014-08-20 18:32 - 2014-08-20 18:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3150405157
2014-08-20 18:32 - 2014-08-20 18:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igaxuvky
2014-08-20 17:54 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1355868994.job
2014-08-20 17:54 - 2014-08-20 17:54 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1355868994
2014-08-20 17:54 - 2014-08-20 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Odypops
2014-08-20 17:15 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2029705305.job
2014-08-20 17:15 - 2014-08-20 17:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2029705305
2014-08-20 17:15 - 2014-08-20 17:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Enecorly
2014-08-20 17:14 - 2014-08-20 17:14 - 00132096 _____ () C:\Users\Lisa\AppData\Local\akxhcokx.exe
2014-08-20 14:19 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104751866.job
2014-08-20 14:19 - 2014-08-20 14:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104751866
2014-08-20 14:19 - 2014-08-20 14:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Daryca
2014-08-20 13:51 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3983964077.job
2014-08-20 13:51 - 2014-08-20 13:51 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3983964077
2014-08-20 13:51 - 2014-08-20 13:51 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-20 12:27 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2479261886.job
2014-08-20 12:27 - 2014-08-20 12:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2479261886
2014-08-20 12:27 - 2014-08-20 12:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Esmony
2014-08-20 10:29 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2109373424.job
2014-08-20 10:29 - 2014-08-20 10:29 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2109373424
2014-08-20 10:29 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etlyedav
2014-08-20 09:53 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3942642799.job
2014-08-20 09:53 - 2014-08-20 09:53 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3942642799
2014-08-20 09:53 - 2014-08-20 09:53 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sapume
2014-08-20 09:33 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 418947291.job
2014-08-20 09:33 - 2014-08-20 09:33 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 418947291
2014-08-20 09:33 - 2014-08-20 09:33 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-20 01:55 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3338805954.job
2014-08-20 01:55 - 2014-08-20 01:55 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3338805954
2014-08-20 01:55 - 2014-08-20 01:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Owhodu
2014-08-20 01:52 - 2014-08-20 01:52 - 00086016 _____ () C:\Users\Lisa\AppData\Local\qjojndus.exe
2014-08-20 01:16 - 2014-08-20 02:05 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_2120
2014-08-20 00:59 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 846557512.job
2014-08-20 00:59 - 2014-08-20 00:59 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 846557512
2014-08-20 00:59 - 2014-08-20 00:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bypoudte
2014-08-19 23:20 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2498235418.job
2014-08-19 23:20 - 2014-08-19 23:20 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2498235418
2014-08-19 23:20 - 2014-08-19 23:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-19 23:17 - 2014-08-19 23:17 - 00122880 _____ () C:\Users\Lisa\AppData\Local\mplssuve.exe
2014-08-19 15:31 - 2014-08-19 15:31 - 00164864 _____ () C:\Users\Lisa\AppData\Local\tgwxupsa.exe
2014-08-19 08:28 - 2014-08-19 08:28 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_3EA
2014-08-18 22:22 - 2014-08-18 22:22 - 00086016 _____ () C:\Users\Lisa\AppData\Local\njjudrfv.exe
2014-08-18 21:48 - 2014-08-18 21:48 - 00086016 _____ () C:\Users\Lisa\AppData\Local\pxpnlkid.exe
2014-08-18 19:08 - 2014-08-18 19:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-18 18:54 - 2014-08-18 18:55 - 00036473 _____ () C:\Windows\SysWOW64\Result.txt
2014-08-18 18:25 - 2014-08-18 18:25 - 00086016 _____ () C:\Users\Lisa\AppData\Local\adafhgir.exe
2014-08-18 17:54 - 2014-08-18 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exohrei
2014-08-18 17:53 - 2014-08-18 18:37 - 00036252 _____ () C:\Users\Lisa\Downloads\Result.txt
2014-08-18 17:48 - 2014-08-18 18:35 - 00002757 _____ () C:\Users\Lisa\Downloads\FSS.txt
2014-08-18 17:28 - 2014-08-18 17:28 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Downloads\rkill.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00401920 _____ (Farbar) C:\Users\Lisa\Downloads\MiniToolBox.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 17:27 - 2014-08-18 17:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00854417 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00415232 _____ (Farbar) C:\Users\Lisa\Downloads\FSS.exe
2014-08-18 17:02 - 2014-08-18 17:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-18 17:00 - 2014-08-18 17:00 - 00165376 _____ () C:\Users\Lisa\AppData\Local\ujlveuwg.exe
2014-08-18 09:59 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaenvuih
2014-08-18 03:32 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubykta
2014-08-18 00:27 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fabemo
2014-08-17 22:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xyzutob
2014-08-17 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ziqiadne
2014-08-17 20:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvdoeq
2014-08-17 18:31 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xoehhagu
2014-08-17 17:55 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ovitesdu
2014-08-17 16:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Emnihe
2014-08-17 14:27 - 2014-08-17 14:27 - 00165376 _____ () C:\Users\Lisa\AppData\Local\jcgfjtoa.exe
2014-08-17 12:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Efroav
2014-08-17 11:55 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Koqeaxwo
2014-08-17 04:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qybyvo
2014-08-17 02:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ettyyhro
2014-08-17 01:57 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Almoiw
2014-08-17 00:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fatakoi
2014-08-16 18:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Wyynda
2014-08-16 17:59 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ageqowb
2014-08-16 16:16 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Usypyw
2014-08-16 15:22 - 2014-08-16 15:22 - 00162816 _____ () C:\Users\Lisa\AppData\Local\wqwiwtfg.exe
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-08-16 14:59 - 2012-02-14 12:49 - 00114176 _____ (CPUID) C:\Windows\SysWOW64\PCWizard.cpl
2014-08-16 14:58 - 2014-08-16 14:58 - 05324650 _____ (CPUID ) C:\Users\Lisa\Downloads\pc-wizard_2012.2.11-setup.exe
2014-08-16 14:36 - 2014-08-17 14:56 - 00000000 ____D () C:\Users\Lisa\Documents\Witcher 2
2014-08-16 14:36 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher 2
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\Documents\The Witcher
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher
2014-08-16 14:17 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Guxonita
2014-08-16 14:16 - 2014-08-16 14:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-08-16 13:42 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yziwnozy
2014-08-16 12:35 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oxxiofv
2014-08-16 02:06 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 02:06 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 02:06 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 02:06 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 02:06 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 02:06 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 02:05 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 02:05 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-16 00:47 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 00:47 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-16 00:47 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-16 00:47 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-16 00:47 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-16 00:47 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-16 00:47 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-16 00:46 - 2014-08-06 22:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-16 00:46 - 2014-08-06 22:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-16 00:46 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-16 00:46 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-16 00:46 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 00:46 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-16 00:46 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-16 00:46 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 00:46 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-16 00:46 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-16 00:46 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-16 00:46 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 00:46 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-16 00:46 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-16 00:46 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-16 00:46 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-16 00:46 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-16 00:46 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-16 00:46 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-16 00:46 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-16 00:46 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-16 00:46 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 00:46 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-16 00:46 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-16 00:46 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-16 00:46 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-16 00:46 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 00:46 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-16 00:46 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 00:46 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-16 00:46 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-16 00:46 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 00:46 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-16 00:46 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-16 00:46 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 00:46 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-16 00:46 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-16 00:46 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 00:46 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 00:46 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 00:46 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 00:46 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-16 00:46 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 00:46 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-16 00:46 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-16 00:46 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 00:46 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 00:46 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 00:46 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 00:46 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-16 00:46 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-16 00:46 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 00:46 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 00:46 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 00:46 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-16 00:46 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-16 00:46 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 00:46 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 00:46 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-16 00:46 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-16 00:46 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 20:42 - 2014-08-15 20:42 - 25184629 _____ () C:\Users\Lisa\Downloads\Modern HD 1.8.zip
2014-08-15 17:29 - 2014-08-15 17:29 - 00160768 _____ () C:\Users\Lisa\AppData\Local\fmdvsdoh.exe
2014-08-15 08:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ipkazi
2014-08-15 06:41 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gyunuqse
2014-08-15 06:38 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Omusdysa
2014-08-15 04:16 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sadyyvp
2014-08-13 22:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edupeze
2014-08-13 21:46 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fakayxki
2014-08-13 20:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lolued
2014-08-13 13:48 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Amuqbibi
2014-08-13 10:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Reyrnax
2014-08-13 09:50 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ismyziy
2014-08-13 08:27 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etdytiav
2014-08-13 06:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Okagcazi
2014-08-13 05:51 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zawyloo
2014-08-13 04:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itxaapky
2014-08-12 22:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itulere
2014-08-12 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Dybyneo
2014-08-12 20:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vinuvaav
2014-08-12 18:23 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ixhyafon
2014-08-11 22:18 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Cedoliu
2014-08-11 21:47 - 2014-08-11 21:47 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 21:47 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 21:46 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iPod
2014-08-11 21:44 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozefuf
2014-08-11 21:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqoqofu
2014-08-11 19:54 - 2014-08-11 19:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 18:20 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekikxic
2014-08-11 17:58 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Tofoiluz
2014-08-11 08:20 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwcugyi
2014-08-11 06:11 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peasrag
2014-08-11 06:09 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ynlyywo
2014-08-11 04:47 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvucha
2014-08-11 03:31 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kubuyqtu
2014-08-10 22:27 - 2014-08-10 22:27 - 00000000 _____ () C:\Users\Lisa\cd
2014-08-10 22:21 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycilhaa
2014-08-10 22:20 - 2014-08-10 22:20 - 03001270 _____ () C:\Users\Lisa\Downloads\Minecraft-Region-Fixer-0.1.3 (win32).zip
2014-08-10 21:46 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kimebo
2014-08-10 20:21 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Voqiaqo
2014-08-10 18:22 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Pahubyyx
2014-08-10 17:48 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Rorahewi
2014-08-10 16:23 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Osofogif
2014-08-10 14:23 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nayhedr
2014-08-10 13:50 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kydeky
2014-08-10 12:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igtoaxyk
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-10 10:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Giuwfu
2014-08-10 10:06 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqquqo
2014-08-10 06:24 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Niatuper
2014-08-10 05:49 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yfkiuwyl
2014-08-10 04:39 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aqgaovbo
2014-08-10 00:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nuhuwaug
2014-08-09 22:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afwyel
2014-08-09 21:51 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noydvup
2014-08-09 20:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Apiwaqmu
2014-08-09 18:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxqazua
2014-08-09 18:13 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwucmoy
2014-08-09 17:13 - 2014-08-09 17:23 - 00000000 ____D () C:\Users\Lisa\Documents\Euro Truck Simulator 2
2014-08-09 16:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Feofek
2014-08-09 14:25 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uparuvky
2014-08-07 22:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Asviohfi
2014-08-07 21:42 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvbuubn
2014-08-07 20:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ahyfaruq
2014-08-07 19:37 - 2014-08-07 19:37 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Ubisoft
2014-08-07 18:23 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ryfogiu
2014-08-07 17:46 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yduhdiix
2014-08-07 17:42 - 2014-08-07 17:42 - 00153600 _____ () C:\Users\Lisa\AppData\Local\mtohoimn.exe
2014-08-06 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Abpaax
2014-08-06 21:20 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exazus
2014-08-06 19:24 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Utuksu
2014-08-06 19:22 - 2014-08-06 19:22 - 00153600 _____ () C:\Users\Lisa\AppData\Local\gxjiiqou.exe
2014-08-05 22:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ygfoyr
2014-08-05 21:58 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edaqdi
2014-08-05 20:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biawisig
2014-08-05 18:29 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vealywr
2014-08-05 18:28 - 2014-08-05 18:28 - 00153600 _____ () C:\Users\Lisa\AppData\Local\nqnvgvvj.exe
2014-08-05 04:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqegxiw
2014-08-05 02:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozmicu
2014-08-05 01:43 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xuesyqu
2014-08-05 00:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ridiefc
2014-08-04 22:12 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aksuby
2014-08-04 21:42 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afsocah
2014-08-04 20:12 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Upyqxo
2014-08-04 18:13 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xihiyb
2014-08-04 18:11 - 2014-08-04 18:11 - 00145408 _____ () C:\Users\Lisa\AppData\Local\ksqkmgfn.exe
2014-08-03 22:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ywolukpe
2014-08-03 21:44 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqycam
2014-08-03 21:11 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zoitoh
2014-08-03 16:24 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bauwnyli
2014-08-03 14:51 - 2014-08-03 14:51 - 00117760 _____ () C:\Users\Lisa\AppData\Local\lnxnrbjh.exe
2014-08-03 03:48 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lagyanf
2014-08-02 15:17 - 2014-08-02 15:17 - 00168448 _____ () C:\Users\Lisa\AppData\Local\ftmbftun.exe
2014-08-02 09:49 - 2014-08-02 09:49 - 00036601 _____ () C:\Users\Lisa\AppData\Local\unnobmmk
2014-08-02 09:44 - 2014-08-02 09:44 - 00068609 _____ () C:\Users\Lisa\AppData\Local\rmfqannn
2014-08-02 09:43 - 2014-08-02 09:43 - 00000000 ____D () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1)
2014-08-02 09:42 - 2014-08-02 09:42 - 00155648 _____ () C:\Users\Lisa\AppData\Local\pmrxciqb.exe
2014-08-02 09:41 - 2014-08-02 09:41 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1).zip
2014-08-02 09:39 - 2014-08-02 09:39 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203.zip
2014-08-01 20:06 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 20:06 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 20:06 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 20:06 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 20:06 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 20:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 20:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 20:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 20:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\Users\Lisa\AppData\Local\WarThunder
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\ProgramData\WarThunder
2014-07-31 08:29 - 2014-07-31 08:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\StunlockStudios
2014-07-30 17:03 - 2014-07-30 17:03 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-30 17:03 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-30 17:03 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-30 17:03 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-30 17:03 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-27 07:36 - 2014-07-27 07:36 - 00000040 _____ () C:\Windows\system32\ꍐ°
2014-07-27 00:35 - 2014-07-27 00:35 - 00000040 _____ () C:\Windows\system32\ꍐ!
2014-07-26 12:57 - 2014-07-26 12:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\java
2014-07-26 12:30 - 2014-07-26 12:30 - 00321448 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-26 12:29 - 2014-07-26 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-07-26 05:08 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-07-26 05:08 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-07-26 05:08 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-07-26 05:07 - 2014-07-26 05:07 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-07-26 05:07 - 2014-07-26 05:07 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-07-26 05:07 - 2014-07-26 05:07 - 00000000 ____D () C:\Riot Games
2014-07-26 05:07 - 2014-07-26 05:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-07-26 05:04 - 2014-07-26 05:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Riot Games
2014-07-24 17:37 - 2014-07-24 17:37 - 00000000 ____D () C:\Users\Lisa\Documents\SimBin
2014-07-24 17:17 - 2014-07-24 17:28 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\RIFT
2014-07-24 17:17 - 2014-07-24 17:17 - 00000000 ____D () C:\Users\Lisa\Documents\RIFT
2014-07-24 13:52 - 2014-07-24 13:52 - 00001688 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-24 13:52 - 2014-07-24 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-23 12:25 - 2014-08-23 12:24 - 00032914 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-08-23 12:25 - 2014-02-15 04:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Open Download Manager
2014-08-23 12:25 - 2012-12-13 18:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\PMB Files
2014-08-23 12:24 - 2014-08-23 12:22 - 00000000 ____D () C:\FRST
2014-08-23 12:24 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-23 12:24 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-23 12:22 - 2014-08-23 12:22 - 02103296 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2014-08-23 12:19 - 2012-08-29 02:24 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Nero
2014-08-23 12:19 - 2012-05-26 01:39 - 01187439 _____ () C:\Windows\WindowsUpdate.log
2014-08-23 12:14 - 2014-08-23 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 392046224
2014-08-23 12:14 - 2014-08-23 12:14 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 392046224.job
2014-08-23 12:14 - 2014-08-23 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-23 12:09 - 2014-08-23 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-23 12:09 - 2012-07-04 23:25 - 00001806 _____ () C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2014-08-23 12:05 - 2014-06-29 05:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-23 12:04 - 2013-07-19 10:53 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-23 12:04 - 2012-05-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-08-23 12:03 - 2012-06-28 01:39 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-23 12:03 - 2012-05-26 00:24 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-08-23 12:03 - 2012-05-26 00:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-08-23 12:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-23 12:03 - 2009-07-14 00:51 - 00103679 _____ () C:\Windows\setupact.log
2014-08-23 05:00 - 2014-08-23 04:20 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2038411680.job
2014-08-23 05:00 - 2014-08-23 04:02 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3089754028.job
2014-08-23 05:00 - 2014-08-23 00:15 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2979509591.job
2014-08-23 05:00 - 2014-08-22 22:29 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2191080318.job
2014-08-23 05:00 - 2014-08-22 21:59 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1855888854.job
2014-08-23 05:00 - 2014-08-22 21:40 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2194090041.job
2014-08-23 05:00 - 2014-08-22 16:58 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 371833040.job
2014-08-23 05:00 - 2014-08-22 16:04 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 3431837355.job
2014-08-23 05:00 - 2014-08-22 06:20 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3488534018.job
2014-08-23 05:00 - 2014-08-22 06:18 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 966665472.job
2014-08-23 05:00 - 2014-08-22 06:18 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3715843453.job
2014-08-23 05:00 - 2014-08-21 12:17 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1586098165.job
2014-08-23 05:00 - 2014-08-21 12:14 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 927385066.job
2014-08-23 05:00 - 2014-08-21 06:20 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2836356992.job
2014-08-23 05:00 - 2014-08-20 22:27 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 752820688.job
2014-08-23 05:00 - 2014-08-20 22:10 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1640359643.job
2014-08-23 05:00 - 2014-08-20 20:30 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2106932050.job
2014-08-23 05:00 - 2014-08-20 18:32 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3150405157.job
2014-08-23 05:00 - 2014-08-20 17:54 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1355868994.job
2014-08-23 05:00 - 2014-08-20 17:15 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2029705305.job
2014-08-23 05:00 - 2014-08-20 14:19 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104751866.job
2014-08-23 05:00 - 2014-08-20 13:51 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3983964077.job
2014-08-23 05:00 - 2014-08-20 12:27 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2479261886.job
2014-08-23 05:00 - 2014-08-20 10:29 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2109373424.job
2014-08-23 05:00 - 2014-08-20 09:53 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3942642799.job
2014-08-23 05:00 - 2014-08-20 09:33 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 418947291.job
2014-08-23 05:00 - 2014-08-20 01:55 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3338805954.job
2014-08-23 05:00 - 2014-08-20 00:59 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 846557512.job
2014-08-23 05:00 - 2014-08-19 23:20 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2498235418.job
2014-08-23 04:33 - 2012-06-28 01:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-23 04:20 - 2014-08-23 04:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2038411680
2014-08-23 04:20 - 2014-08-23 04:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ydpyyny
2014-08-23 04:02 - 2014-08-23 04:02 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3089754028
2014-08-23 04:02 - 2014-08-23 04:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubyfinv
2014-08-23 00:15 - 2014-08-23 00:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2979509591
2014-08-23 00:15 - 2014-08-23 00:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Paaqnaes
2014-08-22 22:40 - 2014-08-22 22:40 - 00011243 _____ () C:\Users\Lisa\Downloads\attach.txt
2014-08-22 22:29 - 2014-08-22 22:29 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2191080318
2014-08-22 22:29 - 2014-08-22 22:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Egihnil
2014-08-22 22:13 - 2014-08-22 22:08 - 00048762 _____ () C:\Users\Lisa\Desktop\dds.txt
2014-08-22 21:59 - 2014-08-22 21:59 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1855888854
2014-08-22 21:59 - 2014-08-22 21:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Saviha
2014-08-22 21:57 - 2014-08-22 21:54 - 00011243 _____ () C:\Users\Lisa\Desktop\attach.txt
2014-08-22 21:52 - 2014-08-22 21:52 - 00688992 ____R (Swearware) C:\Users\Lisa\Downloads\dds.com
2014-08-22 21:40 - 2014-08-22 21:40 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2194090041
2014-08-22 21:40 - 2014-08-22 21:40 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ymyneq
2014-08-22 21:34 - 2013-01-04 21:32 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA.job
2014-08-22 21:26 - 2014-08-22 21:26 - 00003728 ____N () C:\bootsqm.dat
2014-08-22 17:53 - 2014-08-22 17:53 - 00000017 _____ () C:\Users\Lisa\AppData\Local\resmon.resmoncfg
2014-08-22 17:13 - 2012-07-05 02:40 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps
2014-08-22 16:58 - 2014-08-22 16:58 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 371833040
2014-08-22 16:58 - 2014-08-22 16:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yzyfket
2014-08-22 16:05 - 2014-08-22 16:05 - 00132608 _____ () C:\Users\Lisa\AppData\Local\imjkkxco.exe
2014-08-22 16:04 - 2014-08-22 16:04 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 3431837355
2014-08-22 16:04 - 2014-08-22 16:04 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-22 15:58 - 2014-08-22 15:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-08-22 06:20 - 2014-08-22 06:20 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3488534018
2014-08-22 06:20 - 2014-08-22 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-22 06:18 - 2014-08-22 06:18 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 966665472
2014-08-22 06:18 - 2014-08-22 06:18 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3715843453
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwweaxag
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ircuuggu
2014-08-21 17:02 - 2014-08-21 17:02 - 00132096 _____ () C:\Users\Lisa\AppData\Local\wxpufssv.exe
2014-08-21 16:23 - 2013-07-19 15:51 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-08-21 12:17 - 2014-08-21 12:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1586098165
2014-08-21 12:17 - 2014-08-21 12:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Hutoite
2014-08-21 12:16 - 2009-07-14 01:13 - 00006498 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-21 12:14 - 2014-08-21 12:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 927385066
2014-08-21 12:14 - 2014-08-21 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-21 08:58 - 2012-07-08 18:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Skype
2014-08-21 06:20 - 2014-08-21 06:20 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2836356992
2014-08-21 06:20 - 2014-08-21 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afuxriap
2014-08-20 22:27 - 2014-08-20 22:27 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 752820688
2014-08-20 22:27 - 2014-08-20 22:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peqiaz
2014-08-20 22:23 - 2014-08-20 22:23 - 00098304 _____ () C:\Users\Lisa\AppData\Local\hkiwuxep.exe
2014-08-20 22:10 - 2014-08-20 22:10 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1640359643
2014-08-20 22:10 - 2014-08-20 22:10 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Adexve
2014-08-20 22:04 - 2014-02-05 20:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\.minecraft
2014-08-20 20:30 - 2014-08-20 20:30 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2106932050
2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vauvqaz
2014-08-20 18:32 - 2014-08-20 18:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3150405157
2014-08-20 18:32 - 2014-08-20 18:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igaxuvky
2014-08-20 17:54 - 2014-08-20 17:54 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1355868994
2014-08-20 17:54 - 2014-08-20 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Odypops
2014-08-20 17:15 - 2014-08-20 17:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2029705305
2014-08-20 17:15 - 2014-08-20 17:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Enecorly
2014-08-20 17:14 - 2014-08-20 17:14 - 00132096 _____ () C:\Users\Lisa\AppData\Local\akxhcokx.exe
2014-08-20 14:19 - 2014-08-20 14:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104751866
2014-08-20 14:19 - 2014-08-20 14:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Daryca
2014-08-20 13:51 - 2014-08-20 13:51 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3983964077
2014-08-20 13:51 - 2014-08-20 13:51 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-20 12:27 - 2014-08-20 12:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2479261886
2014-08-20 12:27 - 2014-08-20 12:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Esmony
2014-08-20 10:29 - 2014-08-20 10:29 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2109373424
2014-08-20 10:29 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etlyedav
2014-08-20 09:53 - 2014-08-20 09:53 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3942642799
2014-08-20 09:53 - 2014-08-20 09:53 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sapume
2014-08-20 09:33 - 2014-08-20 09:33 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 418947291
2014-08-20 09:33 - 2014-08-20 09:33 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-20 02:05 - 2014-08-20 01:16 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_2120
2014-08-20 01:55 - 2014-08-20 01:55 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3338805954
2014-08-20 01:55 - 2014-08-20 01:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Owhodu
2014-08-20 01:52 - 2014-08-20 01:52 - 00086016 _____ () C:\Users\Lisa\AppData\Local\qjojndus.exe
2014-08-20 00:59 - 2014-08-20 00:59 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 846557512
2014-08-20 00:59 - 2014-08-20 00:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bypoudte
2014-08-20 00:56 - 2013-01-04 21:32 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core.job
2014-08-19 23:20 - 2014-08-19 23:20 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2498235418
2014-08-19 23:20 - 2014-08-19 23:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-19 23:17 - 2014-08-19 23:17 - 00122880 _____ () C:\Users\Lisa\AppData\Local\mplssuve.exe
2014-08-19 15:31 - 2014-08-19 15:31 - 00164864 _____ () C:\Users\Lisa\AppData\Local\tgwxupsa.exe
2014-08-19 08:28 - 2014-08-19 08:28 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_3EA
2014-08-18 22:22 - 2014-08-18 22:22 - 00086016 _____ () C:\Users\Lisa\AppData\Local\njjudrfv.exe
2014-08-18 21:48 - 2014-08-18 21:48 - 00086016 _____ () C:\Users\Lisa\AppData\Local\pxpnlkid.exe
2014-08-18 20:48 - 2010-11-20 23:47 - 00402976 _____ () C:\Windows\PFRO.log
2014-08-18 19:58 - 2014-08-18 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-18 19:07 - 2014-05-26 01:28 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-18 18:55 - 2014-08-18 18:54 - 00036473 _____ () C:\Windows\SysWOW64\Result.txt
2014-08-18 18:37 - 2014-08-18 17:53 - 00036252 _____ () C:\Users\Lisa\Downloads\Result.txt
2014-08-18 18:37 - 2014-05-26 01:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 18:35 - 2014-08-18 17:48 - 00002757 _____ () C:\Users\Lisa\Downloads\FSS.txt
2014-08-18 18:26 - 2014-08-16 16:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Usypyw
2014-08-18 18:26 - 2014-08-16 12:35 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oxxiofv
2014-08-18 18:26 - 2014-08-15 04:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sadyyvp
2014-08-18 18:26 - 2014-08-13 08:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etdytiav
2014-08-18 18:26 - 2014-08-12 18:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ixhyafon
2014-08-18 18:26 - 2014-08-11 08:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwcugyi
2014-08-18 18:26 - 2014-08-10 16:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Osofogif
2014-08-18 18:26 - 2014-08-09 18:13 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwucmoy
2014-08-18 18:26 - 2014-08-09 14:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uparuvky
2014-08-18 18:26 - 2014-08-07 17:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yduhdiix
2014-08-18 18:26 - 2014-08-06 19:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Utuksu
2014-08-18 18:26 - 2014-08-05 18:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vealywr
2014-08-18 18:26 - 2014-08-04 21:42 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afsocah
2014-08-18 18:26 - 2014-08-04 18:13 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xihiyb
2014-08-18 18:26 - 2014-08-03 16:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bauwnyli
2014-08-18 18:26 - 2014-08-03 03:48 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lagyanf
2014-08-18 18:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Globalization
2014-08-18 18:25 - 2014-08-18 18:25 - 00086016 _____ () C:\Users\Lisa\AppData\Local\adafhgir.exe
2014-08-18 18:24 - 2014-08-18 09:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaenvuih
2014-08-18 18:24 - 2014-08-18 03:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubykta
2014-08-18 18:24 - 2014-08-18 00:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fabemo
2014-08-18 18:24 - 2014-08-17 22:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xyzutob
2014-08-18 18:24 - 2014-08-17 21:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ziqiadne
2014-08-18 18:24 - 2014-08-17 20:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvdoeq
2014-08-18 18:24 - 2014-08-17 18:31 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xoehhagu
2014-08-18 18:24 - 2014-08-17 17:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ovitesdu
2014-08-18 18:24 - 2014-08-17 16:13 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Emnihe
2014-08-18 18:24 - 2014-08-17 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Efroav
2014-08-18 18:24 - 2014-08-17 11:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Koqeaxwo
2014-08-18 18:24 - 2014-08-17 04:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qybyvo
2014-08-18 18:24 - 2014-08-17 02:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ettyyhro
2014-08-18 18:24 - 2014-08-17 01:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Almoiw
2014-08-18 18:24 - 2014-08-17 00:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fatakoi
2014-08-18 18:24 - 2014-08-16 18:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Wyynda
2014-08-18 18:24 - 2014-08-16 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ageqowb
2014-08-18 18:24 - 2014-08-16 14:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Guxonita
2014-08-18 18:24 - 2014-08-16 13:42 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yziwnozy
2014-08-18 18:24 - 2014-08-15 08:28 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ipkazi
2014-08-18 18:24 - 2014-08-15 06:41 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gyunuqse
2014-08-18 18:24 - 2014-08-15 06:38 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Omusdysa
2014-08-18 18:24 - 2014-08-13 22:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edupeze
2014-08-18 18:24 - 2014-08-13 21:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fakayxki
2014-08-18 18:24 - 2014-08-13 20:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lolued
2014-08-18 18:24 - 2014-08-13 13:48 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Amuqbibi
2014-08-18 18:24 - 2014-08-13 10:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Reyrnax
2014-08-18 18:24 - 2014-08-13 09:50 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ismyziy
2014-08-18 18:24 - 2014-08-13 06:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Okagcazi
2014-08-18 18:24 - 2014-08-13 05:51 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zawyloo
2014-08-18 18:24 - 2014-08-13 04:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itxaapky
2014-08-18 18:24 - 2014-08-12 22:28 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itulere
2014-08-18 18:24 - 2014-08-12 21:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Dybyneo
2014-08-18 18:24 - 2014-08-12 20:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vinuvaav
2014-08-18 18:24 - 2014-08-11 22:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Cedoliu
2014-08-18 18:24 - 2014-08-11 21:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozefuf
2014-08-18 18:24 - 2014-08-11 21:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqoqofu
2014-08-18 18:24 - 2014-08-11 18:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekikxic
2014-08-18 18:24 - 2014-08-11 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Tofoiluz
2014-08-18 18:24 - 2014-08-11 06:11 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peasrag
2014-08-18 18:24 - 2014-08-11 06:09 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ynlyywo
2014-08-18 18:24 - 2014-08-11 04:47 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvucha
2014-08-18 18:24 - 2014-08-11 03:31 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kubuyqtu
2014-08-18 18:24 - 2014-08-10 22:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycilhaa
2014-08-18 18:24 - 2014-08-10 21:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kimebo
2014-08-18 18:24 - 2014-08-10 20:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Voqiaqo
2014-08-18 18:24 - 2014-08-10 18:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Pahubyyx
2014-08-18 18:24 - 2014-08-10 17:48 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Rorahewi
2014-08-18 18:24 - 2014-08-10 14:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nayhedr
2014-08-18 18:24 - 2014-08-10 13:50 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kydeky
2014-08-18 18:24 - 2014-08-10 12:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igtoaxyk
2014-08-18 18:24 - 2014-08-10 10:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Giuwfu
2014-08-18 18:24 - 2014-08-10 10:06 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqquqo
2014-08-18 18:24 - 2014-08-10 06:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Niatuper
2014-08-18 18:24 - 2014-08-10 05:49 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yfkiuwyl
2014-08-18 18:24 - 2014-08-10 04:39 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aqgaovbo
2014-08-18 18:24 - 2014-08-10 00:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nuhuwaug
2014-08-18 18:24 - 2014-08-09 22:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afwyel
2014-08-18 18:24 - 2014-08-09 21:51 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noydvup
2014-08-18 18:24 - 2014-08-09 20:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Apiwaqmu
2014-08-18 18:24 - 2014-08-09 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxqazua
2014-08-18 18:24 - 2014-08-09 16:28 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Feofek
2014-08-18 18:24 - 2014-08-07 22:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Asviohfi
2014-08-18 18:24 - 2014-08-07 21:42 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvbuubn
2014-08-18 18:24 - 2014-08-07 20:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ahyfaruq
2014-08-18 18:24 - 2014-08-07 18:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ryfogiu
2014-08-18 18:24 - 2014-08-06 21:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Abpaax
2014-08-18 18:24 - 2014-08-06 21:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exazus
2014-08-18 18:24 - 2014-08-05 22:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ygfoyr
2014-08-18 18:24 - 2014-08-05 21:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edaqdi
2014-08-18 18:24 - 2014-08-05 20:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biawisig
2014-08-18 18:24 - 2014-08-05 04:13 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqegxiw
2014-08-18 18:24 - 2014-08-05 02:13 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozmicu
2014-08-18 18:24 - 2014-08-05 01:43 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xuesyqu
2014-08-18 18:24 - 2014-08-05 00:13 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ridiefc
2014-08-18 18:24 - 2014-08-04 22:12 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aksuby
2014-08-18 18:24 - 2014-08-04 20:12 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Upyqxo
2014-08-18 18:24 - 2014-08-03 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ywolukpe
2014-08-18 18:24 - 2014-08-03 21:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqycam
2014-08-18 18:24 - 2014-08-03 21:11 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zoitoh
2014-08-18 17:54 - 2014-08-18 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exohrei
2014-08-18 17:28 - 2014-08-18 17:28 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Downloads\rkill.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00401920 _____ (Farbar) C:\Users\Lisa\Downloads\MiniToolBox.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 17:28 - 2014-08-18 17:27 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1012.exe
2014-08-18 17:28 - 2014-05-26 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-18 17:28 - 2014-05-26 01:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-18 17:27 - 2014-08-18 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00854417 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00415232 _____ (Farbar) C:\Users\Lisa\Downloads\FSS.exe
2014-08-18 17:02 - 2014-08-18 17:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-18 17:00 - 2014-08-18 17:00 - 00165376 _____ () C:\Users\Lisa\AppData\Local\ujlveuwg.exe
2014-08-17 14:56 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\Documents\Witcher 2
2014-08-17 14:27 - 2014-08-17 14:27 - 00165376 _____ () C:\Users\Lisa\AppData\Local\jcgfjtoa.exe
2014-08-17 04:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 15:22 - 2014-08-16 15:22 - 00162816 _____ () C:\Users\Lisa\AppData\Local\wqwiwtfg.exe
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-08-16 14:58 - 2014-08-16 14:58 - 05324650 _____ (CPUID ) C:\Users\Lisa\Downloads\pc-wizard_2012.2.11-setup.exe
2014-08-16 14:36 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher 2
2014-08-16 14:36 - 2012-05-26 00:33 - 00286416 _____ () C:\Windows\DirectX.log
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\Documents\The Witcher
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher
2014-08-16 14:16 - 2014-08-16 14:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-08-16 12:27 - 2013-08-06 00:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-16 02:10 - 2012-07-08 01:48 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-16 02:05 - 2014-04-30 00:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 20:42 - 2014-08-15 20:42 - 25184629 _____ () C:\Users\Lisa\Downloads\Modern HD 1.8.zip
2014-08-15 17:35 - 2012-07-26 22:59 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 17:29 - 2014-08-15 17:29 - 00160768 _____ () C:\Users\Lisa\AppData\Local\fmdvsdoh.exe
2014-08-14 17:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-14 17:05 - 2013-07-19 10:56 - 00000000 ____D () C:\ProgramData\Origin
2014-08-11 22:46 - 2012-06-27 21:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SoftGrid Client
2014-08-11 21:47 - 2014-08-11 21:47 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 21:47 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 21:46 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iPod
2014-08-11 19:57 - 2013-07-19 17:12 - 00000000 ____D () C:\Users\Lisa\Documents\Electronic Arts
2014-08-11 19:57 - 2013-07-19 10:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-11 19:55 - 2014-08-11 19:54 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 19:55 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-11 19:18 - 2013-07-19 11:01 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-11 03:48 - 2009-07-14 01:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-10 22:27 - 2014-08-10 22:27 - 00000000 _____ () C:\Users\Lisa\cd
2014-08-10 22:27 - 2012-06-27 01:47 - 00000000 ____D () C:\Users\Lisa
2014-08-10 22:20 - 2014-08-10 22:20 - 03001270 _____ () C:\Users\Lisa\Downloads\Minecraft-Region-Fixer-0.1.3 (win32).zip
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-10 11:15 - 2014-07-05 22:33 - 00000000 ____D () C:\Users\Lisa\Documents\My Games
2014-08-09 22:09 - 2014-06-11 00:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Paint.NET
2014-08-09 22:03 - 2014-06-11 00:51 - 00001150 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-08-09 22:03 - 2014-06-11 00:51 - 00001138 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-08-09 22:03 - 2014-06-11 00:51 - 00000000 ____D () C:\Program Files\Paint.NET
2014-08-09 21:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-09 17:23 - 2014-08-09 17:13 - 00000000 ____D () C:\Users\Lisa\Documents\Euro Truck Simulator 2
2014-08-07 19:37 - 2014-08-07 19:37 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Ubisoft
2014-08-07 17:42 - 2014-08-07 17:42 - 00153600 _____ () C:\Users\Lisa\AppData\Local\mtohoimn.exe
2014-08-06 22:06 - 2014-08-16 00:46 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 22:01 - 2014-08-16 00:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 19:48 - 2014-05-15 21:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-06 19:22 - 2014-08-06 19:22 - 00153600 _____ () C:\Users\Lisa\AppData\Local\gxjiiqou.exe
2014-08-05 18:28 - 2014-08-05 18:28 - 00153600 _____ () C:\Users\Lisa\AppData\Local\nqnvgvvj.exe
2014-08-04 18:11 - 2014-08-04 18:11 - 00145408 _____ () C:\Users\Lisa\AppData\Local\ksqkmgfn.exe
2014-08-03 15:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-03 14:51 - 2014-08-03 14:51 - 00117760 _____ () C:\Users\Lisa\AppData\Local\lnxnrbjh.exe
2014-08-02 15:17 - 2014-08-02 15:17 - 00168448 _____ () C:\Users\Lisa\AppData\Local\ftmbftun.exe
2014-08-02 09:49 - 2014-08-02 09:49 - 00036601 _____ () C:\Users\Lisa\AppData\Local\unnobmmk
2014-08-02 09:44 - 2014-08-02 09:44 - 00068609 _____ () C:\Users\Lisa\AppData\Local\rmfqannn
2014-08-02 09:43 - 2014-08-02 09:43 - 00000000 ____D () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1)
2014-08-02 09:42 - 2014-08-02 09:42 - 00155648 _____ () C:\Users\Lisa\AppData\Local\pmrxciqb.exe
2014-08-02 09:41 - 2014-08-02 09:41 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1).zip
2014-08-02 09:39 - 2014-08-02 09:39 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203.zip
2014-08-02 02:16 - 2012-12-16 00:09 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\Users\Lisa\AppData\Local\WarThunder
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\ProgramData\WarThunder
2014-07-31 19:41 - 2014-08-16 00:46 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 19:16 - 2014-08-16 00:46 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 08:29 - 2014-07-31 08:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\StunlockStudios
2014-07-30 17:11 - 2014-06-01 00:11 - 00000000 ____D () C:\Program Files\Java
2014-07-30 17:04 - 2014-02-14 23:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-30 17:03 - 2014-07-30 17:03 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-30 17:03 - 2013-04-12 16:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-27 07:36 - 2014-07-27 07:36 - 00000040 _____ () C:\Windows\system32\ꍐ°
2014-07-27 00:35 - 2014-07-27 00:35 - 00000040 _____ () C:\Windows\system32\ꍐ!
2014-07-26 12:57 - 2014-07-26 12:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\java
2014-07-26 12:30 - 2014-07-26 12:30 - 00321448 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-26 12:30 - 2014-06-01 00:12 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-26 12:30 - 2014-06-01 00:12 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-26 12:30 - 2014-06-01 00:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-26 12:29 - 2014-07-26 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-07-26 05:14 - 2014-07-26 05:04 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Riot Games
2014-07-26 05:07 - 2014-07-26 05:07 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-07-26 05:07 - 2014-07-26 05:07 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-07-26 05:07 - 2014-07-26 05:07 - 00000000 ____D () C:\Riot Games
2014-07-26 05:07 - 2014-07-26 05:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-07-25 10:52 - 2014-08-16 00:46 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 10:02 - 2014-08-16 00:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 10:01 - 2014-08-16 00:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 09:51 - 2014-08-16 00:46 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 09:30 - 2014-08-16 00:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 09:28 - 2014-08-16 00:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 09:28 - 2014-08-16 00:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 09:25 - 2014-08-16 00:46 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 09:25 - 2014-08-16 00:46 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 09:11 - 2014-08-16 00:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 09:10 - 2014-08-16 00:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 09:04 - 2014-08-16 00:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 09:03 - 2014-08-16 00:46 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 09:00 - 2014-08-16 00:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 09:00 - 2014-08-16 00:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 08:59 - 2014-08-16 00:46 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 08:47 - 2014-08-16 00:46 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 08:40 - 2014-08-16 00:46 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 08:34 - 2014-08-16 00:46 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 08:34 - 2014-08-16 00:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 08:33 - 2014-08-16 00:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 08:30 - 2014-08-16 00:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 08:28 - 2014-08-16 00:46 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 08:28 - 2014-08-16 00:46 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 08:21 - 2014-08-16 00:46 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 08:19 - 2014-08-16 00:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 08:18 - 2014-08-16 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 08:17 - 2014-08-16 00:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 08:17 - 2014-08-16 00:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 08:12 - 2014-08-16 00:46 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 08:10 - 2014-08-16 00:46 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 08:10 - 2014-08-16 00:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 08:08 - 2014-08-16 00:46 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 08:06 - 2014-08-16 00:46 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 07:52 - 2014-08-16 00:46 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 07:47 - 2014-08-16 00:46 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 07:43 - 2014-08-16 00:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 07:42 - 2014-08-16 00:46 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 07:39 - 2014-08-16 00:46 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 07:39 - 2014-08-16 00:46 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 07:36 - 2014-08-16 00:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 07:34 - 2014-08-16 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 07:29 - 2014-08-16 00:46 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 07:23 - 2014-08-16 00:46 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 07:13 - 2014-08-16 00:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 07:07 - 2014-08-16 00:46 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 07:07 - 2014-08-16 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 07:03 - 2014-08-16 00:46 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 06:52 - 2014-08-16 00:46 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 06:26 - 2014-08-16 00:46 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 06:17 - 2014-08-16 00:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 06:09 - 2014-08-16 00:46 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 06:05 - 2014-08-16 00:46 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 06:00 - 2014-08-16 00:46 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 17:37 - 2014-07-24 17:37 - 00000000 ____D () C:\Users\Lisa\Documents\SimBin
2014-07-24 17:28 - 2014-07-24 17:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\RIFT
2014-07-24 17:17 - 2014-07-24 17:17 - 00000000 ____D () C:\Users\Lisa\Documents\RIFT
2014-07-24 13:52 - 2014-07-24 13:52 - 00001688 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-24 13:52 - 2014-07-24 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection
2014-07-24 09:50 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 09:50 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 03:03 - 2014-03-20 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
 
Files to move or delete:
====================
C:\Users\Lisa\jagex_cl_runescape_LIVE.dat
C:\Users\Lisa\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\032939rr.exe
C:\Users\Lisa\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Lisa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Lisa\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\Lisa\AppData\Local\Temp\contentDATs.exe
C:\Users\Lisa\AppData\Local\Temp\D2M-Precheck.exe
C:\Users\Lisa\AppData\Local\Temp\del.dll
C:\Users\Lisa\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Lisa\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lisa\AppData\Local\Temp\mssinstaller.exe
C:\Users\Lisa\AppData\Local\Temp\NGMDll.dll
C:\Users\Lisa\AppData\Local\Temp\NGMResource.dll
C:\Users\Lisa\AppData\Local\Temp\nsmC5CC.tmp.exe
C:\Users\Lisa\AppData\Local\Temp\paint.net.4.0.3.install.exe
C:\Users\Lisa\AppData\Local\Temp\pkjlznb7.dll
C:\Users\Lisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Lisa\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Lisa\AppData\Local\Temp\setup.exe
C:\Users\Lisa\AppData\Local\Temp\speedupmypc.exe
C:\Users\Lisa\AppData\Local\Temp\stageremote_2.0.0.43_2.0.0.50_update_all.exe
C:\Users\Lisa\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Lisa\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Lisa\AppData\Local\Temp\tbFree.dll
C:\Users\Lisa\AppData\Local\Temp\unicows.dll
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_02f7a23a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_13e4dcab.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1bc98a7d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_21c5c48a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2ff04997.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3290907b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3395f225.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_35e998fa.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_554dd13d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfb770c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_61f087dd.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_64183c61.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7251dd4b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_79e97e1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_91aa4c9b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_939416b4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_95757909.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_96c95518.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_99c572f8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9a4a7529.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9ae80cde.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9f6d1442.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ad4b2921.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b2db83ae.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b316a696.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b32cfc92.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba5af972.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bbcdc72e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c88e7a0e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cddd4d1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d08fffb6.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d35b2564.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d40ecf34.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da798d03.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e3424573.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ef807fc3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f0690cee.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f1810c3b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f30fa441.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fabbe379.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fca2020d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fd9a4825.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-07 09:55
 

 

==================== End Of Log ============================
 
 

 

Addition.txt

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2014
Ran by Lisa at 2014-08-23 12:25:55
Running from C:\Users\Lisa\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Shopping Toolbar (HKLM-x32\...\{4F524A00-6A76-A76A-76A7-A758B70C0A06}) (Version: 12.10.6.60 - APN, LLC) <==== ATTENTION
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version:  - X-Legend)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - )
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Carnage Racing (HKLM-x32\...\Steam App 228940) (Version:  - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11350.0 - Cisco Consumer Products LLC)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Corel PaintShop Pro X4 (HKLM-x32\...\_{00580795-581C-4587-B9F2-37320D7AB37F}) (Version: 14.0.0.345 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.215 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.49 - Dell Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Euro Truck Simulator 2 Demo (HKLM-x32\...\Steam App 231120) (Version:  - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Realms (HKCU\...\SOE-Free Realms) (Version:  - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version:  - SimBin)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
HP Deskjet 1010 series Basic Device Software (HKLM\...\{43211ACE-5EBF-48A1-8497-8F53CB0FC1E4}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 1010 series Help (HKLM-x32\...\{BFB6C2B0-9643-4B59-A706-71DEB3017A99}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
ICA (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version:  - Free Lunch Design)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
IPM_PSP_COM (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
La Tale (HKLM-x32\...\Steam App 264360) (Version:  - Actoz Soft)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140806.90000 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Open Downloader Manager (HKLM-x32\...\OpenDownloaderManager) (Version:  - Installer Technology Co)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Wizard 2012.2.12 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Product Improvement Study for HP Deskjet 1010 series (HKLM\...\{89F99A52-34C0-48A5-B0DA-33F7E4760FA9}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
Project Cyber (HKLM-x32\...\Steam App 285580) (Version:  - Spearhead Games)
PSPPContent (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPro64 (Version: 14.0.0.345 - Corel Corporation) Hidden
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.17 - Dell Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - SimBin Studios AB)
Really Big Sky (HKLM-x32\...\Steam App 201570) (Version:  - Boss Baddie)
Respondus 4.0 Single-User (HKLM-x32\...\{D60A153B-5292-4833-9C5C-2556D54FDE4B}) (Version: 4.0.1.00 - Respondus, Inc.)
Respondus Equation Editor 4 (HKLM-x32\...\RSEE4) (Version:  - )
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
SavetheChildren Reminder by We-Care.com v4.1.26.4 (HKLM-x32\...\{26B4D0E1-6F6D-48DF-8719-80276A259F7E}) (Version: 4.1.26.4 - We-Care.com)
Setup (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.10.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05F00170-4698-4B3C-8054-EF2E1BCB1134} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {10F6BE5E-8FB5-42CB-A3EA-69756948F2AB} - System32\Tasks\Security Center Update - 3089754028 => C:\Users\Lisa\AppData\Roaming\Ubyfinv\ilmoka.exe [2012-07-29] (CrystalIDEA Software)
Task: {157A01DB-6E8E-49B8-87EC-A0F24EA36F82} - System32\Tasks\Security Center Update - 966665472 => C:\Users\Lisa\AppData\Roaming\Ircuuggu\igebly.exe [2013-01-02] (Mesrisift Corporatien)
Task: {1663D225-43F8-45E3-95BE-5460AD494598} - System32\Tasks\Security Center Update - 3431837355 => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [2012-07-12] (CrystalIDEA Software)
Task: {18D8F1D1-90F2-4915-A59D-6DEBAE776475} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {1CF68C5D-3CC1-457C-8FA1-449026B07A83} - System32\Tasks\Security Center Update - 2498235418 => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [2013-04-17] (Meskisift Corporatien)
Task: {2050F09F-0791-44B8-8B3F-4B66A00D4F14} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {275D28C0-21F4-4C6B-BF4E-EB8B78475F65} - System32\Tasks\Security Center Update - 418947291 => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [2014-03-13] (PowerCmd Software)
Task: {2BABA540-553D-4555-A828-0CC8463F516C} - System32\Tasks\Security Center Update - 3488534018 => C:\Users\Lisa\AppData\Roaming\Ulaqbeq\ihahir.exe [2013-11-01] (Mesrisift Corporatien)
Task: {2E7D3E2E-5F46-4721-B1EA-4B660609FE9A} - System32\Tasks\Security Center Update - 2029705305 => C:\Users\Lisa\AppData\Roaming\Enecorly\irocpal.exe [2013-01-29] (PowerCmd Software)
Task: {33416DCA-9E19-4A37-A920-D384254CE2B8} - System32\Tasks\Security Center Update - 846557512 => C:\Users\Lisa\AppData\Roaming\Bypoudte\zuudv.exe [2012-12-16] (Meskisift Corporatien)
Task: {3B428BDE-836D-4BC2-9A0F-8A8CB2E39F7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {40B655BD-3ECB-4530-892C-5771FA4E7739} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {4542AEE1-D9F2-4E11-82B7-516501FE9FBA} - System32\Tasks\Security Center Update - 927385066 => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [2014-05-25] (Mesrisift Corporatien)
Task: {46C13CF5-646F-4974-91E3-D63DBE6FEE4A} - System32\Tasks\Security Center Update - 1855888854 => C:\Users\Lisa\AppData\Roaming\Saviha\lovan.exe [2013-06-13] (CrystalIDEA Software)
Task: {4C0E8C2D-1896-4875-9C02-F642AE2B7998} - System32\Tasks\Security Center Update - 3338805954 => C:\Users\Lisa\AppData\Roaming\Owhodu\onixeg.exe [2013-06-18] (Meskisift Corporatien)
Task: {4F6EB0E4-4434-4E66-925A-E3408B8D9A77} - System32\Tasks\Security Center Update - 2979509591 => C:\Users\Lisa\AppData\Roaming\Paaqnaes\ystyxym.exe [2013-01-28] (CrystalIDEA Software)
Task: {5B806C89-B6F4-4491-BC05-BC08C4EA5AA5} - System32\Tasks\Security Center Update - 1355868994 => C:\Users\Lisa\AppData\Roaming\Odypops\wanef.exe [2014-04-17] (PowerCmd Software)
Task: {5FD12D6E-C94D-414C-A73F-F7E53CB8EB72} - System32\Tasks\Security Center Update - 752820688 => C:\Users\Lisa\AppData\Roaming\Peqiaz\opdofa.exe [2013-01-17] (PowerCmd Software)
Task: {6A5F6A96-B4E9-4068-8EAE-2316B65484EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {6C50E672-6AE8-4EBC-98CD-E0E9A2E87106} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15] (Facebook Inc.)
Task: {6E574FE7-CD99-486A-BB85-26C822FD69EF} - System32\Tasks\{682840C9-C865-4F05-B807-8BA9AD57D886} => C:\Users\Lisa\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
Task: {750661EA-B5E4-4D3E-8F27-D9EFA1B74788} - System32\Tasks\Security Center Update - 2479261886 => C:\Users\Lisa\AppData\Roaming\Esmony\tuyqato.exe [2013-01-06] (PowerCmd Software)
Task: {75D47420-CB24-4D20-9ED2-C85E70EF2151} - System32\Tasks\Security Center Update - 2104751866 => C:\Users\Lisa\AppData\Roaming\Daryca\yrvik.exe [2013-04-15] (PowerCmd Software)
Task: {7BF18A5C-4427-424E-B093-EF7E0E4A5A22} - System32\Tasks\Security Center Update - 3715843453 => C:\Users\Lisa\AppData\Roaming\Uwweaxag\izxyu.exe [2014-08-18] (Mesrisift Corporatien)
Task: {7D901313-4F98-4028-8062-A2537F3D6C0F} - System32\Tasks\Security Center Update - 2038411680 => C:\Users\Lisa\AppData\Roaming\Ydpyyny\oqaky.exe [2012-09-01] (CrystalIDEA Software)
Task: {8010DC90-B7CC-4BE1-85AD-04E38632FA92} - System32\Tasks\Security Center Update - 2191080318 => C:\Users\Lisa\AppData\Roaming\Egihnil\oswyky.exe [2012-08-02] (CrystalIDEA Software)
Task: {81694AED-AEE0-41D3-AC36-5A29E8702CDF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15] (Facebook Inc.)
Task: {8B482D7A-3A63-48F1-AF33-1C3B45E96BBC} - System32\Tasks\Security Center Update - 392046224 => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [2012-07-19] (M1crosoft Corporation)
Task: {8F44A373-FD4F-4AD2-9557-80161BB7965B} - System32\Tasks\Security Center Update - 371833040 => C:\Users\Lisa\AppData\Roaming\Yzyfket\sawymu.exe [2013-02-11] (CrystalIDEA Software)
Task: {9560F579-6320-48BD-81DD-5310D3299CC8} - System32\Tasks\Security Center Update - 3942642799 => C:\Users\Lisa\AppData\Roaming\Sapume\etfivu.exe [2014-06-25] (PowerCmd Software)
Task: {978FDB14-77B6-4B4A-8344-AC358F30E9EA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {98AB084F-C369-485A-8FF7-79508E654415} - System32\Tasks\Security Center Update - 2106932050 => C:\Users\Lisa\AppData\Roaming\Vauvqaz\yzuhov.exe [2014-03-11] (PowerCmd Software)
Task: {A3BBBEBC-0C9A-4AE0-A8A8-B639567CBF97} - System32\Tasks\Security Center Update - 3983964077 => C:\Users\Lisa\AppData\Roaming\Yrpeqiod\ulepqi.exe [2012-09-02] (PowerCmd Software)
Task: {B3977328-01CA-49FB-9091-B42B3D341736} - System32\Tasks\Security Center Update - 1640359643 => C:\Users\Lisa\AppData\Roaming\Adexve\ciruhi.exe [2013-11-24] (PowerCmd Software)
Task: {B5AACB6F-BF50-4246-A1CF-B69A36713BDB} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {BE3172D4-97AA-402B-87C4-8167ABDDB3C4} - System32\Tasks\Security Center Update - 3150405157 => C:\Users\Lisa\AppData\Roaming\Igaxuvky\togobo.exe [2012-09-07] (PowerCmd Software)
Task: {C9BE3DD5-181E-43EB-BEC7-B97383015855} - System32\Tasks\Security Center Update - 2194090041 => C:\Users\Lisa\AppData\Roaming\Ymyneq\hilao.exe [2013-11-19] (CrystalIDEA Software)
Task: {CC1AD1AD-D302-432B-8504-6160E4BF81CA} - System32\Tasks\Security Center Update - 2109373424 => C:\Users\Lisa\AppData\Roaming\Etlyedav\icuvd.exe [2014-04-10] (PowerCmd Software)
Task: {D758F8FB-73F9-4796-864D-3B54E91CBEED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E005DE33-0357-4042-8570-A3F94929E411} - System32\Tasks\Security Center Update - 1586098165 => C:\Users\Lisa\AppData\Roaming\Hutoite\taqauda.exe [2013-11-16] (Mesrisift Corporatien)
Task: {EA338F8E-CA31-4AB3-BC05-C1BFE5D959C1} - System32\Tasks\HPCustParticipation HP Deskjet 1010 series => C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe [2013-02-08] (Hewlett-Packard Co.)
Task: {FC5721B2-3BB1-4700-A7FB-872F3B28C0CF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {FCA72012-4145-43A9-BAB2-3D48B6625BB2} - System32\Tasks\Security Center Update - 2836356992 => C:\Users\Lisa\AppData\Roaming\Afuxriap\bowytu.exe [2013-09-12] (PowerCmd Software)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core.job => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA.job => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Security Center Update - 1355868994.job => C:\Users\Lisa\AppData\Roaming\Odypops\wanef.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1586098165.job => C:\Users\Lisa\AppData\Roaming\Hutoite\taqauda.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1640359643.job => C:\Users\Lisa\AppData\Roaming\Adexve\ciruhi.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1855888854.job => C:\Users\Lisa\AppData\Roaming\Saviha\lovan.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2029705305.job => C:\Users\Lisa\AppData\Roaming\Enecorly\irocpal.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2038411680.job => C:\Users\Lisa\AppData\Roaming\Ydpyyny\oqaky.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2104751866.job => C:\Users\Lisa\AppData\Roaming\Daryca\yrvik.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2106932050.job => C:\Users\Lisa\AppData\Roaming\Vauvqaz\yzuhov.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2109373424.job => C:\Users\Lisa\AppData\Roaming\Etlyedav\icuvd.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2191080318.job => C:\Users\Lisa\AppData\Roaming\Egihnil\oswyky.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2194090041.job => C:\Users\Lisa\AppData\Roaming\Ymyneq\hilao.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2479261886.job => C:\Users\Lisa\AppData\Roaming\Esmony\tuyqato.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2498235418.job => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2836356992.job => C:\Users\Lisa\AppData\Roaming\Afuxriap\bowytu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2979509591.job => C:\Users\Lisa\AppData\Roaming\Paaqnaes\ystyxym.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3089754028.job => C:\Users\Lisa\AppData\Roaming\Ubyfinv\ilmoka.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3150405157.job => C:\Users\Lisa\AppData\Roaming\Igaxuvky\togobo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3338805954.job => C:\Users\Lisa\AppData\Roaming\Owhodu\onixeg.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3431837355.job => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3488534018.job => C:\Users\Lisa\AppData\Roaming\Ulaqbeq\ihahir.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3715843453.job => C:\Users\Lisa\AppData\Roaming\Uwweaxag\izxyu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 371833040.job => C:\Users\Lisa\AppData\Roaming\Yzyfket\sawymu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 392046224.job => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3942642799.job => C:\Users\Lisa\AppData\Roaming\Sapume\etfivu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3983964077.job => C:\Users\Lisa\AppData\Roaming\Yrpeqiod\ulepqi.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 418947291.job => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 752820688.job => C:\Users\Lisa\AppData\Roaming\Peqiaz\opdofa.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 846557512.job => C:\Users\Lisa\AppData\Roaming\Bypoudte\zuudv.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 927385066.job => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 966665472.job => C:\Users\Lisa\AppData\Roaming\Ircuuggu\igebly.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-10 14:25 - 2014-05-20 12:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-15 21:11 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-12-16 00:09 - 2011-02-07 12:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-05-26 00:19 - 2012-01-26 22:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-05-26 01:09 - 2011-12-15 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-06-27 20:26 - 2011-06-27 20:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2012-12-13 18:50 - 2012-12-13 18:50 - 03093624 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2011-06-29 09:52 - 2011-06-29 09:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2013-09-24 09:06 - 2013-09-24 09:06 - 00368640 _____ () C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 16:52 - 2010-03-22 16:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 00:20 - 2011-06-25 00:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-27 20:25 - 2011-06-27 20:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-25 00:21 - 2011-06-25 00:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2012-11-23 13:40 - 2012-11-23 13:40 - 03516416 _____ () C:\Program Files (x86)\OpenDownloaderManager\fdmbtsupp.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-07-02 11:39 - 2014-08-04 15:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-07-02 11:39 - 2014-08-04 15:15 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-07-02 11:39 - 2014-08-04 15:15 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-07-02 11:39 - 2014-08-04 15:15 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-02 11:39 - 2014-08-13 18:31 - 02144448 _____ () C:\Program Files (x86)\Steam\video.dll
2014-07-02 11:39 - 2014-08-04 15:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-07-02 11:39 - 2014-07-30 23:47 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-07-02 11:39 - 2014-08-13 18:30 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-02 11:39 - 2014-08-13 02:27 - 34587328 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 20:04 - 2014-08-13 02:27 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-08-17 22:54 - 2014-08-17 22:54 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-05-26 00:03 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-05-26 00:07 - 2012-01-20 12:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
2011-12-31 18:04 - 2011-12-31 18:04 - 00251688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
2011-12-31 18:04 - 2011-12-31 18:04 - 00891688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/23/2014 00:03:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2014 00:03:28 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 1
 
Error: (08/23/2014 03:52:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2014 03:52:06 AM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 1
 
Error: (08/22/2014 09:28:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/22/2014 09:27:57 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 1
 
Error: (08/22/2014 05:55:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mmc.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc808
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0x00000000
Fault offset: 0x000000000000940d
Faulting process id: 0x10cc
Faulting application start time: 0xmmc.exe0
Faulting application path: mmc.exe1
Faulting module path: mmc.exe2
Report Id: mmc.exe3
 
Error: (08/22/2014 05:45:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/22/2014 05:45:27 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 1
 
Error: (08/22/2014 05:36:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (08/23/2014 00:10:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
Error: (08/23/2014 00:08:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (08/23/2014 00:07:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/23/2014 03:59:01 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
Error: (08/23/2014 03:57:31 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (08/23/2014 03:55:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/22/2014 09:35:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
Error: (08/22/2014 09:33:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (08/22/2014 09:31:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/22/2014 05:51:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
 
Microsoft Office Sessions:
=========================
Error: (08/23/2014 00:03:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2014 00:03:28 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
Error: (08/23/2014 03:52:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2014 03:52:06 AM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
Error: (08/22/2014 09:28:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/22/2014 09:27:57 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
Error: (08/22/2014 05:55:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mmc.exe6.1.7600.163854a5bc808KERNELBASE.dll6.1.7601.184095315a05a00000000000000000000940d10cc01cfbe53a006fa15C:\Windows\system32\mmc.exeC:\Windows\system32\KERNELBASE.dll027d89e4-2a47-11e4-a937-c01885bc5d88
 
Error: (08/22/2014 05:45:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/22/2014 05:45:27 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
Error: (08/22/2014 05:36:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 58%
Total physical RAM: 6008.64 MB
Available physical RAM: 2489.43 MB
Total Pagefile: 12015.47 MB
Available Pagefile: 7600.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.91 GB) (Free:143.77 GB) NTFS
Drive d: (Sims3EP09) (CDROM) (Total:5.21 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 88E8EB63)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,078 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:14 PM

Posted 24 August 2014 - 06:40 AM

Hi cpdion,
 
We need to remove some programs with Revo Uninstaller Free:
 
Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
Ask Shopping Toolbar
McAfee Security Scan Plus
Pando Media Booster
Open Downloader Manager
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

--------------
 
We need to run a fix with FRST:

  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Copy and paste the script below in the notepad document:​
() C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
(Meskisift Corporatien) C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
(PowerCmd Software) C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
(Mesrisift Corporatien) C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
(CrystalIDEA Software) C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [obununuo] => C:\Users\Lisa\AppData\Local\pmrxciqb.exe [155648 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [uxsqumrq] => C:\Users\Lisa\AppData\Local\ftmbftun.exe [168448 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [wmxhmtrl] => C:\Users\Lisa\AppData\Local\lnxnrbjh.exe [117760 2014-08-03] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [fbffvguv] => C:\Users\Lisa\AppData\Local\ksqkmgfn.exe [145408 2014-08-04] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [dcvwmnif] => C:\Users\Lisa\AppData\Local\nqnvgvvj.exe [153600 2014-08-05] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [aabddxgj] => C:\Users\Lisa\AppData\Local\gxjiiqou.exe [153600 2014-08-06] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gcouijrg] => C:\Users\Lisa\AppData\Local\mtohoimn.exe [153600 2014-08-07] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [vdfxxgnd] => C:\Users\Lisa\AppData\Local\fmdvsdoh.exe [160768 2014-08-15] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bhouqppw] => C:\Users\Lisa\AppData\Local\wqwiwtfg.exe [162816 2014-08-16] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [edgslvdg] => C:\Users\Lisa\AppData\Local\jcgfjtoa.exe [165376 2014-08-17] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bexuvgqo] => C:\Users\Lisa\AppData\Local\ujlveuwg.exe [165376 2014-08-18] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Owemyxgau] => C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe [368640 2013-09-24] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [xwlukcal] => C:\Users\Lisa\AppData\Local\tgwxupsa.exe [164864 2014-08-19] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Gepeuninesuldy] => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [307322 2013-04-17] (Meskisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Iroxy] => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [460288 2014-03-13] (PowerCmd Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [jnoiuicb] => C:\Users\Lisa\AppData\Local\akxhcokx.exe [132096 2014-08-20] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Wyguosno] => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [308409 2014-05-25] (Mesrisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [putbocao] => C:\Users\Lisa\AppData\Local\wxpufssv.exe [132096 2014-08-21] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Buguicuzoltaa] => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [413184 2012-07-12] (CrystalIDEA Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gncbitsc] => C:\Users\Lisa\AppData\Local\imjkkxco.exe [132608 2014-08-22] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Igful] => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [277504 2012-07-19] (M1crosoft Corporation)
014-08-23 12:14 - 2014-08-23 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 392046224
2014-08-23 12:14 - 2014-08-23 12:14 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 392046224.job
2014-08-23 12:14 - 2014-08-23 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
14-08-23 04:20 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2038411680.job
2014-08-23 04:20 - 2014-08-23 04:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2038411680
2014-08-23 04:20 - 2014-08-23 04:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ydpyyny
2014-08-23 04:02 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3089754028.job
2014-08-23 04:02 - 2014-08-23 04:02 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3089754028
2014-08-23 04:02 - 2014-08-23 04:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubyfinv
2014-08-23 00:15 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2979509591.job
2014-08-23 00:15 - 2014-08-23 00:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2979509591
2014-08-23 00:15 - 2014-08-23 00:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Paaqnaes
2014-08-22 22:29 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2191080318.job
2014-08-22 22:29 - 2014-08-22 22:29 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2191080318
2014-08-22 22:29 - 2014-08-22 22:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Egihnil
2014-08-22 21:59 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1855888854.job
2014-08-22 21:59 - 2014-08-22 21:59 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1855888854
2014-08-22 21:59 - 2014-08-22 21:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Saviha
2014-08-22 21:40 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2194090041.job
2014-08-22 21:40 - 2014-08-22 21:40 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2194090041
2014-08-22 21:40 - 2014-08-22 21:40 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ymyneq
2014-08-22 16:58 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 371833040.job
2014-08-22 16:58 - 2014-08-22 16:58 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 371833040
2014-08-22 16:58 - 2014-08-22 16:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yzyfket
2014-08-22 16:05 - 2014-08-22 16:05 - 00132608 _____ () C:\Users\Lisa\AppData\Local\imjkkxco.exe
2014-08-22 16:04 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 3431837355.job
2014-08-22 16:04 - 2014-08-22 16:04 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 3431837355
2014-08-22 16:04 - 2014-08-22 16:04 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-22 06:20 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3488534018.job
2014-08-22 06:20 - 2014-08-22 06:20 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3488534018
2014-08-22 06:20 - 2014-08-22 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-22 06:18 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 966665472.job
2014-08-22 06:18 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3715843453.job
2014-08-22 06:18 - 2014-08-22 06:18 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 966665472
2014-08-22 06:18 - 2014-08-22 06:18 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3715843453
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwweaxag
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ircuuggu
2014-08-21 17:02 - 2014-08-21 17:02 - 00132096 _____ () C:\Users\Lisa\AppData\Local\wxpufssv.exe
2014-08-21 12:17 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1586098165.job
2014-08-21 12:17 - 2014-08-21 12:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1586098165
2014-08-21 12:17 - 2014-08-21 12:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Hutoite
2014-08-21 12:14 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 927385066.job
2014-08-21 12:14 - 2014-08-21 12:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 927385066
2014-08-21 12:14 - 2014-08-21 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-21 06:20 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2836356992.job
2014-08-21 06:20 - 2014-08-21 06:20 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2836356992
2014-08-21 06:20 - 2014-08-21 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afuxriap
2014-08-20 22:27 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 752820688.job
2014-08-20 22:27 - 2014-08-20 22:27 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 752820688
2014-08-20 22:27 - 2014-08-20 22:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peqiaz
2014-08-20 22:23 - 2014-08-20 22:23 - 00098304 _____ () C:\Users\Lisa\AppData\Local\hkiwuxep.exe
2014-08-20 22:10 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1640359643.job
2014-08-20 22:10 - 2014-08-20 22:10 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1640359643
2014-08-20 22:10 - 2014-08-20 22:10 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Adexve
2014-08-20 20:30 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2106932050.job
2014-08-20 20:30 - 2014-08-20 20:30 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2106932050
2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vauvqaz
2014-08-20 18:32 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3150405157.job
2014-08-20 18:32 - 2014-08-20 18:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3150405157
2014-08-20 18:32 - 2014-08-20 18:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igaxuvky
2014-08-20 17:54 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1355868994.job
2014-08-20 17:54 - 2014-08-20 17:54 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1355868994
2014-08-20 17:54 - 2014-08-20 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Odypops
2014-08-20 17:15 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2029705305.job
2014-08-20 17:15 - 2014-08-20 17:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2029705305
2014-08-20 17:15 - 2014-08-20 17:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Enecorly
2014-08-20 17:14 - 2014-08-20 17:14 - 00132096 _____ () C:\Users\Lisa\AppData\Local\akxhcokx.exe
2014-08-20 14:19 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104751866.job
2014-08-20 14:19 - 2014-08-20 14:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104751866
2014-08-20 14:19 - 2014-08-20 14:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Daryca
2014-08-20 13:51 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3983964077.job
2014-08-20 13:51 - 2014-08-20 13:51 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3983964077
2014-08-20 13:51 - 2014-08-20 13:51 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-20 12:27 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2479261886.job
2014-08-20 12:27 - 2014-08-20 12:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2479261886
2014-08-20 12:27 - 2014-08-20 12:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Esmony
2014-08-20 10:29 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2109373424.job
2014-08-20 10:29 - 2014-08-20 10:29 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2109373424
2014-08-20 10:29 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etlyedav
2014-08-20 09:53 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3942642799.job
2014-08-20 09:53 - 2014-08-20 09:53 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3942642799
2014-08-20 09:53 - 2014-08-20 09:53 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sapume
2014-08-20 09:33 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 418947291.job
2014-08-20 09:33 - 2014-08-20 09:33 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 418947291
2014-08-20 09:33 - 2014-08-20 09:33 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-20 01:55 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3338805954.job
2014-08-20 01:55 - 2014-08-20 01:55 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3338805954
2014-08-20 01:55 - 2014-08-20 01:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Owhodu
2014-08-20 01:52 - 2014-08-20 01:52 - 00086016 _____ () C:\Users\Lisa\AppData\Local\qjojndus.exe
2014-08-20 01:16 - 2014-08-20 02:05 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_2120
2014-08-20 00:59 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 846557512.job
2014-08-20 00:59 - 2014-08-20 00:59 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 846557512
2014-08-20 00:59 - 2014-08-20 00:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bypoudte
2014-08-19 23:20 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2498235418.job
2014-08-19 23:20 - 2014-08-19 23:20 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2498235418
2014-08-19 23:20 - 2014-08-19 23:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-19 23:17 - 2014-08-19 23:17 - 00122880 _____ () C:\Users\Lisa\AppData\Local\mplssuve.exe
2014-08-19 15:31 - 2014-08-19 15:31 - 00164864 _____ () C:\Users\Lisa\AppData\Local\tgwxupsa.exe
2014-08-19 08:28 - 2014-08-19 08:28 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_3EA
2014-08-18 22:22 - 2014-08-18 22:22 - 00086016 _____ () C:\Users\Lisa\AppData\Local\njjudrfv.exe
2014-08-18 21:48 - 2014-08-18 21:48 - 00086016 _____ () C:\Users\Lisa\AppData\Local\pxpnlkid.exe
2014-08-18 18:25 - 2014-08-18 18:25 - 00086016 _____ () C:\Users\Lisa\AppData\Local\adafhgir.exe
2014-08-18 17:54 - 2014-08-18 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exohrei
2014-08-18 17:02 - 2014-08-18 17:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-18 17:00 - 2014-08-18 17:00 - 00165376 _____ () C:\Users\Lisa\AppData\Local\ujlveuwg.exe
2014-08-18 09:59 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaenvuih
2014-08-18 03:32 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubykta
2014-08-18 00:27 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fabemo
2014-08-17 22:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xyzutob
2014-08-17 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ziqiadne
2014-08-17 20:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvdoeq
2014-08-17 18:31 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xoehhagu
2014-08-17 17:55 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ovitesdu
2014-08-17 16:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Emnihe
2014-08-17 14:27 - 2014-08-17 14:27 - 00165376 _____ () C:\Users\Lisa\AppData\Local\jcgfjtoa.exe
2014-08-17 12:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Efroav
2014-08-17 11:55 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Koqeaxwo
2014-08-17 04:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qybyvo
2014-08-17 02:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ettyyhro
2014-08-17 01:57 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Almoiw
2014-08-17 00:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fatakoi
2014-08-16 18:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Wyynda
2014-08-16 17:59 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ageqowb
2014-08-16 16:16 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Usypyw
2014-08-16 15:22 - 2014-08-16 15:22 - 00162816 _____ () C:\Users\Lisa\AppData\Local\wqwiwtfg.exe
2014-08-16 14:17 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Guxonita
2014-08-16 13:42 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yziwnozy
2014-08-16 12:35 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oxxiofv
2014-08-15 17:29 - 2014-08-15 17:29 - 00160768 _____ () C:\Users\Lisa\AppData\Local\fmdvsdoh.exe
2014-08-15 08:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ipkazi
2014-08-15 06:41 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gyunuqse
2014-08-15 06:38 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Omusdysa
2014-08-15 04:16 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sadyyvp
2014-08-13 22:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edupeze
2014-08-13 21:46 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fakayxki
2014-08-13 20:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lolued
2014-08-13 13:48 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Amuqbibi
2014-08-13 10:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Reyrnax
2014-08-13 09:50 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ismyziy
2014-08-13 08:27 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etdytiav
2014-08-13 06:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Okagcazi
2014-08-13 05:51 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zawyloo
2014-08-13 04:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itxaapky
2014-08-12 22:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itulere
2014-08-12 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Dybyneo
2014-08-12 20:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vinuvaav
2014-08-12 18:23 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ixhyafon
2014-08-11 22:18 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Cedoliu
2014-08-11 21:44 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozefuf
2014-08-11 21:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqoqofu
2014-08-11 18:20 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekikxic
2014-08-11 17:58 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Tofoiluz
2014-08-11 08:20 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwcugyi
2014-08-11 06:11 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peasrag
2014-08-11 06:09 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ynlyywo
2014-08-11 04:47 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvucha
2014-08-11 03:31 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kubuyqtu
2014-08-10 22:21 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycilhaa
2014-08-10 21:46 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kimebo
2014-08-10 20:21 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Voqiaqo
2014-08-10 18:22 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Pahubyyx
2014-08-10 17:48 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Rorahewi
2014-08-10 16:23 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Osofogif
2014-08-10 14:23 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nayhedr
2014-08-10 13:50 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kydeky
2014-08-10 12:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igtoaxyk
2014-08-10 10:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Giuwfu
2014-08-10 10:06 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqquqo
2014-08-10 06:24 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Niatuper
2014-08-10 05:49 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yfkiuwyl
2014-08-10 04:39 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aqgaovbo
2014-08-10 00:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nuhuwaug
2014-08-09 22:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afwyel
2014-08-09 21:51 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noydvup
2014-08-09 20:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Apiwaqmu
2014-08-09 18:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxqazua
2014-08-09 18:13 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwucmoy
2014-08-09 16:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Feofek
2014-08-09 14:25 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uparuvky
2014-08-07 22:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Asviohfi
2014-08-07 21:42 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvbuubn
2014-08-07 20:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ahyfaruq
2014-08-07 18:23 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ryfogiu
2014-08-07 17:46 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yduhdiix
2014-08-07 17:42 - 2014-08-07 17:42 - 00153600 _____ () C:\Users\Lisa\AppData\Local\mtohoimn.exe
2014-08-06 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Abpaax
2014-08-06 21:20 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exazus
2014-08-06 19:24 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Utuksu
2014-08-06 19:22 - 2014-08-06 19:22 - 00153600 _____ () C:\Users\Lisa\AppData\Local\gxjiiqou.exe
2014-08-05 22:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ygfoyr
2014-08-05 21:58 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edaqdi
2014-08-05 20:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biawisig
2014-08-05 18:29 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vealywr
2014-08-05 18:28 - 2014-08-05 18:28 - 00153600 _____ () C:\Users\Lisa\AppData\Local\nqnvgvvj.exe
2014-08-05 04:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqegxiw
2014-08-05 02:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozmicu
2014-08-05 01:43 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xuesyqu
2014-08-05 00:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ridiefc
2014-08-04 22:12 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aksuby
2014-08-04 21:42 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afsocah
2014-08-04 20:12 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Upyqxo
2014-08-04 18:13 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xihiyb
2014-08-04 18:11 - 2014-08-04 18:11 - 00145408 _____ () C:\Users\Lisa\AppData\Local\ksqkmgfn.exe
2014-08-03 22:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ywolukpe
2014-08-03 21:44 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqycam
2014-08-03 21:11 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zoitoh
2014-08-03 16:24 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bauwnyli
2014-08-03 14:51 - 2014-08-03 14:51 - 00117760 _____ () C:\Users\Lisa\AppData\Local\lnxnrbjh.exe
2014-08-03 03:48 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lagyanf
2014-08-02 15:17 - 2014-08-02 15:17 - 00168448 _____ () C:\Users\Lisa\AppData\Local\ftmbftun.exe
2014-08-02 09:49 - 2014-08-02 09:49 - 00036601 _____ () C:\Users\Lisa\AppData\Local\unnobmmk
2014-08-02 09:44 - 2014-08-02 09:44 - 00068609 _____ () C:\Users\Lisa\AppData\Local\rmfqannn
2014-08-02 09:42 - 2014-08-02 09:42 - 00155648 _____ () C:\Users\Lisa\AppData\Local\pmrxciqb.exe
C:\Users\Lisa\random.dat
C:\Users\Lisa\AppData\Local\Temp\speedupmypc.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_02f7a23a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_13e4dcab.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1bc98a7d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_21c5c48a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2ff04997.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3290907b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3395f225.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_35e998fa.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_554dd13d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfb770c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_61f087dd.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_64183c61.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7251dd4b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_79e97e1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_91aa4c9b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_939416b4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_95757909.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_96c95518.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_99c572f8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9a4a7529.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9ae80cde.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9f6d1442.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ad4b2921.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b2db83ae.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b316a696.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b32cfc92.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba5af972.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bbcdc72e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c88e7a0e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cddd4d1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d08fffb6.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d35b2564.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d40ecf34.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da798d03.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e3424573.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ef807fc3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f0690cee.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f1810c3b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f30fa441.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fabbe379.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fca2020d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fd9a4825.exe
Task: {05F00170-4698-4B3C-8054-EF2E1BCB1134} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {B5AACB6F-BF50-4246-A1CF-B69A36713BDB} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run.
  • Please copy and paste the log in your next reply.

--------------
 
Please re-run FRST from the desktop (like you did before), put a check in the box for Addition.txt under the optional scan, and press the scan button. It will produce a FRST.txt and an addition.txt log located on the desktop.  Please copy and paste the log into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Fixlog.txt
  • New FRST.txt
  • New Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,078 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:14 PM

Posted 28 August 2014 - 01:23 PM

Hi cpdion,
 
This is a 3 day bump:
 
It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 cpdion

cpdion
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:12:14 PM

Posted 29 August 2014 - 05:29 PM

Sorry for the delay. Also, when I tried posting it the first few times it kept saying an error that said "post_too_long" so i posted the Addition.txt in a separate post. Here is the stuff you need:

 

FIXLOG.TXT:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-08-2014 01

Ran by Lisa at 2014-08-29 17:57:26 Run:1
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
() C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
(Meskisift Corporatien) C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
(PowerCmd Software) C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
(Mesrisift Corporatien) C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
(CrystalIDEA Software) C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [obununuo] => C:\Users\Lisa\AppData\Local\pmrxciqb.exe [155648 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [uxsqumrq] => C:\Users\Lisa\AppData\Local\ftmbftun.exe [168448 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [wmxhmtrl] => C:\Users\Lisa\AppData\Local\lnxnrbjh.exe [117760 2014-08-03] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [fbffvguv] => C:\Users\Lisa\AppData\Local\ksqkmgfn.exe [145408 2014-08-04] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [dcvwmnif] => C:\Users\Lisa\AppData\Local\nqnvgvvj.exe [153600 2014-08-05] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [aabddxgj] => C:\Users\Lisa\AppData\Local\gxjiiqou.exe [153600 2014-08-06] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gcouijrg] => C:\Users\Lisa\AppData\Local\mtohoimn.exe [153600 2014-08-07] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [vdfxxgnd] => C:\Users\Lisa\AppData\Local\fmdvsdoh.exe [160768 2014-08-15] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bhouqppw] => C:\Users\Lisa\AppData\Local\wqwiwtfg.exe [162816 2014-08-16] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [edgslvdg] => C:\Users\Lisa\AppData\Local\jcgfjtoa.exe [165376 2014-08-17] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bexuvgqo] => C:\Users\Lisa\AppData\Local\ujlveuwg.exe [165376 2014-08-18] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Owemyxgau] => C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe [368640 2013-09-24] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [xwlukcal] => C:\Users\Lisa\AppData\Local\tgwxupsa.exe [164864 2014-08-19] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Gepeuninesuldy] => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [307322 2013-04-17] (Meskisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Iroxy] => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [460288 2014-03-13] (PowerCmd Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [jnoiuicb] => C:\Users\Lisa\AppData\Local\akxhcokx.exe [132096 2014-08-20] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Wyguosno] => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [308409 2014-05-25] (Mesrisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [putbocao] => C:\Users\Lisa\AppData\Local\wxpufssv.exe [132096 2014-08-21] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Buguicuzoltaa] => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [413184 2012-07-12] (CrystalIDEA Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gncbitsc] => C:\Users\Lisa\AppData\Local\imjkkxco.exe [132608 2014-08-22] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Igful] => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [277504 2012-07-19] (M1crosoft Corporation)
014-08-23 12:14 - 2014-08-23 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 392046224
2014-08-23 12:14 - 2014-08-23 12:14 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 392046224.job
2014-08-23 12:14 - 2014-08-23 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
14-08-23 04:20 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2038411680.job
2014-08-23 04:20 - 2014-08-23 04:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2038411680
2014-08-23 04:20 - 2014-08-23 04:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ydpyyny
2014-08-23 04:02 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3089754028.job
2014-08-23 04:02 - 2014-08-23 04:02 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3089754028
2014-08-23 04:02 - 2014-08-23 04:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubyfinv
2014-08-23 00:15 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2979509591.job
2014-08-23 00:15 - 2014-08-23 00:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2979509591
2014-08-23 00:15 - 2014-08-23 00:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Paaqnaes
2014-08-22 22:29 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2191080318.job
2014-08-22 22:29 - 2014-08-22 22:29 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2191080318
2014-08-22 22:29 - 2014-08-22 22:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Egihnil
2014-08-22 21:59 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1855888854.job
2014-08-22 21:59 - 2014-08-22 21:59 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1855888854
2014-08-22 21:59 - 2014-08-22 21:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Saviha
2014-08-22 21:40 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2194090041.job
2014-08-22 21:40 - 2014-08-22 21:40 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2194090041
2014-08-22 21:40 - 2014-08-22 21:40 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ymyneq
2014-08-22 16:58 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 371833040.job
2014-08-22 16:58 - 2014-08-22 16:58 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 371833040
2014-08-22 16:58 - 2014-08-22 16:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yzyfket
2014-08-22 16:05 - 2014-08-22 16:05 - 00132608 _____ () C:\Users\Lisa\AppData\Local\imjkkxco.exe
2014-08-22 16:04 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 3431837355.job
2014-08-22 16:04 - 2014-08-22 16:04 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 3431837355
2014-08-22 16:04 - 2014-08-22 16:04 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-22 06:20 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3488534018.job
2014-08-22 06:20 - 2014-08-22 06:20 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3488534018
2014-08-22 06:20 - 2014-08-22 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-22 06:18 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 966665472.job
2014-08-22 06:18 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3715843453.job
2014-08-22 06:18 - 2014-08-22 06:18 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 966665472
2014-08-22 06:18 - 2014-08-22 06:18 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3715843453
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwweaxag
2014-08-22 06:18 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ircuuggu
2014-08-21 17:02 - 2014-08-21 17:02 - 00132096 _____ () C:\Users\Lisa\AppData\Local\wxpufssv.exe
2014-08-21 12:17 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1586098165.job
2014-08-21 12:17 - 2014-08-21 12:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1586098165
2014-08-21 12:17 - 2014-08-21 12:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Hutoite
2014-08-21 12:14 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 927385066.job
2014-08-21 12:14 - 2014-08-21 12:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 927385066
2014-08-21 12:14 - 2014-08-21 12:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-21 06:20 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2836356992.job
2014-08-21 06:20 - 2014-08-21 06:20 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2836356992
2014-08-21 06:20 - 2014-08-21 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afuxriap
2014-08-20 22:27 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 752820688.job
2014-08-20 22:27 - 2014-08-20 22:27 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 752820688
2014-08-20 22:27 - 2014-08-20 22:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peqiaz
2014-08-20 22:23 - 2014-08-20 22:23 - 00098304 _____ () C:\Users\Lisa\AppData\Local\hkiwuxep.exe
2014-08-20 22:10 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1640359643.job
2014-08-20 22:10 - 2014-08-20 22:10 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1640359643
2014-08-20 22:10 - 2014-08-20 22:10 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Adexve
2014-08-20 20:30 - 2014-08-23 05:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2106932050.job
2014-08-20 20:30 - 2014-08-20 20:30 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2106932050
2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vauvqaz
2014-08-20 18:32 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3150405157.job
2014-08-20 18:32 - 2014-08-20 18:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3150405157
2014-08-20 18:32 - 2014-08-20 18:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igaxuvky
2014-08-20 17:54 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1355868994.job
2014-08-20 17:54 - 2014-08-20 17:54 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1355868994
2014-08-20 17:54 - 2014-08-20 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Odypops
2014-08-20 17:15 - 2014-08-23 05:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2029705305.job
2014-08-20 17:15 - 2014-08-20 17:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2029705305
2014-08-20 17:15 - 2014-08-20 17:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Enecorly
2014-08-20 17:14 - 2014-08-20 17:14 - 00132096 _____ () C:\Users\Lisa\AppData\Local\akxhcokx.exe
2014-08-20 14:19 - 2014-08-23 05:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104751866.job
2014-08-20 14:19 - 2014-08-20 14:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104751866
2014-08-20 14:19 - 2014-08-20 14:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Daryca
2014-08-20 13:51 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3983964077.job
2014-08-20 13:51 - 2014-08-20 13:51 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3983964077
2014-08-20 13:51 - 2014-08-20 13:51 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-20 12:27 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2479261886.job
2014-08-20 12:27 - 2014-08-20 12:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2479261886
2014-08-20 12:27 - 2014-08-20 12:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Esmony
2014-08-20 10:29 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2109373424.job
2014-08-20 10:29 - 2014-08-20 10:29 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2109373424
2014-08-20 10:29 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etlyedav
2014-08-20 09:53 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3942642799.job
2014-08-20 09:53 - 2014-08-20 09:53 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3942642799
2014-08-20 09:53 - 2014-08-20 09:53 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sapume
2014-08-20 09:33 - 2014-08-23 05:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 418947291.job
2014-08-20 09:33 - 2014-08-20 09:33 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 418947291
2014-08-20 09:33 - 2014-08-20 09:33 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-20 01:55 - 2014-08-23 05:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3338805954.job
2014-08-20 01:55 - 2014-08-20 01:55 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3338805954
2014-08-20 01:55 - 2014-08-20 01:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Owhodu
2014-08-20 01:52 - 2014-08-20 01:52 - 00086016 _____ () C:\Users\Lisa\AppData\Local\qjojndus.exe
2014-08-20 01:16 - 2014-08-20 02:05 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_2120
2014-08-20 00:59 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 846557512.job
2014-08-20 00:59 - 2014-08-20 00:59 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 846557512
2014-08-20 00:59 - 2014-08-20 00:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bypoudte
2014-08-19 23:20 - 2014-08-23 05:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2498235418.job
2014-08-19 23:20 - 2014-08-19 23:20 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2498235418
2014-08-19 23:20 - 2014-08-19 23:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-19 23:17 - 2014-08-19 23:17 - 00122880 _____ () C:\Users\Lisa\AppData\Local\mplssuve.exe
2014-08-19 15:31 - 2014-08-19 15:31 - 00164864 _____ () C:\Users\Lisa\AppData\Local\tgwxupsa.exe
2014-08-19 08:28 - 2014-08-19 08:28 - 00000000 ____D () C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_3EA
2014-08-18 22:22 - 2014-08-18 22:22 - 00086016 _____ () C:\Users\Lisa\AppData\Local\njjudrfv.exe
2014-08-18 21:48 - 2014-08-18 21:48 - 00086016 _____ () C:\Users\Lisa\AppData\Local\pxpnlkid.exe
2014-08-18 18:25 - 2014-08-18 18:25 - 00086016 _____ () C:\Users\Lisa\AppData\Local\adafhgir.exe
2014-08-18 17:54 - 2014-08-18 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exohrei
2014-08-18 17:02 - 2014-08-18 17:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-18 17:00 - 2014-08-18 17:00 - 00165376 _____ () C:\Users\Lisa\AppData\Local\ujlveuwg.exe
2014-08-18 09:59 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaenvuih
2014-08-18 03:32 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubykta
2014-08-18 00:27 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fabemo
2014-08-17 22:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xyzutob
2014-08-17 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ziqiadne
2014-08-17 20:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvdoeq
2014-08-17 18:31 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xoehhagu
2014-08-17 17:55 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ovitesdu
2014-08-17 16:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Emnihe
2014-08-17 14:27 - 2014-08-17 14:27 - 00165376 _____ () C:\Users\Lisa\AppData\Local\jcgfjtoa.exe
2014-08-17 12:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Efroav
2014-08-17 11:55 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Koqeaxwo
2014-08-17 04:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qybyvo
2014-08-17 02:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ettyyhro
2014-08-17 01:57 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Almoiw
2014-08-17 00:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fatakoi
2014-08-16 18:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Wyynda
2014-08-16 17:59 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ageqowb
2014-08-16 16:16 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Usypyw
2014-08-16 15:22 - 2014-08-16 15:22 - 00162816 _____ () C:\Users\Lisa\AppData\Local\wqwiwtfg.exe
2014-08-16 14:17 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Guxonita
2014-08-16 13:42 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yziwnozy
2014-08-16 12:35 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oxxiofv
2014-08-15 17:29 - 2014-08-15 17:29 - 00160768 _____ () C:\Users\Lisa\AppData\Local\fmdvsdoh.exe
2014-08-15 08:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ipkazi
2014-08-15 06:41 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gyunuqse
2014-08-15 06:38 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Omusdysa
2014-08-15 04:16 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sadyyvp
2014-08-13 22:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edupeze
2014-08-13 21:46 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fakayxki
2014-08-13 20:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lolued
2014-08-13 13:48 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Amuqbibi
2014-08-13 10:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Reyrnax
2014-08-13 09:50 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ismyziy
2014-08-13 08:27 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etdytiav
2014-08-13 06:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Okagcazi
2014-08-13 05:51 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zawyloo
2014-08-13 04:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itxaapky
2014-08-12 22:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Itulere
2014-08-12 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Dybyneo
2014-08-12 20:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vinuvaav
2014-08-12 18:23 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ixhyafon
2014-08-11 22:18 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Cedoliu
2014-08-11 21:44 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozefuf
2014-08-11 21:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqoqofu
2014-08-11 18:20 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekikxic
2014-08-11 17:58 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Tofoiluz
2014-08-11 08:20 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwcugyi
2014-08-11 06:11 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peasrag
2014-08-11 06:09 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ynlyywo
2014-08-11 04:47 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvucha
2014-08-11 03:31 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kubuyqtu
2014-08-10 22:21 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycilhaa
2014-08-10 21:46 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kimebo
2014-08-10 20:21 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Voqiaqo
2014-08-10 18:22 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Pahubyyx
2014-08-10 17:48 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Rorahewi
2014-08-10 16:23 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Osofogif
2014-08-10 14:23 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nayhedr
2014-08-10 13:50 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kydeky
2014-08-10 12:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igtoaxyk
2014-08-10 10:29 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Giuwfu
2014-08-10 10:06 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqquqo
2014-08-10 06:24 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Niatuper
2014-08-10 05:49 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yfkiuwyl
2014-08-10 04:39 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aqgaovbo
2014-08-10 00:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nuhuwaug
2014-08-09 22:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afwyel
2014-08-09 21:51 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noydvup
2014-08-09 20:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Apiwaqmu
2014-08-09 18:26 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxqazua
2014-08-09 18:13 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwucmoy
2014-08-09 16:28 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Feofek
2014-08-09 14:25 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uparuvky
2014-08-07 22:16 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Asviohfi
2014-08-07 21:42 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yvbuubn
2014-08-07 20:25 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ahyfaruq
2014-08-07 18:23 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ryfogiu
2014-08-07 17:46 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yduhdiix
2014-08-07 17:42 - 2014-08-07 17:42 - 00153600 _____ () C:\Users\Lisa\AppData\Local\mtohoimn.exe
2014-08-06 21:54 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Abpaax
2014-08-06 21:20 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exazus
2014-08-06 19:24 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Utuksu
2014-08-06 19:22 - 2014-08-06 19:22 - 00153600 _____ () C:\Users\Lisa\AppData\Local\gxjiiqou.exe
2014-08-05 22:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ygfoyr
2014-08-05 21:58 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Edaqdi
2014-08-05 20:15 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biawisig
2014-08-05 18:29 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vealywr
2014-08-05 18:28 - 2014-08-05 18:28 - 00153600 _____ () C:\Users\Lisa\AppData\Local\nqnvgvvj.exe
2014-08-05 04:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uqegxiw
2014-08-05 02:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ozmicu
2014-08-05 01:43 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xuesyqu
2014-08-05 00:13 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ridiefc
2014-08-04 22:12 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Aksuby
2014-08-04 21:42 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afsocah
2014-08-04 20:12 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Upyqxo
2014-08-04 18:13 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xihiyb
2014-08-04 18:11 - 2014-08-04 18:11 - 00145408 _____ () C:\Users\Lisa\AppData\Local\ksqkmgfn.exe
2014-08-03 22:14 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ywolukpe
2014-08-03 21:44 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqycam
2014-08-03 21:11 - 2014-08-18 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Zoitoh
2014-08-03 16:24 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bauwnyli
2014-08-03 14:51 - 2014-08-03 14:51 - 00117760 _____ () C:\Users\Lisa\AppData\Local\lnxnrbjh.exe
2014-08-03 03:48 - 2014-08-18 18:26 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lagyanf
2014-08-02 15:17 - 2014-08-02 15:17 - 00168448 _____ () C:\Users\Lisa\AppData\Local\ftmbftun.exe
2014-08-02 09:49 - 2014-08-02 09:49 - 00036601 _____ () C:\Users\Lisa\AppData\Local\unnobmmk
2014-08-02 09:44 - 2014-08-02 09:44 - 00068609 _____ () C:\Users\Lisa\AppData\Local\rmfqannn
2014-08-02 09:42 - 2014-08-02 09:42 - 00155648 _____ () C:\Users\Lisa\AppData\Local\pmrxciqb.exe
C:\Users\Lisa\random.dat
C:\Users\Lisa\AppData\Local\Temp\speedupmypc.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_02f7a23a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_13e4dcab.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1bc98a7d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_21c5c48a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2ff04997.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3290907b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3395f225.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_35e998fa.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_554dd13d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfb770c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_61f087dd.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_64183c61.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7251dd4b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_79e97e1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_91aa4c9b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_939416b4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_95757909.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_96c95518.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_99c572f8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9a4a7529.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9ae80cde.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9f6d1442.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ad4b2921.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b2db83ae.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b316a696.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b32cfc92.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba5af972.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bbcdc72e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c88e7a0e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cddd4d1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d08fffb6.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d35b2564.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d40ecf34.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da798d03.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e3424573.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ef807fc3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f0690cee.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f1810c3b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f30fa441.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fabbe379.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fca2020d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fd9a4825.exe
Task: {05F00170-4698-4B3C-8054-EF2E1BCB1134} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {B5AACB6F-BF50-4246-A1CF-B69A36713BDB} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
*****************
 
[6344] C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe => Process closed successfully.
[6360] C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe => Process closed successfully.
[6448] C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe => Process closed successfully.
[6484] C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe => Process closed successfully.
[6528] C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe => Process closed successfully.
[6556] C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe => Process closed successfully.
C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe => No running process found
C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe => No running process found
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\obununuo => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uxsqumrq => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\wmxhmtrl => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fbffvguv => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\dcvwmnif => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\aabddxgj => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\gcouijrg => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\vdfxxgnd => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\bhouqppw => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\edgslvdg => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\bexuvgqo => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Owemyxgau => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\xwlukcal => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Gepeuninesuldy => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Iroxy => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\jnoiuicb => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Wyguosno => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\putbocao => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Buguicuzoltaa => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\gncbitsc => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Igful => value deleted successfully.
014-08-23 12:14 - 2014-08-23 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 392046224 => Error: No automatic fix found for this entry.
C:\Windows\Tasks\Security Center Update - 392046224.job => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Anogiva => Moved successfully.
14-08-23 04:20 - 2014-08-23 05:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2038411680.job => Error: No automatic fix found for this entry.
C:\Windows\System32\Tasks\Security Center Update - 2038411680 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ydpyyny => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3089754028.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3089754028 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ubyfinv => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2979509591.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2979509591 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Paaqnaes => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2191080318.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2191080318 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Egihnil => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1855888854.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 1855888854 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Saviha => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2194090041.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2194090041 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ymyneq => Moved successfully.
C:\Windows\Tasks\Security Center Update - 371833040.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 371833040 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yzyfket => Moved successfully.
C:\Users\Lisa\AppData\Local\imjkkxco.exe => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3431837355.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3431837355 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Arloedyd => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3488534018.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3488534018 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ulaqbeq => Moved successfully.
C:\Windows\Tasks\Security Center Update - 966665472.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3715843453.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 966665472 => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3715843453 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Uwweaxag => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ircuuggu => Moved successfully.
C:\Users\Lisa\AppData\Local\wxpufssv.exe => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1586098165.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 1586098165 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Hutoite => Moved successfully.
C:\Windows\Tasks\Security Center Update - 927385066.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 927385066 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vaaplo => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2836356992.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2836356992 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Afuxriap => Moved successfully.
C:\Windows\Tasks\Security Center Update - 752820688.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 752820688 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Peqiaz => Moved successfully.
C:\Users\Lisa\AppData\Local\hkiwuxep.exe => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1640359643.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 1640359643 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Adexve => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2106932050.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2106932050 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vauvqaz => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3150405157.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3150405157 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Igaxuvky => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1355868994.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 1355868994 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Odypops => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2029705305.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2029705305 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Enecorly => Moved successfully.
C:\Users\Lisa\AppData\Local\akxhcokx.exe => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2104751866.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2104751866 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Daryca => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3983964077.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3983964077 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yrpeqiod => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2479261886.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2479261886 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Esmony => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2109373424.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2109373424 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Etlyedav => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3942642799.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3942642799 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Sapume => Moved successfully.
C:\Windows\Tasks\Security Center Update - 418947291.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 418947291 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yxozerak => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3338805954.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 3338805954 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Owhodu => Moved successfully.
C:\Users\Lisa\AppData\Local\qjojndus.exe => Moved successfully.
C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_2120 => Moved successfully.
C:\Windows\Tasks\Security Center Update - 846557512.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 846557512 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Bypoudte => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2498235418.job => Moved successfully.
C:\Windows\System32\Tasks\Security Center Update - 2498235418 => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Xumoovp => Moved successfully.
C:\Users\Lisa\AppData\Local\mplssuve.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\tgwxupsa.exe => Moved successfully.
C:\Users\Lisa\AppData\OICE_15_974FA576_32C1D314_3EA => Moved successfully.
C:\Users\Lisa\AppData\Local\njjudrfv.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\pxpnlkid.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\adafhgir.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Exohrei => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vesookde => Moved successfully.
C:\Users\Lisa\AppData\Local\ujlveuwg.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vaenvuih => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ubykta => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Fabemo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Xyzutob => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ziqiadne => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yvdoeq => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Xoehhagu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ovitesdu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Emnihe => Moved successfully.
C:\Users\Lisa\AppData\Local\jcgfjtoa.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Efroav => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Koqeaxwo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Qybyvo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ettyyhro => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Almoiw => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Fatakoi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Wyynda => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ageqowb => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Usypyw => Moved successfully.
C:\Users\Lisa\AppData\Local\wqwiwtfg.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Guxonita => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yziwnozy => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Oxxiofv => Moved successfully.
C:\Users\Lisa\AppData\Local\fmdvsdoh.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ipkazi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Gyunuqse => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Omusdysa => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Sadyyvp => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Edupeze => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Fakayxki => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Lolued => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Amuqbibi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Reyrnax => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ismyziy => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Etdytiav => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Okagcazi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Zawyloo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Itxaapky => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Itulere => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Dybyneo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vinuvaav => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ixhyafon => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Cedoliu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ozefuf => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Uqoqofu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ekikxic => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Tofoiluz => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Uwcugyi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Peasrag => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ynlyywo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yvucha => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Kubuyqtu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ycilhaa => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Kimebo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Voqiaqo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Pahubyyx => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Rorahewi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Osofogif => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Nayhedr => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Kydeky => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Igtoaxyk => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Giuwfu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yqquqo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Niatuper => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yfkiuwyl => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Aqgaovbo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Nuhuwaug => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Afwyel => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Noydvup => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Apiwaqmu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yxqazua => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Uwucmoy => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Feofek => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Uparuvky => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Asviohfi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yvbuubn => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ahyfaruq => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ryfogiu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yduhdiix => Moved successfully.
C:\Users\Lisa\AppData\Local\mtohoimn.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Abpaax => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Exazus => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Utuksu => Moved successfully.
C:\Users\Lisa\AppData\Local\gxjiiqou.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ygfoyr => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Edaqdi => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Biawisig => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vealywr => Moved successfully.
C:\Users\Lisa\AppData\Local\nqnvgvvj.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Uqegxiw => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ozmicu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Xuesyqu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ridiefc => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Aksuby => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Afsocah => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Upyqxo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Xihiyb => Moved successfully.
C:\Users\Lisa\AppData\Local\ksqkmgfn.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ywolukpe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Oqycam => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Zoitoh => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Bauwnyli => Moved successfully.
C:\Users\Lisa\AppData\Local\lnxnrbjh.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Lagyanf => Moved successfully.
C:\Users\Lisa\AppData\Local\ftmbftun.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\unnobmmk => Moved successfully.
C:\Users\Lisa\AppData\Local\rmfqannn => Moved successfully.
C:\Users\Lisa\AppData\Local\pmrxciqb.exe => Moved successfully.
C:\Users\Lisa\random.dat => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\speedupmypc.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_02f7a23a.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_13e4dcab.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1bc98a7d.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_21c5c48a.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2ff04997.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3290907b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3395f225.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_35e998fa.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_554dd13d.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfb770c.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_61f087dd.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_64183c61.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7251dd4b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_79e97e1b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_91aa4c9b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_939416b4.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_95757909.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_96c95518.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_99c572f8.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9a4a7529.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9ae80cde.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9f6d1442.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ad4b2921.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b2db83ae.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b316a696.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b32cfc92.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba5af972.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bbcdc72e.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c88e7a0e.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cddd4d1b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d08fffb6.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d35b2564.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d40ecf34.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da798d03.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e3424573.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ef807fc3.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f0690cee.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f1810c3b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f30fa441.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fabbe379.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fca2020d.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fd9a4825.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05F00170-4698-4B3C-8054-EF2E1BCB1134}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05F00170-4698-4B3C-8054-EF2E1BCB1134}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5AACB6F-BF50-4246-A1CF-B69A36713BDB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5AACB6F-BF50-4246-A1CF-B69A36713BDB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully.
 
==== End of Fixlog ====
 
 
  • New FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-08-2014 01

Ran by Lisa (administrator) on LISA-PC on 29-08-2014 18:03:20
Running from C:\Users\Lisa\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe
(Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe
(Intel Corporation) C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PowerCmd Software) C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
(Meskisift Corporatien) C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
(Mesrisift Corporatien) C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
(CrystalIDEA Software) C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-01-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-14] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4365984 2012-03-12] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-03-16] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Facebook Update] => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-15] (Facebook Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-05] (Electronic Arts)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [GoogleChromeAutoLaunch_A963AF10D41C891DDF74F25191F896A3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-06-28] (Google Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [qilxqfpd] => C:\Users\Lisa\AppData\Local\talgsuxx.exe [128000 2014-08-23] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Loelube] => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe [305365 2013-03-27] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ofqhhawe] => C:\Users\Lisa\AppData\Local\ganhlhfs.exe [128000 2014-08-24] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ecxorwrb] => C:\Users\Lisa\AppData\Local\njtppoqg.exe [125952 2014-08-25] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Saevdiykpeobub] => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe [305229 2013-12-27] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Awzuirufz] => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe [464896 2014-03-30] (Intel Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [hgrgqovo] => C:\Users\Lisa\AppData\Local\hcrkepvr.exe [125440 2014-08-26] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [obqnkhxm] => C:\Users\Lisa\AppData\Local\gjmbilpu.exe [114688 2014-08-27] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Haysyf] => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe [300748 2014-07-23] (Mesrosifm Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [btngfjql] => C:\Users\Lisa\AppData\Local\moavlcis.exe [115712 2014-08-28] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Piweibi] => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe [304140 2014-03-13] (Antony Lewis)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [kshowwqt] => C:\Users\Lisa\AppData\Local\aejrupmi.exe [115200 2014-08-29] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Iroxy] => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [460288 2014-08-29] (PowerCmd Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Buguicuzoltaa] => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [413184 2014-08-29] (CrystalIDEA Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Wyguosno] => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [308409 2014-08-29] (Mesrisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Gepeuninesuldy] => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [307322 2014-08-29] (Meskisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Owemyxgau] => C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe [368640 2014-08-29] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Igful] => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [277504 2014-08-29] (M1crosoft Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\MountPoints2: {2f949a7c-b3b4-11e3-9791-c01885bc5d88} - E:\LG_PC_Programs.exe
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1010 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1010 series.lnk -> C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3F9B7245-D3E7-43AD-A837-9886B9105873} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US440&p={SearchTerms}
SearchScopes: HKCU - {3F9B7245-D3E7-43AD-A837-9886B9105873} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US440&p={SearchTerms}
SearchScopes: HKCU - {C2AB3595-E55C-42A0-B934-70A8A1C42D2D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Lisa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Lisa\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-07-04]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-07-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-10]
CHR Extension: (MapsGalaxy) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb [2014-08-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\McAfee\MSC\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-03-16] (Dell Inc.) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
U3 mfeapfk01; No ImagePath
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTPASp50a64; System32\Drivers\NTPASp50a64.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-29 18:03 - 2014-08-29 18:06 - 00032404 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-29 17:57 - 2014-08-29 17:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-29 17:53 - 2014-08-29 17:53 - 02103808 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-08-29 17:07 - 2014-08-29 17:07 - 00001270 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-29 17:06 - 2014-08-29 17:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup.exe
2014-08-29 16:56 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3449893434.job
2014-08-29 16:56 - 2014-08-29 16:56 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3449893434
2014-08-29 16:56 - 2014-08-29 16:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gybywaa
2014-08-29 16:54 - 2014-08-29 16:54 - 00115200 _____ () C:\Users\Lisa\AppData\Local\aejrupmi.exe
2014-08-29 16:53 - 2014-08-29 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-28 22:21 - 2014-08-29 18:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3014236961.job
2014-08-28 22:21 - 2014-08-28 22:21 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3014236961
2014-08-28 22:21 - 2014-08-28 22:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Toedqiom
2014-08-28 21:42 - 2014-08-28 21:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\wrfkjolv.exe
2014-08-28 20:21 - 2014-08-29 18:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2135597057.job
2014-08-28 20:21 - 2014-08-28 20:21 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2135597057
2014-08-28 20:21 - 2014-08-28 20:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoavh
2014-08-28 18:20 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1379205928.job
2014-08-28 18:20 - 2014-08-28 18:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1379205928
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nihaezu
2014-08-28 17:46 - 2014-08-29 18:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 788173007.job
2014-08-28 17:46 - 2014-08-28 17:46 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 788173007
2014-08-28 17:46 - 2014-08-28 17:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biahfoda
2014-08-28 17:06 - 2014-08-28 17:06 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3914522974
2014-08-28 17:05 - 2014-08-29 18:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3914522974.job
2014-08-28 17:05 - 2014-08-28 17:05 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuzaxu
2014-08-28 17:03 - 2014-08-28 17:03 - 00115712 _____ () C:\Users\Lisa\AppData\Local\moavlcis.exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\lftxadmu.exe
2014-08-27 21:44 - 2014-08-27 21:44 - 00094208 _____ () C:\Users\Lisa\AppData\Local\fdbujjkg.exe
2014-08-27 20:19 - 2014-08-27 20:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\xlooherw.exe
2014-08-27 18:24 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3503357704.job
2014-08-27 18:24 - 2014-08-27 18:24 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3503357704
2014-08-27 18:24 - 2014-08-27 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Olefby
2014-08-27 17:50 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2425577634.job
2014-08-27 17:50 - 2014-08-27 17:50 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2425577634
2014-08-27 17:50 - 2014-08-27 17:50 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ysoviw
2014-08-27 17:11 - 2014-08-27 17:12 - 145417920 _____ (Intel Corporation) C:\Users\Lisa\Downloads\Win64_152822.exe
2014-08-27 17:08 - 2014-08-27 17:08 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SystemRequirementsLab
2014-08-27 17:04 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 17:04 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 17:04 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 17:03 - 2014-08-29 18:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 4249854711.job
2014-08-27 17:03 - 2014-08-27 17:03 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 4249854711
2014-08-27 17:03 - 2014-08-27 17:03 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fiefra
2014-08-27 17:01 - 2014-08-27 17:01 - 00114688 _____ () C:\Users\Lisa\AppData\Local\gjmbilpu.exe
2014-08-26 22:23 - 2014-08-29 18:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3828944963.job
2014-08-26 22:23 - 2014-08-26 22:23 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3828944963
2014-08-26 22:23 - 2014-08-26 22:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qaofywx
2014-08-26 21:49 - 2014-08-29 18:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1345943332.job
2014-08-26 21:49 - 2014-08-26 21:49 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1345943332
2014-08-26 21:49 - 2014-08-26 21:49 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Katali
2014-08-26 20:22 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1156754490.job
2014-08-26 20:22 - 2014-08-26 20:22 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1156754490
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhiqol
2014-08-26 18:18 - 2014-08-29 18:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2808920971.job
2014-08-26 18:18 - 2014-08-26 18:18 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2808920971
2014-08-26 18:18 - 2014-08-26 18:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ohyduza
2014-08-26 17:44 - 2014-08-29 18:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1758301648.job
2014-08-26 17:44 - 2014-08-26 17:44 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1758301648
2014-08-26 17:44 - 2014-08-26 17:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Imifuba
2014-08-26 16:19 - 2014-08-29 18:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2458895620.job
2014-08-26 16:19 - 2014-08-26 16:19 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2458895620
2014-08-26 16:19 - 2014-08-26 16:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Umkidyo
2014-08-26 15:55 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 772651449.job
2014-08-26 15:55 - 2014-08-26 15:55 - 00125440 _____ () C:\Users\Lisa\AppData\Local\hcrkepvr.exe
2014-08-26 15:55 - 2014-08-26 15:55 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 772651449
2014-08-26 15:55 - 2014-08-26 15:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qiyvarc
2014-08-26 08:10 - 2014-08-26 08:10 - 00094208 _____ () C:\Users\Lisa\AppData\Local\dlkdlnni.exe
2014-08-26 07:43 - 2014-08-26 07:43 - 00155648 _____ () C:\Users\Lisa\Downloads\CH15_Test_Bank.wiz
2014-08-26 07:42 - 2014-08-26 07:42 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank (1).wiz
2014-08-26 07:41 - 2014-08-26 07:41 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank.wiz
2014-08-26 07:32 - 2014-08-26 07:32 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oqoiqlgm.exe
2014-08-25 22:14 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3801360562.job
2014-08-25 22:14 - 2014-08-25 22:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3801360562
2014-08-25 22:14 - 2014-08-25 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqexsof
2014-08-25 21:57 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1399807146.job
2014-08-25 21:57 - 2014-08-25 21:57 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1399807146
2014-08-25 21:57 - 2014-08-25 21:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ostyhu
2014-08-25 20:15 - 2014-08-29 18:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104485432.job
2014-08-25 20:15 - 2014-08-25 20:15 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104485432
2014-08-25 20:15 - 2014-08-25 20:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bynual
2014-08-25 18:16 - 2014-08-29 18:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3323728016.job
2014-08-25 18:16 - 2014-08-25 18:16 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3323728016
2014-08-25 18:16 - 2014-08-25 18:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ifkewubu
2014-08-25 17:59 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1574700934.job
2014-08-25 17:59 - 2014-08-25 17:59 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1574700934
2014-08-25 17:59 - 2014-08-25 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqiluq
2014-08-25 16:52 - 2014-08-29 18:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2488743118.job
2014-08-25 16:52 - 2014-08-25 16:52 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2488743118
2014-08-25 16:52 - 2014-08-25 16:52 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycohumu
2014-08-25 15:22 - 2014-08-29 18:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 1956719661.job
2014-08-25 15:22 - 2014-08-25 15:22 - 00125952 _____ () C:\Users\Lisa\AppData\Local\njtppoqg.exe
2014-08-25 15:22 - 2014-08-25 15:22 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 1956719661
2014-08-25 15:22 - 2014-08-25 15:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuveyfb
2014-08-24 22:14 - 2014-08-29 18:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2007530802.job
2014-08-24 22:14 - 2014-08-24 22:14 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2007530802
2014-08-24 22:14 - 2014-08-24 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lyarogu
2014-08-24 20:16 - 2014-08-29 18:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 2852106250.job
2014-08-24 20:16 - 2014-08-24 20:16 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 2852106250
2014-08-24 20:16 - 2014-08-24 20:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Irezro
2014-08-24 17:45 - 2014-08-29 18:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 3755073792.job
2014-08-24 17:45 - 2014-08-24 17:45 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 3755073792
2014-08-24 17:45 - 2014-08-24 17:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Woosyb
2014-08-24 16:23 - 2014-08-29 18:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 779965912.job
2014-08-24 16:23 - 2014-08-24 16:23 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 779965912
2014-08-24 16:23 - 2014-08-24 16:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekkoevne
2014-08-24 15:45 - 2014-08-24 15:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\ganhlhfs.exe
2014-08-24 14:15 - 2014-08-29 18:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 1492308399.job
2014-08-24 14:15 - 2014-08-24 14:15 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 1492308399
2014-08-24 14:15 - 2014-08-24 14:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Siidraf
2014-08-24 13:44 - 2014-08-29 18:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3723582334.job
2014-08-24 13:44 - 2014-08-24 13:44 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3723582334
2014-08-24 13:44 - 2014-08-24 13:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Riybubcy
2014-08-24 12:19 - 2014-08-29 18:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2322726845.job
2014-08-24 12:19 - 2014-08-24 12:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2322726845
2014-08-24 12:19 - 2014-08-24 12:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Faqooh
2014-08-24 10:17 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 799365013.job
2014-08-24 10:17 - 2014-08-24 10:17 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 799365013
2014-08-24 10:17 - 2014-08-24 10:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Obdyva
2014-08-24 09:42 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3042525643.job
2014-08-24 09:42 - 2014-08-24 09:42 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3042525643
2014-08-24 09:42 - 2014-08-24 09:42 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhihcox
2014-08-24 08:17 - 2014-08-29 18:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 709702460.job
2014-08-24 08:17 - 2014-08-24 08:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 709702460
2014-08-24 08:17 - 2014-08-24 08:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ruusaky
2014-08-24 06:27 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 337695781.job
2014-08-24 06:27 - 2014-08-24 06:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 337695781
2014-08-24 06:27 - 2014-08-24 06:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noegbyh
2014-08-24 05:56 - 2014-08-29 18:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 238619398.job
2014-08-24 05:56 - 2014-08-24 05:56 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 238619398
2014-08-24 05:56 - 2014-08-24 05:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Moneukeg
2014-08-24 04:30 - 2014-08-29 18:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1853461507.job
2014-08-24 04:30 - 2014-08-24 04:30 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1853461507
2014-08-24 04:30 - 2014-08-24 04:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Iwekaq
2014-08-24 03:26 - 2014-08-24 03:26 - 00000040 _____ () C:\Windows\system32\퐀º
2014-08-24 02:17 - 2014-08-24 02:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oniexuwd.exe
2014-08-24 01:43 - 2014-08-24 01:43 - 00094208 _____ () C:\Users\Lisa\AppData\Local\efnutkja.exe
2014-08-24 00:17 - 2014-08-24 00:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\eujtibfw.exe
2014-08-23 22:12 - 2014-08-23 22:12 - 00094208 _____ () C:\Users\Lisa\AppData\Local\spgbguag.exe
2014-08-23 21:55 - 2014-08-23 21:55 - 00094208 _____ () C:\Users\Lisa\AppData\Local\gpreedbw.exe
2014-08-23 20:45 - 2014-08-23 20:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\talgsuxx.exe
2014-08-23 20:42 - 2014-08-23 20:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\pkkskcqr.exe
2014-08-23 15:50 - 2014-08-23 20:33 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Warframe
2014-08-23 13:46 - 2014-08-29 18:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 714795581.job
2014-08-23 13:46 - 2014-08-23 13:46 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 714795581
2014-08-23 13:46 - 2014-08-23 13:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Makiorhi
2014-08-23 13:17 - 2014-08-27 17:08 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-23 13:17 - 2014-08-23 13:17 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-08-23 12:25 - 2014-08-23 12:27 - 00055844 _____ () C:\Users\Lisa\Downloads\Addition.txt
2014-08-23 12:24 - 2014-08-23 12:27 - 00118812 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-08-23 12:22 - 2014-08-29 18:03 - 00000000 ____D () C:\FRST
2014-08-23 12:14 - 2014-08-23 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 392046224
2014-08-23 04:20 - 2014-08-29 18:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2038411680.job
2014-08-22 22:40 - 2014-08-22 22:40 - 00011243 _____ () C:\Users\Lisa\Downloads\attach.txt
2014-08-22 21:52 - 2014-08-22 21:52 - 00688992 ____R (Swearware) C:\Users\Lisa\Downloads\dds.com
2014-08-22 21:26 - 2014-08-22 21:26 - 00003728 ____N () C:\bootsqm.dat
2014-08-22 17:53 - 2014-08-22 17:53 - 00000017 _____ () C:\Users\Lisa\AppData\Local\resmon.resmoncfg
2014-08-22 15:58 - 2014-08-22 15:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-08-18 19:08 - 2014-08-18 19:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-18 18:54 - 2014-08-18 18:55 - 00036473 _____ () C:\Windows\SysWOW64\Result.txt
2014-08-18 17:53 - 2014-08-18 18:37 - 00036252 _____ () C:\Users\Lisa\Downloads\Result.txt
2014-08-18 17:48 - 2014-08-18 18:35 - 00002757 _____ () C:\Users\Lisa\Downloads\FSS.txt
2014-08-18 17:28 - 2014-08-18 17:28 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Downloads\rkill.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00401920 _____ (Farbar) C:\Users\Lisa\Downloads\MiniToolBox.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 17:27 - 2014-08-18 17:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00854417 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00415232 _____ (Farbar) C:\Users\Lisa\Downloads\FSS.exe
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-08-16 14:59 - 2012-02-14 12:49 - 00114176 _____ (CPUID) C:\Windows\SysWOW64\PCWizard.cpl
2014-08-16 14:58 - 2014-08-16 14:58 - 05324650 _____ (CPUID ) C:\Users\Lisa\Downloads\pc-wizard_2012.2.11-setup.exe
2014-08-16 14:36 - 2014-08-17 14:56 - 00000000 ____D () C:\Users\Lisa\Documents\Witcher 2
2014-08-16 14:36 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher 2
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\Documents\The Witcher
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher
2014-08-16 14:16 - 2014-08-16 14:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-08-16 02:06 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 02:06 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 02:06 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 02:06 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 02:06 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 02:06 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 02:05 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 02:05 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-16 00:47 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 00:47 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-16 00:47 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-16 00:47 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-16 00:47 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-16 00:47 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-16 00:47 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-16 00:46 - 2014-08-06 22:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-16 00:46 - 2014-08-06 22:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-16 00:46 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-16 00:46 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-16 00:46 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 00:46 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-16 00:46 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-16 00:46 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 00:46 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-16 00:46 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-16 00:46 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-16 00:46 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 00:46 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-16 00:46 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-16 00:46 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-16 00:46 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-16 00:46 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-16 00:46 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-16 00:46 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-16 00:46 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-16 00:46 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-16 00:46 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 00:46 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-16 00:46 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-16 00:46 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-16 00:46 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-16 00:46 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 00:46 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-16 00:46 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 00:46 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-16 00:46 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-16 00:46 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 00:46 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-16 00:46 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-16 00:46 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 00:46 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-16 00:46 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-16 00:46 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 00:46 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 00:46 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 00:46 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 00:46 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-16 00:46 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 00:46 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-16 00:46 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-16 00:46 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 00:46 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 00:46 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 00:46 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 00:46 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-16 00:46 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-16 00:46 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 00:46 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 00:46 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 00:46 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-16 00:46 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-16 00:46 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 00:46 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 00:46 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-16 00:46 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-16 00:46 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 20:42 - 2014-08-15 20:42 - 25184629 _____ () C:\Users\Lisa\Downloads\Modern HD 1.8.zip
2014-08-11 21:47 - 2014-08-11 21:47 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 21:47 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 21:46 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iPod
2014-08-11 19:54 - 2014-08-11 19:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-10 22:27 - 2014-08-10 22:27 - 00000000 _____ () C:\Users\Lisa\cd
2014-08-10 22:20 - 2014-08-10 22:20 - 03001270 _____ () C:\Users\Lisa\Downloads\Minecraft-Region-Fixer-0.1.3 (win32).zip
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-09 17:13 - 2014-08-09 17:23 - 00000000 ____D () C:\Users\Lisa\Documents\Euro Truck Simulator 2
2014-08-07 19:37 - 2014-08-07 19:37 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Ubisoft
2014-08-02 09:43 - 2014-08-02 09:43 - 00000000 ____D () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1)
2014-08-02 09:41 - 2014-08-02 09:41 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1).zip
2014-08-02 09:39 - 2014-08-02 09:39 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203.zip
2014-08-01 20:06 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 20:06 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 20:06 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 20:06 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 20:06 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 20:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 20:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 20:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 20:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\Users\Lisa\AppData\Local\WarThunder
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\ProgramData\WarThunder
2014-07-31 08:29 - 2014-07-31 08:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\StunlockStudios
2014-07-30 17:03 - 2014-07-30 17:03 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-30 17:03 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-30 17:03 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-30 17:03 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-30 17:03 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-29 18:06 - 2014-08-29 18:03 - 00032404 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-08-29 18:03 - 2014-08-23 12:22 - 00000000 ____D () C:\FRST
2014-08-29 18:00 - 2014-08-29 16:56 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3449893434.job
2014-08-29 18:00 - 2014-08-28 22:21 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3014236961.job
2014-08-29 18:00 - 2014-08-28 20:21 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2135597057.job
2014-08-29 18:00 - 2014-08-28 18:20 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1379205928.job
2014-08-29 18:00 - 2014-08-28 17:46 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 788173007.job
2014-08-29 18:00 - 2014-08-28 17:05 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3914522974.job
2014-08-29 18:00 - 2014-08-27 18:24 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3503357704.job
2014-08-29 18:00 - 2014-08-27 17:50 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2425577634.job
2014-08-29 18:00 - 2014-08-27 17:03 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 4249854711.job
2014-08-29 18:00 - 2014-08-26 22:23 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3828944963.job
2014-08-29 18:00 - 2014-08-26 21:49 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1345943332.job
2014-08-29 18:00 - 2014-08-26 20:22 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1156754490.job
2014-08-29 18:00 - 2014-08-26 18:18 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2808920971.job
2014-08-29 18:00 - 2014-08-26 17:44 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1758301648.job
2014-08-29 18:00 - 2014-08-26 16:19 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2458895620.job
2014-08-29 18:00 - 2014-08-26 15:55 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 772651449.job
2014-08-29 18:00 - 2014-08-25 22:14 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3801360562.job
2014-08-29 18:00 - 2014-08-25 21:57 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1399807146.job
2014-08-29 18:00 - 2014-08-25 20:15 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104485432.job
2014-08-29 18:00 - 2014-08-25 18:16 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3323728016.job
2014-08-29 18:00 - 2014-08-25 17:59 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1574700934.job
2014-08-29 18:00 - 2014-08-25 16:52 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2488743118.job
2014-08-29 18:00 - 2014-08-25 15:22 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 1956719661.job
2014-08-29 18:00 - 2014-08-24 22:14 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2007530802.job
2014-08-29 18:00 - 2014-08-24 20:16 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 2852106250.job
2014-08-29 18:00 - 2014-08-24 17:45 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 3755073792.job
2014-08-29 18:00 - 2014-08-24 16:23 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 779965912.job
2014-08-29 18:00 - 2014-08-24 14:15 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 1492308399.job
2014-08-29 18:00 - 2014-08-24 13:44 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3723582334.job
2014-08-29 18:00 - 2014-08-24 12:19 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2322726845.job
2014-08-29 18:00 - 2014-08-24 10:17 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 799365013.job
2014-08-29 18:00 - 2014-08-24 09:42 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 3042525643.job
2014-08-29 18:00 - 2014-08-24 08:17 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 709702460.job
2014-08-29 18:00 - 2014-08-24 06:27 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 337695781.job
2014-08-29 18:00 - 2014-08-24 05:56 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 238619398.job
2014-08-29 18:00 - 2014-08-24 04:30 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1853461507.job
2014-08-29 18:00 - 2014-08-23 13:46 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 714795581.job
2014-08-29 18:00 - 2014-08-23 04:20 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2038411680.job
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-29 17:59 - 2012-06-27 01:47 - 00000000 ____D () C:\Users\Lisa
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-29 17:57 - 2014-08-29 17:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-29 17:53 - 2014-08-29 17:53 - 02103808 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-08-29 17:53 - 2012-07-05 02:40 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps
2014-08-29 17:33 - 2012-06-28 01:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-29 17:32 - 2012-12-13 18:50 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-08-29 17:14 - 2014-02-15 04:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Open Download Manager
2014-08-29 17:07 - 2014-08-29 17:07 - 00001270 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-29 17:06 - 2014-08-29 17:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup.exe
2014-08-29 17:03 - 2012-08-29 02:24 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Nero
2014-08-29 16:58 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 16:58 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 16:56 - 2014-08-29 16:56 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3449893434
2014-08-29 16:56 - 2014-08-29 16:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gybywaa
2014-08-29 16:54 - 2014-08-29 16:54 - 00115200 _____ () C:\Users\Lisa\AppData\Local\aejrupmi.exe
2014-08-29 16:54 - 2012-05-26 01:39 - 01685391 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 16:53 - 2014-08-29 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-29 16:53 - 2012-07-04 23:25 - 00001806 _____ () C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2014-08-29 16:47 - 2013-07-19 10:53 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-29 16:46 - 2012-05-26 00:24 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-08-29 16:46 - 2012-05-26 00:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-08-29 16:46 - 2012-05-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-08-29 16:45 - 2012-06-28 01:39 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-29 16:45 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 16:45 - 2009-07-14 00:51 - 00104239 _____ () C:\Windows\setupact.log
2014-08-28 22:21 - 2014-08-28 22:21 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3014236961
2014-08-28 22:21 - 2014-08-28 22:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Toedqiom
2014-08-28 21:54 - 2014-02-05 20:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\.minecraft
2014-08-28 21:42 - 2014-08-28 21:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\wrfkjolv.exe
2014-08-28 21:34 - 2013-01-04 21:32 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA.job
2014-08-28 20:21 - 2014-08-28 20:21 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2135597057
2014-08-28 20:21 - 2014-08-28 20:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoavh
2014-08-28 20:08 - 2013-07-19 15:51 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-08-28 19:34 - 2014-06-29 05:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-28 18:20 - 2014-08-28 18:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1379205928
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nihaezu
2014-08-28 17:46 - 2014-08-28 17:46 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 788173007
2014-08-28 17:46 - 2014-08-28 17:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biahfoda
2014-08-28 17:06 - 2014-08-28 17:06 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3914522974
2014-08-28 17:05 - 2014-08-28 17:05 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuzaxu
2014-08-28 17:03 - 2014-08-28 17:03 - 00115712 _____ () C:\Users\Lisa\AppData\Local\moavlcis.exe
2014-08-28 16:54 - 2010-11-20 23:47 - 00408894 _____ () C:\Windows\PFRO.log
2014-08-28 16:54 - 2009-07-14 00:45 - 00437152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 22:19 - 2014-08-27 22:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\lftxadmu.exe
2014-08-27 21:44 - 2014-08-27 21:44 - 00094208 _____ () C:\Users\Lisa\AppData\Local\fdbujjkg.exe
2014-08-27 20:19 - 2014-08-27 20:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\xlooherw.exe
2014-08-27 20:17 - 2012-06-27 13:03 - 00064512 _____ () C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-27 18:24 - 2014-08-27 18:24 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3503357704
2014-08-27 18:24 - 2014-08-27 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Olefby
2014-08-27 17:50 - 2014-08-27 17:50 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2425577634
2014-08-27 17:50 - 2014-08-27 17:50 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ysoviw
2014-08-27 17:22 - 2012-05-26 01:38 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-27 17:15 - 2014-05-15 21:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 17:14 - 2012-05-26 01:38 - 00000000 ____D () C:\Intel
2014-08-27 17:12 - 2014-08-27 17:11 - 145417920 _____ (Intel Corporation) C:\Users\Lisa\Downloads\Win64_152822.exe
2014-08-27 17:08 - 2014-08-27 17:08 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SystemRequirementsLab
2014-08-27 17:08 - 2014-08-23 13:17 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-27 17:03 - 2014-08-27 17:03 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 4249854711
2014-08-27 17:03 - 2014-08-27 17:03 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fiefra
2014-08-27 17:01 - 2014-08-27 17:01 - 00114688 _____ () C:\Users\Lisa\AppData\Local\gjmbilpu.exe
2014-08-26 22:23 - 2014-08-26 22:23 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3828944963
2014-08-26 22:23 - 2014-08-26 22:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qaofywx
2014-08-26 21:49 - 2014-08-26 21:49 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1345943332
2014-08-26 21:49 - 2014-08-26 21:49 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Katali
2014-08-26 20:22 - 2014-08-26 20:22 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1156754490
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhiqol
2014-08-26 19:47 - 2009-07-14 01:13 - 00006498 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-26 18:18 - 2014-08-26 18:18 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2808920971
2014-08-26 18:18 - 2014-08-26 18:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ohyduza
2014-08-26 17:44 - 2014-08-26 17:44 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1758301648
2014-08-26 17:44 - 2014-08-26 17:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Imifuba
2014-08-26 16:19 - 2014-08-26 16:19 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2458895620
2014-08-26 16:19 - 2014-08-26 16:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Umkidyo
2014-08-26 15:55 - 2014-08-26 15:55 - 00125440 _____ () C:\Users\Lisa\AppData\Local\hcrkepvr.exe
2014-08-26 15:55 - 2014-08-26 15:55 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 772651449
2014-08-26 15:55 - 2014-08-26 15:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qiyvarc
2014-08-26 08:10 - 2014-08-26 08:10 - 00094208 _____ () C:\Users\Lisa\AppData\Local\dlkdlnni.exe
2014-08-26 07:43 - 2014-08-26 07:43 - 00155648 _____ () C:\Users\Lisa\Downloads\CH15_Test_Bank.wiz
2014-08-26 07:42 - 2014-08-26 07:42 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank (1).wiz
2014-08-26 07:41 - 2014-08-26 07:41 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank.wiz
2014-08-26 07:32 - 2014-08-26 07:32 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oqoiqlgm.exe
2014-08-25 22:14 - 2014-08-25 22:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3801360562
2014-08-25 22:14 - 2014-08-25 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqexsof
2014-08-25 21:57 - 2014-08-25 21:57 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1399807146
2014-08-25 21:57 - 2014-08-25 21:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ostyhu
2014-08-25 20:15 - 2014-08-25 20:15 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104485432
2014-08-25 20:15 - 2014-08-25 20:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bynual
2014-08-25 18:16 - 2014-08-25 18:16 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3323728016
2014-08-25 18:16 - 2014-08-25 18:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ifkewubu
2014-08-25 17:59 - 2014-08-25 17:59 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1574700934
2014-08-25 17:59 - 2014-08-25 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqiluq
2014-08-25 16:52 - 2014-08-25 16:52 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2488743118
2014-08-25 16:52 - 2014-08-25 16:52 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycohumu
2014-08-25 15:22 - 2014-08-25 15:22 - 00125952 _____ () C:\Users\Lisa\AppData\Local\njtppoqg.exe
2014-08-25 15:22 - 2014-08-25 15:22 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 1956719661
2014-08-25 15:22 - 2014-08-25 15:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuveyfb
2014-08-24 22:14 - 2014-08-24 22:14 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2007530802
2014-08-24 22:14 - 2014-08-24 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lyarogu
2014-08-24 20:16 - 2014-08-24 20:16 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 2852106250
2014-08-24 20:16 - 2014-08-24 20:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Irezro
2014-08-24 17:51 - 2013-07-19 10:56 - 00000000 ____D () C:\ProgramData\Origin
2014-08-24 17:45 - 2014-08-24 17:45 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 3755073792
2014-08-24 17:45 - 2014-08-24 17:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Woosyb
2014-08-24 16:23 - 2014-08-24 16:23 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 779965912
2014-08-24 16:23 - 2014-08-24 16:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekkoevne
2014-08-24 15:45 - 2014-08-24 15:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\ganhlhfs.exe
2014-08-24 15:45 - 2012-07-08 18:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Skype
2014-08-24 14:15 - 2014-08-24 14:15 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 1492308399
2014-08-24 14:15 - 2014-08-24 14:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Siidraf
2014-08-24 13:44 - 2014-08-24 13:44 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3723582334
2014-08-24 13:44 - 2014-08-24 13:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Riybubcy
2014-08-24 12:19 - 2014-08-24 12:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2322726845
2014-08-24 12:19 - 2014-08-24 12:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Faqooh
2014-08-24 10:17 - 2014-08-24 10:17 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 799365013
2014-08-24 10:17 - 2014-08-24 10:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Obdyva
2014-08-24 09:42 - 2014-08-24 09:42 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 3042525643
2014-08-24 09:42 - 2014-08-24 09:42 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhihcox
2014-08-24 08:17 - 2014-08-24 08:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 709702460
2014-08-24 08:17 - 2014-08-24 08:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ruusaky
2014-08-24 06:27 - 2014-08-24 06:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 337695781
2014-08-24 06:27 - 2014-08-24 06:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noegbyh
2014-08-24 05:56 - 2014-08-24 05:56 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 238619398
2014-08-24 05:56 - 2014-08-24 05:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Moneukeg
2014-08-24 04:30 - 2014-08-24 04:30 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1853461507
2014-08-24 04:30 - 2014-08-24 04:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Iwekaq
2014-08-24 03:26 - 2014-08-24 03:26 - 00000040 _____ () C:\Windows\system32\퐀º
2014-08-24 02:17 - 2014-08-24 02:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oniexuwd.exe
2014-08-24 01:43 - 2014-08-24 01:43 - 00094208 _____ () C:\Users\Lisa\AppData\Local\efnutkja.exe
2014-08-24 00:34 - 2013-01-04 21:32 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core.job
2014-08-24 00:17 - 2014-08-24 00:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\eujtibfw.exe
2014-08-23 22:12 - 2014-08-23 22:12 - 00094208 _____ () C:\Users\Lisa\AppData\Local\spgbguag.exe
2014-08-23 21:55 - 2014-08-23 21:55 - 00094208 _____ () C:\Users\Lisa\AppData\Local\gpreedbw.exe
2014-08-23 20:45 - 2014-08-23 20:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\talgsuxx.exe
2014-08-23 20:42 - 2014-08-23 20:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\pkkskcqr.exe
2014-08-23 20:33 - 2014-08-23 15:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Warframe
2014-08-23 15:51 - 2012-05-26 00:33 - 00286798 _____ () C:\Windows\DirectX.log
2014-08-23 14:02 - 2009-07-14 01:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-23 13:46 - 2014-08-23 13:46 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 714795581
2014-08-23 13:46 - 2014-08-23 13:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Makiorhi
2014-08-23 13:17 - 2014-08-23 13:17 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-08-23 12:27 - 2014-08-23 12:25 - 00055844 _____ () C:\Users\Lisa\Downloads\Addition.txt
2014-08-23 12:27 - 2014-08-23 12:24 - 00118812 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-08-23 12:14 - 2014-08-23 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 392046224
2014-08-22 22:40 - 2014-08-22 22:40 - 00011243 _____ () C:\Users\Lisa\Downloads\attach.txt
2014-08-22 22:07 - 2014-08-27 17:04 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:52 - 2014-08-22 21:52 - 00688992 ____R (Swearware) C:\Users\Lisa\Downloads\dds.com
2014-08-22 21:45 - 2014-08-27 17:04 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 21:26 - 2014-08-22 21:26 - 00003728 ____N () C:\bootsqm.dat
2014-08-22 20:59 - 2014-08-27 17:04 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 17:53 - 2014-08-22 17:53 - 00000017 _____ () C:\Users\Lisa\AppData\Local\resmon.resmoncfg
2014-08-22 15:58 - 2014-08-22 15:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-08-18 19:58 - 2014-08-18 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-18 19:07 - 2014-05-26 01:28 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-18 18:55 - 2014-08-18 18:54 - 00036473 _____ () C:\Windows\SysWOW64\Result.txt
2014-08-18 18:37 - 2014-08-18 17:53 - 00036252 _____ () C:\Users\Lisa\Downloads\Result.txt
2014-08-18 18:37 - 2014-05-26 01:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 18:35 - 2014-08-18 17:48 - 00002757 _____ () C:\Users\Lisa\Downloads\FSS.txt
2014-08-18 18:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Globalization
2014-08-18 17:28 - 2014-08-18 17:28 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Downloads\rkill.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00401920 _____ (Farbar) C:\Users\Lisa\Downloads\MiniToolBox.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 17:28 - 2014-08-18 17:27 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1012.exe
2014-08-18 17:28 - 2014-05-26 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-18 17:28 - 2014-05-26 01:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-18 17:27 - 2014-08-18 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00854417 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00415232 _____ (Farbar) C:\Users\Lisa\Downloads\FSS.exe
2014-08-17 14:56 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\Documents\Witcher 2
2014-08-17 04:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-08-16 14:58 - 2014-08-16 14:58 - 05324650 _____ (CPUID ) C:\Users\Lisa\Downloads\pc-wizard_2012.2.11-setup.exe
2014-08-16 14:36 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher 2
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\Documents\The Witcher
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher
2014-08-16 14:16 - 2014-08-16 14:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-08-16 12:27 - 2013-08-06 00:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-16 02:10 - 2012-07-08 01:48 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-16 02:05 - 2014-04-30 00:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 20:42 - 2014-08-15 20:42 - 25184629 _____ () C:\Users\Lisa\Downloads\Modern HD 1.8.zip
2014-08-15 17:35 - 2012-07-26 22:59 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 17:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-11 22:46 - 2012-06-27 21:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SoftGrid Client
2014-08-11 21:47 - 2014-08-11 21:47 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 21:47 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 21:46 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iPod
2014-08-11 19:57 - 2013-07-19 17:12 - 00000000 ____D () C:\Users\Lisa\Documents\Electronic Arts
2014-08-11 19:57 - 2013-07-19 10:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-11 19:55 - 2014-08-11 19:54 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 19:55 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-11 19:18 - 2013-07-19 11:01 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-10 22:27 - 2014-08-10 22:27 - 00000000 _____ () C:\Users\Lisa\cd
2014-08-10 22:20 - 2014-08-10 22:20 - 03001270 _____ () C:\Users\Lisa\Downloads\Minecraft-Region-Fixer-0.1.3 (win32).zip
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-10 11:15 - 2014-07-05 22:33 - 00000000 ____D () C:\Users\Lisa\Documents\My Games
2014-08-09 22:09 - 2014-06-11 00:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Paint.NET
2014-08-09 22:03 - 2014-06-11 00:51 - 00001150 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-08-09 22:03 - 2014-06-11 00:51 - 00001138 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-08-09 22:03 - 2014-06-11 00:51 - 00000000 ____D () C:\Program Files\Paint.NET
2014-08-09 21:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-09 17:23 - 2014-08-09 17:13 - 00000000 ____D () C:\Users\Lisa\Documents\Euro Truck Simulator 2
2014-08-07 19:37 - 2014-08-07 19:37 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Ubisoft
2014-08-06 22:06 - 2014-08-16 00:46 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 22:01 - 2014-08-16 00:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-03 15:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-02 09:43 - 2014-08-02 09:43 - 00000000 ____D () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1)
2014-08-02 09:41 - 2014-08-02 09:41 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1).zip
2014-08-02 09:39 - 2014-08-02 09:39 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203.zip
2014-08-02 02:16 - 2012-12-16 00:09 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\Users\Lisa\AppData\Local\WarThunder
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\ProgramData\WarThunder
2014-07-31 19:41 - 2014-08-16 00:46 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 19:16 - 2014-08-16 00:46 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 08:29 - 2014-07-31 08:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\StunlockStudios
2014-07-30 17:11 - 2014-06-01 00:11 - 00000000 ____D () C:\Program Files\Java
2014-07-30 17:04 - 2014-02-14 23:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-30 17:03 - 2014-07-30 17:03 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-30 17:03 - 2013-04-12 16:12 - 00000000 ____D () C:\Program Files (x86)\Java
 
Files to move or delete:
====================
C:\Users\Lisa\jagex_cl_runescape_LIVE.dat
 
 
Some content of TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\032939rr.exe
C:\Users\Lisa\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Lisa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Lisa\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\Lisa\AppData\Local\Temp\contentDATs.exe
C:\Users\Lisa\AppData\Local\Temp\D2M-Precheck.exe
C:\Users\Lisa\AppData\Local\Temp\del.dll
C:\Users\Lisa\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Lisa\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lisa\AppData\Local\Temp\mssinstaller.exe
C:\Users\Lisa\AppData\Local\Temp\NGMDll.dll
C:\Users\Lisa\AppData\Local\Temp\NGMResource.dll
C:\Users\Lisa\AppData\Local\Temp\nsmC5CC.tmp.exe
C:\Users\Lisa\AppData\Local\Temp\paint.net.4.0.3.install.exe
C:\Users\Lisa\AppData\Local\Temp\pkjlznb7.dll
C:\Users\Lisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Lisa\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Lisa\AppData\Local\Temp\setup.exe
C:\Users\Lisa\AppData\Local\Temp\SRLDetectionLibrary1166339853304169505.dll
C:\Users\Lisa\AppData\Local\Temp\stageremote_2.0.0.43_2.0.0.50_update_all.exe
C:\Users\Lisa\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Lisa\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Lisa\AppData\Local\Temp\tbFree.dll
C:\Users\Lisa\AppData\Local\Temp\unicows.dll
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_07feaf5a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_08d7f3da.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0d0630f1.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0e7fc431.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_138ad5f3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_160a5899.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1b22a697.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1f44950f.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2310a883.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_23a5dafa.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_242859f5.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_25ceaa8b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_299d66e6.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2cc27d8b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2d9f0d43.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_325d7ad2.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3513e5ea.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_40a48bb1.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_46a02e26.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_48fcd5c3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_4bee9a5c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_516a30f8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5bff6409.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfccebd.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6006a756.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_610e375c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6d2afcd5.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_72d0a894.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_764296d2.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d2b54e4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d991560.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_81133a85.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_8699b65d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_89cbcdd7.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9fa57dfc.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a600f5e8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a66fb69b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_aed602ed.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b30e7b4a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b920b40d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba27fe00.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bdc46ada.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c244ad96.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c6facbff.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c81b0665.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cba9da0b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d5aa5f40.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da274b41.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_de06fbfe.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e1d89567.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e415be9a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e7af9bb0.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ed4750b7.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_edaa6a28.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fc602931.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-07 09:55
 
==================== End Of Log ============================
 
 

 

 


Edited by cpdion, 29 August 2014 - 05:34 PM.


#8 cpdion

cpdion
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:12:14 PM

Posted 29 August 2014 - 05:31 PM

New Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2014 01

Ran by Lisa at 2014-08-29 18:09:12
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version:  - X-Legend)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - )
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Carnage Racing (HKLM-x32\...\Steam App 228940) (Version:  - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11350.0 - Cisco Consumer Products LLC)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Corel PaintShop Pro X4 (HKLM-x32\...\_{00580795-581C-4587-B9F2-37320D7AB37F}) (Version: 14.0.0.345 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.215 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.49 - Dell Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Euro Truck Simulator 2 Demo (HKLM-x32\...\Steam App 231120) (Version:  - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Realms (HKCU\...\SOE-Free Realms) (Version:  - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version:  - SimBin)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
HP Deskjet 1010 series Basic Device Software (HKLM\...\{43211ACE-5EBF-48A1-8497-8F53CB0FC1E4}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 1010 series Help (HKLM-x32\...\{BFB6C2B0-9643-4B59-A706-71DEB3017A99}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
ICA (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version:  - Free Lunch Design)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
IPM_PSP_COM (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
La Tale (HKLM-x32\...\Steam App 264360) (Version:  - Actoz Soft)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140806.90000 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PC Wizard 2012.2.12 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Product Improvement Study for HP Deskjet 1010 series (HKLM\...\{89F99A52-34C0-48A5-B0DA-33F7E4760FA9}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
Project Cyber (HKLM-x32\...\Steam App 285580) (Version:  - Spearhead Games)
PSPPContent (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPro64 (Version: 14.0.0.345 - Corel Corporation) Hidden
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.17 - Dell Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - SimBin Studios AB)
Really Big Sky (HKLM-x32\...\Steam App 201570) (Version:  - Boss Baddie)
Respondus 4.0 Single-User (HKLM-x32\...\{D60A153B-5292-4833-9C5C-2556D54FDE4B}) (Version: 4.0.1.00 - Respondus, Inc.)
Respondus Equation Editor 4 (HKLM-x32\...\RSEE4) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
SavetheChildren Reminder by We-Care.com v4.1.26.4 (HKLM-x32\...\{26B4D0E1-6F6D-48DF-8719-80276A259F7E}) (Version: 4.1.26.4 - We-Care.com)
Setup (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.10.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
23-08-2014 19:50:52 Installed DirectX
28-08-2014 04:10:07 Windows Update
29-08-2014 21:13:18 Revo Uninstaller's restore point - Open Downloader Manager
29-08-2014 21:26:00 Revo Uninstaller's restore point - Ask Shopping Toolbar
29-08-2014 21:28:51 Revo Uninstaller's restore point - Pando Media Booster
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {006EAFAF-8BCD-413A-9067-20B3E52C40C2} - System32\Tasks\Security Center Update - 2007530802 => C:\Users\Lisa\AppData\Roaming\Lyarogu\iqmene.exe [2014-06-30] (Mesrosift Corporatien)
Task: {024FEDD9-1DC4-4872-B008-02B525F4A689} - System32\Tasks\Security Center Update - 3755073792 => C:\Users\Lisa\AppData\Roaming\Woosyb\ecwia.exe [2013-06-17] (Mesrosift Corporatien)
Task: {0483A422-B6DE-458D-8F8B-4AF68804ED00} - System32\Tasks\Security Center Update - 2135597057 => C:\Users\Lisa\AppData\Roaming\Xumoavh\ofosko.exe [2013-11-11] (Antony Lewis)
Task: {0C399329-F772-43DC-A2F6-241F7D6412E8} - System32\Tasks\Security Center Update - 1399807146 => C:\Users\Lisa\AppData\Roaming\Ostyhu\buzyecu.exe [2012-06-27] (Mesrosift Corporatien)
Task: {10F6BE5E-8FB5-42CB-A3EA-69756948F2AB} - \Security Center Update - 3089754028 No Task File <==== ATTENTION
Task: {157A01DB-6E8E-49B8-87EC-A0F24EA36F82} - \Security Center Update - 966665472 No Task File <==== ATTENTION
Task: {1619E43C-58DD-49D6-A651-60D499C254EE} - System32\Tasks\Security Center Update - 3323728016 => C:\Users\Lisa\AppData\Roaming\Ifkewubu\samigu.exe [2014-01-05] (Mesrosift Corporatien)
Task: {1663D225-43F8-45E3-95BE-5460AD494598} - \Security Center Update - 3431837355 No Task File <==== ATTENTION
Task: {178BB5FE-7E06-472B-8B9E-FED7252CFAE9} - System32\Tasks\Security Center Update - 2458895620 => C:\Users\Lisa\AppData\Roaming\Umkidyo\ebwoleb.exe [2012-12-09] (Intel Corporation)
Task: {18D8F1D1-90F2-4915-A59D-6DEBAE776475} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {1CF68C5D-3CC1-457C-8FA1-449026B07A83} - \Security Center Update - 2498235418 No Task File <==== ATTENTION
Task: {2050F09F-0791-44B8-8B3F-4B66A00D4F14} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {275D28C0-21F4-4C6B-BF4E-EB8B78475F65} - \Security Center Update - 418947291 No Task File <==== ATTENTION
Task: {27B820B0-EACD-476A-B121-AAEB60B70C77} - System32\Tasks\Security Center Update - 1956719661 => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe [2013-12-27] (Mesrosift Corporatien)
Task: {2BABA540-553D-4555-A828-0CC8463F516C} - \Security Center Update - 3488534018 No Task File <==== ATTENTION
Task: {2BE8FD63-CAE3-4F5F-A215-323E62DE36EB} - System32\Tasks\Security Center Update - 3014236961 => C:\Users\Lisa\AppData\Roaming\Toedqiom\dyixfo.exe [2013-03-03] (Antony Lewis)
Task: {2E7D3E2E-5F46-4721-B1EA-4B660609FE9A} - \Security Center Update - 2029705305 No Task File <==== ATTENTION
Task: {33416DCA-9E19-4A37-A920-D384254CE2B8} - \Security Center Update - 846557512 No Task File <==== ATTENTION
Task: {3B428BDE-836D-4BC2-9A0F-8A8CB2E39F7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {40B655BD-3ECB-4530-892C-5771FA4E7739} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {43DFD0E1-F0CB-4B2F-991A-8C7FB4951EE2} - System32\Tasks\Security Center Update - 1574700934 => C:\Users\Lisa\AppData\Roaming\Yqiluq\ceertyi.exe [2014-08-22] (Mesrosift Corporatien)
Task: {44FB8B0B-86BB-4F08-A090-2BA57D8D250C} - System32\Tasks\Security Center Update - 2425577634 => C:\Users\Lisa\AppData\Roaming\Ysoviw\qyceqin.exe [2014-06-29] (Mesrosifm Corporatien)
Task: {4542AEE1-D9F2-4E11-82B7-516501FE9FBA} - \Security Center Update - 927385066 No Task File <==== ATTENTION
Task: {454A9DA7-0147-4E91-B302-0BA526AAF881} - System32\Tasks\Security Center Update - 3503357704 => C:\Users\Lisa\AppData\Roaming\Olefby\omofbae.exe [2014-01-23] (Mesrosifm Corporatien)
Task: {46C13CF5-646F-4974-91E3-D63DBE6FEE4A} - \Security Center Update - 1855888854 No Task File <==== ATTENTION
Task: {48D5445C-C4FB-49F5-BD32-DF1178C76D23} - System32\Tasks\Security Center Update - 1345943332 => C:\Users\Lisa\AppData\Roaming\Katali\emyhs.exe [2013-08-04] (Intel Corporation)
Task: {4BEFF88B-B9BC-4E03-811B-EBD3F7DAB6D1} - System32\Tasks\Security Center Update - 714795581 => C:\Users\Lisa\AppData\Roaming\Makiorhi\ofneca.exe [2014-02-03] (M1crosoft Corporation)
Task: {4C0E8C2D-1896-4875-9C02-F642AE2B7998} - \Security Center Update - 3338805954 No Task File <==== ATTENTION
Task: {4C6BE521-A0CD-48C3-97B7-E617306D3201} - System32\Tasks\Security Center Update - 1758301648 => C:\Users\Lisa\AppData\Roaming\Imifuba\feuqrai.exe [2012-06-27] (Intel Corporation)
Task: {4D4A099E-D65A-4610-B7F7-936616F36FB6} - System32\Tasks\Security Center Update - 2104485432 => C:\Users\Lisa\AppData\Roaming\Bynual\wuuxy.exe [2012-09-28] (Mesrosift Corporatien)
Task: {4E670018-24DE-4014-B85F-A7AC596D0973} - System32\Tasks\Security Center Update - 3914522974 => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe [2014-03-13] (Antony Lewis)
Task: {4F6EB0E4-4434-4E66-925A-E3408B8D9A77} - \Security Center Update - 2979509591 No Task File <==== ATTENTION
Task: {4F92C8CB-E811-41E1-9E59-39351B5DCA8C} - System32\Tasks\Security Center Update - 779965912 => C:\Users\Lisa\AppData\Roaming\Ekkoevne\uklua.exe [2014-07-09] (Mesrosift Corporatien)
Task: {4FEAEBF8-F9CB-43E0-A300-C2069A47660C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {577040B3-CB35-4B03-9D25-07B3C1A947AA} - System32\Tasks\Security Center Update - 1379205928 => C:\Users\Lisa\AppData\Roaming\Nihaezu\ruyhv.exe [2013-10-21] (Antony Lewis)
Task: {5B806C89-B6F4-4491-BC05-BC08C4EA5AA5} - \Security Center Update - 1355868994 No Task File <==== ATTENTION
Task: {5C1C5D95-3451-4637-807A-F514F4C12EFD} - System32\Tasks\Security Center Update - 2488743118 => C:\Users\Lisa\AppData\Roaming\Ycohumu\fydasal.exe [2012-08-22] (Mesrosift Corporatien)
Task: {5D85E214-BB8C-47DF-A502-BCA35E1BC852} - System32\Tasks\Security Center Update - 3801360562 => C:\Users\Lisa\AppData\Roaming\Oqexsof\abgug.exe [2014-02-22] (Mesrosift Corporatien)
Task: {5FD12D6E-C94D-414C-A73F-F7E53CB8EB72} - \Security Center Update - 752820688 No Task File <==== ATTENTION
Task: {61F90348-1632-4370-BBD0-6430A089691B} - System32\Tasks\Security Center Update - 3723582334 => C:\Users\Lisa\AppData\Roaming\Riybubcy\vocuu.exe [2012-10-30] (Mesrosift Corporatien)
Task: {6934BE3C-9D2A-42D0-A8B1-891217E8415E} - System32\Tasks\Security Center Update - 337695781 => C:\Users\Lisa\AppData\Roaming\Noegbyh\onivy.exe [2014-06-14] (Mesrosift Corporatien)
Task: {6B2FB14B-2386-410C-8C42-CFD8E2844B9A} - System32\Tasks\Security Center Update - 3828944963 => C:\Users\Lisa\AppData\Roaming\Qaofywx\fuliak.exe [2013-04-01] (Intel Corporation)
Task: {6C50E672-6AE8-4EBC-98CD-E0E9A2E87106} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15] (Facebook Inc.)
Task: {6E574FE7-CD99-486A-BB85-26C822FD69EF} - System32\Tasks\{682840C9-C865-4F05-B807-8BA9AD57D886} => C:\Users\Lisa\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
Task: {750661EA-B5E4-4D3E-8F27-D9EFA1B74788} - \Security Center Update - 2479261886 No Task File <==== ATTENTION
Task: {75D47420-CB24-4D20-9ED2-C85E70EF2151} - \Security Center Update - 2104751866 No Task File <==== ATTENTION
Task: {79E1A60F-A6EA-4CB8-BE02-D7BC3EBFD870} - System32\Tasks\Security Center Update - 4249854711 => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe [2014-07-23] (Mesrosifm Corporatien)
Task: {7AD6CBD2-37D0-4A04-B9C6-0B144F669F33} - System32\Tasks\Security Center Update - 2808920971 => C:\Users\Lisa\AppData\Roaming\Ohyduza\paezam.exe [2013-09-10] (Intel Corporation)
Task: {7BF18A5C-4427-424E-B093-EF7E0E4A5A22} - \Security Center Update - 3715843453 No Task File <==== ATTENTION
Task: {7CDDA879-009C-4154-8CD3-BD06DFD0C1B8} - System32\Tasks\Security Center Update - 788173007 => C:\Users\Lisa\AppData\Roaming\Biahfoda\uktupu.exe [2012-08-01] (Antony Lewis)
Task: {7CE25652-EB51-493A-89F9-45392A31C9BA} - System32\Tasks\Security Center Update - 1853461507 => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe [2013-03-27] (Mesrosift Corporatien)
Task: {7D901313-4F98-4028-8062-A2537F3D6C0F} - \Security Center Update - 2038411680 No Task File <==== ATTENTION
Task: {8010DC90-B7CC-4BE1-85AD-04E38632FA92} - \Security Center Update - 2191080318 No Task File <==== ATTENTION
Task: {81694AED-AEE0-41D3-AC36-5A29E8702CDF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15] (Facebook Inc.)
Task: {8B482D7A-3A63-48F1-AF33-1C3B45E96BBC} - System32\Tasks\Security Center Update - 392046224 => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [2014-08-29] (M1crosoft Corporation)
Task: {8F44A373-FD4F-4AD2-9557-80161BB7965B} - \Security Center Update - 371833040 No Task File <==== ATTENTION
Task: {9560F579-6320-48BD-81DD-5310D3299CC8} - \Security Center Update - 3942642799 No Task File <==== ATTENTION
Task: {978FDB14-77B6-4B4A-8344-AC358F30E9EA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9837810F-F11C-438C-84E7-D762685980D9} - System32\Tasks\Security Center Update - 2852106250 => C:\Users\Lisa\AppData\Roaming\Irezro\wopyno.exe [2013-11-18] (Mesrosift Corporatien)
Task: {98AB084F-C369-485A-8FF7-79508E654415} - \Security Center Update - 2106932050 No Task File <==== ATTENTION
Task: {9E6E8F43-0C79-4735-9400-1E23D811FE00} - System32\Tasks\Security Center Update - 1156754490 => C:\Users\Lisa\AppData\Roaming\Yhiqol\ixfeedu.exe [2013-11-29] (Intel Corporation)
Task: {9F6CC889-5C75-417D-A170-1B8C0615B89F} - System32\Tasks\Security Center Update - 3042525643 => C:\Users\Lisa\AppData\Roaming\Yhihcox\wyihg.exe [2013-04-10] (Mesrosift Corporatien)
Task: {A3BBBEBC-0C9A-4AE0-A8A8-B639567CBF97} - \Security Center Update - 3983964077 No Task File <==== ATTENTION
Task: {B3977328-01CA-49FB-9091-B42B3D341736} - \Security Center Update - 1640359643 No Task File <==== ATTENTION
Task: {B6FE1232-5A72-4ABA-8308-B6383E16B129} - System32\Tasks\Security Center Update - 3449893434 => C:\Users\Lisa\AppData\Roaming\Gybywaa\ilykt.exe [2012-09-30] (Mesrosifm Corporatien)
Task: {BDCB65CA-49FC-4584-9A9F-2FCFD69254FD} - System32\Tasks\Security Center Update - 238619398 => C:\Users\Lisa\AppData\Roaming\Moneukeg\ekuwebz.exe [2013-12-30] (Mesrosift Corporatien)
Task: {BE3172D4-97AA-402B-87C4-8167ABDDB3C4} - \Security Center Update - 3150405157 No Task File <==== ATTENTION
Task: {C6AB9866-93EB-40F9-AF52-B65EA1E4B326} - System32\Tasks\Security Center Update - 772651449 => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe [2014-03-30] (Intel Corporation)
Task: {C9BE3DD5-181E-43EB-BEC7-B97383015855} - \Security Center Update - 2194090041 No Task File <==== ATTENTION
Task: {CBF597A1-815E-4D7F-BE88-F273FB0D26A0} - System32\Tasks\Security Center Update - 709702460 => C:\Users\Lisa\AppData\Roaming\Ruusaky\yqtewee.exe [2014-08-13] (Mesrosift Corporatien)
Task: {CC1AD1AD-D302-432B-8504-6160E4BF81CA} - \Security Center Update - 2109373424 No Task File <==== ATTENTION
Task: {D758F8FB-73F9-4796-864D-3B54E91CBEED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DDB4C012-746D-4511-9950-BA1C91BA0D54} - System32\Tasks\Security Center Update - 1492308399 => C:\Users\Lisa\AppData\Roaming\Siidraf\feecen.exe [2014-02-21] (Mesrosift Corporatien)
Task: {E005DE33-0357-4042-8570-A3F94929E411} - \Security Center Update - 1586098165 No Task File <==== ATTENTION
Task: {E43A154E-4AB1-41B0-AB14-086B16D1BDF9} - System32\Tasks\Security Center Update - 799365013 => C:\Users\Lisa\AppData\Roaming\Obdyva\xyfuuvu.exe [2014-04-18] (Mesrosift Corporatien)
Task: {EA338F8E-CA31-4AB3-BC05-C1BFE5D959C1} - System32\Tasks\HPCustParticipation HP Deskjet 1010 series => C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe [2013-02-08] (Hewlett-Packard Co.)
Task: {EF273F07-B050-49E3-95EB-F22B681A0EF5} - System32\Tasks\Security Center Update - 2322726845 => C:\Users\Lisa\AppData\Roaming\Faqooh\qexuw.exe [2014-07-30] (Mesrosift Corporatien)
Task: {FC5721B2-3BB1-4700-A7FB-872F3B28C0CF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-27] (Microsoft Corporation)
Task: {FCA72012-4145-43A9-BAB2-3D48B6625BB2} - \Security Center Update - 2836356992 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core.job => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA.job => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Security Center Update - 1156754490.job => C:\Users\Lisa\AppData\Roaming\Yhiqol\ixfeedu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1345943332.job => C:\Users\Lisa\AppData\Roaming\Katali\emyhs.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1379205928.job => C:\Users\Lisa\AppData\Roaming\Nihaezu\ruyhv.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1399807146.job => C:\Users\Lisa\AppData\Roaming\Ostyhu\buzyecu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1492308399.job => C:\Users\Lisa\AppData\Roaming\Siidraf\feecen.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1574700934.job => C:\Users\Lisa\AppData\Roaming\Yqiluq\ceertyi.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1758301648.job => C:\Users\Lisa\AppData\Roaming\Imifuba\feuqrai.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1853461507.job => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1956719661.job => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2007530802.job => C:\Users\Lisa\AppData\Roaming\Lyarogu\iqmene.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2038411680.job => C:\Users\Lisa\AppData\Roaming\Ydpyyny\oqaky.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2104485432.job => C:\Users\Lisa\AppData\Roaming\Bynual\wuuxy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2135597057.job => C:\Users\Lisa\AppData\Roaming\Xumoavh\ofosko.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2322726845.job => C:\Users\Lisa\AppData\Roaming\Faqooh\qexuw.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 238619398.job => C:\Users\Lisa\AppData\Roaming\Moneukeg\ekuwebz.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2425577634.job => C:\Users\Lisa\AppData\Roaming\Ysoviw\qyceqin.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2458895620.job => C:\Users\Lisa\AppData\Roaming\Umkidyo\ebwoleb.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2488743118.job => C:\Users\Lisa\AppData\Roaming\Ycohumu\fydasal.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2808920971.job => C:\Users\Lisa\AppData\Roaming\Ohyduza\paezam.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2852106250.job => C:\Users\Lisa\AppData\Roaming\Irezro\wopyno.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3014236961.job => C:\Users\Lisa\AppData\Roaming\Toedqiom\dyixfo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3042525643.job => C:\Users\Lisa\AppData\Roaming\Yhihcox\wyihg.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3323728016.job => C:\Users\Lisa\AppData\Roaming\Ifkewubu\samigu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 337695781.job => C:\Users\Lisa\AppData\Roaming\Noegbyh\onivy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3449893434.job => C:\Users\Lisa\AppData\Roaming\Gybywaa\ilykt.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3503357704.job => C:\Users\Lisa\AppData\Roaming\Olefby\omofbae.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3723582334.job => C:\Users\Lisa\AppData\Roaming\Riybubcy\vocuu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3755073792.job => C:\Users\Lisa\AppData\Roaming\Woosyb\ecwia.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3801360562.job => C:\Users\Lisa\AppData\Roaming\Oqexsof\abgug.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3828944963.job => C:\Users\Lisa\AppData\Roaming\Qaofywx\fuliak.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3914522974.job => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 4249854711.job => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 709702460.job => C:\Users\Lisa\AppData\Roaming\Ruusaky\yqtewee.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 714795581.job => C:\Users\Lisa\AppData\Roaming\Makiorhi\ofneca.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 772651449.job => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 779965912.job => C:\Users\Lisa\AppData\Roaming\Ekkoevne\uklua.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 788173007.job => C:\Users\Lisa\AppData\Roaming\Biahfoda\uktupu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 799365013.job => C:\Users\Lisa\AppData\Roaming\Obdyva\xyfuuvu.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-15 21:11 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-12-16 00:09 - 2011-02-07 12:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-08-27 17:12 - 2014-08-27 17:12 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-06-27 20:26 - 2011-06-27 20:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2012-05-26 01:09 - 2011-12-15 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-05-26 00:19 - 2012-01-26 22:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-29 09:52 - 2011-06-29 09:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2014-08-29 17:59 - 2014-08-29 17:59 - 00368640 _____ () C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 16:52 - 2010-03-22 16:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 00:20 - 2011-06-25 00:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-27 20:25 - 2011-06-27 20:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-25 00:21 - 2011-06-25 00:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-08-17 22:54 - 2014-08-17 22:54 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-05-26 00:03 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-05-26 00:07 - 2012-01-20 12:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2011-12-31 18:04 - 2011-12-31 18:04 - 00251688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
2011-12-31 18:04 - 2011-12-31 18:04 - 00891688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/29/2014 05:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: Flash32_14_0_0_145.ocx, version: 14.0.0.145, time stamp: 0x53aa18ec
Exception code: 0xc0000005
Fault offset: 0x00638af5
Faulting process id: 0x2c74
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/29/2014 05:45:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: WININET.dll, version: 11.0.9600.17239, time stamp: 0x53d22bcb
Exception code: 0xc0000005
Fault offset: 0x0000b63f
Faulting process id: 0x1dfc
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/29/2014 05:44:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Corel PaintShop Pro.exe, version: 14.0.0.121, time stamp: 0x4e702fa6
Faulting module name: CoreOrganizer.dll, version: 14.0.0.75, time stamp: 0x4e7028d5
Exception code: 0xc0000005
Fault offset: 0x000673e5
Faulting process id: 0x1494
Faulting application start time: 0xCorel PaintShop Pro.exe0
Faulting application path: Corel PaintShop Pro.exe1
Faulting module path: Corel PaintShop Pro.exe2
Report Id: Corel PaintShop Pro.exe3
 
Error: (08/29/2014 05:40:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: Flash32_14_0_0_145.ocx, version: 14.0.0.145, time stamp: 0x53aa18ec
Exception code: 0xc0000005
Fault offset: 0x005d9039
Faulting process id: 0xe38
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/29/2014 05:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00092bc7
Faulting process id: 0x33e8
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/29/2014 05:26:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: Lisa-PC)
Description: Product: Ask Shopping Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome
 
Error: (08/29/2014 05:14:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: jscript9.dll, version: 11.0.9600.17239, time stamp: 0x53d2481e
Exception code: 0xc0000005
Fault offset: 0x000ec306
Faulting process id: 0x1918
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/29/2014 05:04:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: Flash32_14_0_0_145.ocx, version: 14.0.0.145, time stamp: 0x53aa18ec
Exception code: 0xc0000005
Fault offset: 0x005d9039
Faulting process id: 0x31f0
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/29/2014 04:50:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: mshtml.dll, version: 11.0.9600.17239, time stamp: 0x53d26078
Exception code: 0xc0000005
Fault offset: 0x002f6731
Faulting process id: 0x2c20
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/29/2014 04:46:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (08/29/2014 04:54:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
Error: (08/29/2014 04:52:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (08/29/2014 04:49:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/28/2014 11:02:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (08/28/2014 06:42:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (08/28/2014 06:42:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (08/28/2014 05:02:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}
 
Error: (08/28/2014 05:02:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
Error: (08/28/2014 05:00:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (08/28/2014 05:00:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
 
Microsoft Office Sessions:
=========================
Error: (08/29/2014 05:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949Flash32_14_0_0_145.ocx14.0.0.14553aa18ecc000000500638af52c7401cfc3d2ea235030C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_14_0_0_145.ocxe517e7ac-2fc6-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 05:45:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949WININET.dll11.0.9600.1723953d22bcbc00000050000b63f1dfc01cfc3d2190907a1C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeC:\Windows\syswow64\WININET.dlld6716907-2fc5-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 05:44:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Corel PaintShop Pro.exe14.0.0.1214e702fa6CoreOrganizer.dll14.0.0.754e7028d5c0000005000673e5149401cfc3d1fefba459C:\Program Files (x86)\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exeC:\Program Files (x86)\Corel\Corel PaintShop Pro X4\CoreOrganizer.dllaf0520b1-2fc5-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 05:40:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949Flash32_14_0_0_145.ocx14.0.0.14553aa18ecc0000005005d9039e3801cfc3d188ae8dd7C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_14_0_0_145.ocx0e3611d8-2fc5-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 05:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949unknown0.0.0.000000000c000000500092bc733e801cfc3cffb1fef1eC:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeunknown4360ab7f-2fc3-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 05:26:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: Lisa-PC)
Description: Product: Ask Shopping Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 
 
Google Chrome (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/29/2014 05:14:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949jscript9.dll11.0.9600.1723953d2481ec0000005000ec306191801cfc3cd098f980dC:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeC:\Windows\SysWOW64\jscript9.dll65b02e67-2fc1-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 05:04:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949Flash32_14_0_0_145.ocx14.0.0.14553aa18ecc0000005005d903931f001cfc3cc219e4410C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_14_0_0_145.ocx17b4e7fe-2fc0-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 04:50:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949mshtml.dll11.0.9600.1723953d26078c0000005002f67312c2001cfc3cacdf9eeefC:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeC:\Windows\SysWOW64\mshtml.dll221ef8c3-2fbe-11e4-b26e-c01885bc5d88
 
Error: (08/29/2014 04:46:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 74%
Total physical RAM: 6008.64 MB
Available physical RAM: 1550.67 MB
Total Pagefile: 12015.47 MB
Available Pagefile: 5826.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.91 GB) (Free:109.85 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 88E8EB63)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#9 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,078 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:14 PM

Posted 30 August 2014 - 09:10 AM

Hi cpdion,
 
Feel free to use separate posts for each log when need be.
 
To clean this infection, we'll probably need to try to keep the delays to a minimum, or try to use the computer as little as possible if there is going to be delays. It's just the infection has a habit of re-spawning if you are not quick about removing it, that's the only reason I suggest this :)
 
We need to run a fix with FRST:

  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Copy and paste the script below in the notepad document:​
Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe
(Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe
(Intel Corporation) C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(PowerCmd Software) C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
(Meskisift Corporatien) C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
(Mesrisift Corporatien) C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
(CrystalIDEA Software) C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
() C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [qilxqfpd] => C:\Users\Lisa\AppData\Local\talgsuxx.exe [128000 2014-08-23] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Loelube] => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe [305365 2013-03-27] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ofqhhawe] => C:\Users\Lisa\AppData\Local\ganhlhfs.exe [128000 2014-08-24] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ecxorwrb] => C:\Users\Lisa\AppData\Local\njtppoqg.exe [125952 2014-08-25] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Saevdiykpeobub] => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe [305229 2013-12-27] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Awzuirufz] => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe [464896 2014-03-30] (Intel Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [hgrgqovo] => C:\Users\Lisa\AppData\Local\hcrkepvr.exe [125440 2014-08-26] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [obqnkhxm] => C:\Users\Lisa\AppData\Local\gjmbilpu.exe [114688 2014-08-27] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Haysyf] => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe [300748 2014-07-23] (Mesrosifm Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [btngfjql] => C:\Users\Lisa\AppData\Local\moavlcis.exe [115712 2014-08-28] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Piweibi] => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe [304140 2014-03-13] (Antony Lewis)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [kshowwqt] => C:\Users\Lisa\AppData\Local\aejrupmi.exe [115200 2014-08-29] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Iroxy] => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [460288 2014-08-29] (PowerCmd Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Buguicuzoltaa] => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [413184 2014-08-29] (CrystalIDEA Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Wyguosno] => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [308409 2014-08-29] (Mesrisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Gepeuninesuldy] => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [307322 2014-08-29] (Meskisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Owemyxgau] => C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe [368640 2014-08-29] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Igful] => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [277504 2014-08-29] (M1crosoft Corporation)
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-29 17:57 - 2014-08-29 17:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-29 16:56 - 2014-08-29 16:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gybywaa
2014-08-29 16:54 - 2014-08-29 16:54 - 00115200 _____ () C:\Users\Lisa\AppData\Local\aejrupmi.exe
2014-08-28 22:21 - 2014-08-28 22:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Toedqiom
2014-08-28 21:42 - 2014-08-28 21:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\wrfkjolv.exe
2014-08-28 20:21 - 2014-08-28 20:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoavh
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nihaezu
2014-08-28 17:46 - 2014-08-28 17:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biahfoda
2014-08-28 17:05 - 2014-08-28 17:05 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuzaxu
2014-08-28 17:03 - 2014-08-28 17:03 - 00115712 _____ () C:\Users\Lisa\AppData\Local\moavlcis.exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\lftxadmu.exe
2014-08-27 21:44 - 2014-08-27 21:44 - 00094208 _____ () C:\Users\Lisa\AppData\Local\fdbujjkg.exe
2014-08-27 20:19 - 2014-08-27 20:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\xlooherw.exe
2014-08-27 18:24 - 2014-08-27 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Olefby
2014-08-27 17:50 - 2014-08-27 17:50 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ysoviw
2014-08-27 17:03 - 2014-08-27 17:03 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fiefra
2014-08-27 17:01 - 2014-08-27 17:01 - 00114688 _____() C:\Users\Lisa\AppData\Local\gjmbilpu.exe
2014-08-26 22:23 - 2014-08-26 22:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qaofywx
2014-08-26 21:49 - 2014-08-26 21:49 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Katali
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhiqol
2014-08-26 18:18 - 2014-08-26 18:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ohyduza
2014-08-26 17:44 - 2014-08-26 17:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Imifuba
2014-08-26 16:19 - 2014-08-26 16:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Umkidyo
2014-08-26 15:55 - 2014-08-26 15:55 - 00125440 _____ () C:\Users\Lisa\AppData\Local\hcrkepvr.exe
2014-08-26 15:55 - 2014-08-26 15:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qiyvarc
2014-08-26 08:10 - 2014-08-26 08:10 - 00094208 _____ () C:\Users\Lisa\AppData\Local\dlkdlnni.exe
2014-08-26 07:32 - 2014-08-26 07:32 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oqoiqlgm.exe
2014-08-25 22:14 - 2014-08-25 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqexsof
2014-08-25 21:57 - 2014-08-25 21:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ostyhu
2014-08-25 20:15 - 2014-08-25 20:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bynual
2014-08-25 18:16 - 2014-08-25 18:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ifkewubu
2014-08-25 17:59 - 2014-08-25 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqiluq
2014-08-25 16:52 - 2014-08-25 16:52 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycohumu
2014-08-25 15:22 - 2014-08-25 15:22 - 00125952 _____ () C:\Users\Lisa\AppData\Local\njtppoqg.exe
2014-08-25 15:22 - 2014-08-25 15:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuveyfb
2014-08-24 22:14 - 2014-08-24 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lyarogu
2014-08-24 20:16 - 2014-08-24 20:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Irezro
2014-08-24 17:45 - 2014-08-24 17:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Woosyb
2014-08-24 16:23 - 2014-08-24 16:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekkoevne
2014-08-24 15:45 - 2014-08-24 15:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\ganhlhfs.exe
2014-08-24 14:15 - 2014-08-24 14:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Siidraf
2014-08-24 13:44 - 2014-08-24 13:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Riybubcy
2014-08-24 12:19 - 2014-08-24 12:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Faqooh
2014-08-24 10:17 - 2014-08-24 10:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Obdyva
2014-08-24 09:42 - 2014-08-24 09:42 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhihcox
2014-08-24 08:17 - 2014-08-24 08:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ruusaky
2014-08-24 06:27 - 2014-08-24 06:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noegbyh
2014-08-24 05:56 - 2014-08-24 05:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Moneukeg
2014-08-24 04:30 - 2014-08-24 04:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Iwekaq
2014-08-24 03:26 - 2014-08-24 03:26 - 00000040 _____ () C:\Windows\system32\퐀º
2014-08-24 02:17 - 2014-08-24 02:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oniexuwd.exe
2014-08-24 01:43 - 2014-08-24 01:43 - 00094208 _____ () C:\Users\Lisa\AppData\Local\efnutkja.exe
2014-08-24 00:17 - 2014-08-24 00:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\eujtibfw.exe
2014-08-23 22:12 - 2014-08-23 22:12 - 00094208 _____ () C:\Users\Lisa\AppData\Local\spgbguag.exe
2014-08-23 21:55 - 2014-08-23 21:55 - 00094208 _____ () C:\Users\Lisa\AppData\Local\gpreedbw.exe
2014-08-23 20:45 - 2014-08-23 20:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\talgsuxx.exe
2014-08-23 20:42 - 2014-08-23 20:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\pkkskcqr.exe
2014-08-23 13:46 - 2014-08-23 13:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Makiorhi
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_07feaf5a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_08d7f3da.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0d0630f1.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0e7fc431.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_138ad5f3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_160a5899.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1b22a697.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1f44950f.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2310a883.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_23a5dafa.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_242859f5.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_25ceaa8b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_299d66e6.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2cc27d8b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2d9f0d43.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_325d7ad2.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3513e5ea.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_40a48bb1.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_46a02e26.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_48fcd5c3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_4bee9a5c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_516a30f8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5bff6409.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfccebd.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6006a756.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_610e375c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6d2afcd5.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_72d0a894.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_764296d2.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d2b54e4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d991560.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_81133a85.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_8699b65d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_89cbcdd7.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9fa57dfc.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a600f5e8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a66fb69b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_aed602ed.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b30e7b4a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b920b40d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba27fe00.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bdc46ada.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c244ad96.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c6facbff.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c81b0665.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cba9da0b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d5aa5f40.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da274b41.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_de06fbfe.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e1d89567.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e415be9a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e7af9bb0.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ed4750b7.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_edaa6a28.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fc602931.exe
C:\Users\Lisa\AppData\Local\Temp\pkjlznb7.dll
C:\Users\Lisa\AppData\Local\Temp\032939rr.exe
Task: {006EAFAF-8BCD-413A-9067-20B3E52C40C2} - System32\Tasks\Security Center Update - 2007530802 => C:\Users\Lisa\AppData\Roaming\Lyarogu\iqmene.exe [2014-06-30] (Mesrosift Corporatien)
Task: {024FEDD9-1DC4-4872-B008-02B525F4A689} - System32\Tasks\Security Center Update - 3755073792 => C:\Users\Lisa\AppData\Roaming\Woosyb\ecwia.exe [2013-06-17] (Mesrosift Corporatien)
Task: {0483A422-B6DE-458D-8F8B-4AF68804ED00} - System32\Tasks\Security Center Update - 2135597057 => C:\Users\Lisa\AppData\Roaming\Xumoavh\ofosko.exe [2013-11-11] (Antony Lewis)
Task: {0C399329-F772-43DC-A2F6-241F7D6412E8} - System32\Tasks\Security Center Update - 1399807146 => C:\Users\Lisa\AppData\Roaming\Ostyhu\buzyecu.exe [2012-06-27] (Mesrosift Corporatien)
Task: {10F6BE5E-8FB5-42CB-A3EA-69756948F2AB} - \Security Center Update - 3089754028 No Task File <==== ATTENTION
Task: {157A01DB-6E8E-49B8-87EC-A0F24EA36F82} - \Security Center Update - 966665472 No Task File <==== ATTENTION
Task: {1619E43C-58DD-49D6-A651-60D499C254EE} - System32\Tasks\Security Center Update - 3323728016 => C:\Users\Lisa\AppData\Roaming\Ifkewubu\samigu.exe [2014-01-05] (Mesrosift Corporatien)
Task: {1663D225-43F8-45E3-95BE-5460AD494598} - \Security Center Update - 3431837355 No Task File <==== ATTENTION
Task: {178BB5FE-7E06-472B-8B9E-FED7252CFAE9} - System32\Tasks\Security Center Update - 2458895620 => C:\Users\Lisa\AppData\Roaming\Umkidyo\ebwoleb.exe [2012-12-09] (Intel Corporation)
Task: {1CF68C5D-3CC1-457C-8FA1-449026B07A83} - \Security Center Update - 2498235418 No Task File <==== ATTENTION
Task: {275D28C0-21F4-4C6B-BF4E-EB8B78475F65} - \Security Center Update - 418947291 No Task File <==== ATTENTION
Task: {27B820B0-EACD-476A-B121-AAEB60B70C77} - System32\Tasks\Security Center Update - 1956719661 => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe [2013-12-27] (Mesrosift Corporatien)
Task: {2BABA540-553D-4555-A828-0CC8463F516C} - \Security Center Update - 3488534018 No Task File <==== ATTENTION
Task: {2BE8FD63-CAE3-4F5F-A215-323E62DE36EB} - System32\Tasks\Security Center Update - 3014236961 => C:\Users\Lisa\AppData\Roaming\Toedqiom\dyixfo.exe [2013-03-03] (Antony Lewis)
Task: {2E7D3E2E-5F46-4721-B1EA-4B660609FE9A} - \Security Center Update - 2029705305 No Task File <==== ATTENTION
Task: {33416DCA-9E19-4A37-A920-D384254CE2B8} - \Security Center Update - 846557512 No Task File <==== ATTENTION
Task: {43DFD0E1-F0CB-4B2F-991A-8C7FB4951EE2} - System32\Tasks\Security Center Update - 1574700934 => C:\Users\Lisa\AppData\Roaming\Yqiluq\ceertyi.exe [2014-08-22] (Mesrosift Corporatien)
Task: {44FB8B0B-86BB-4F08-A090-2BA57D8D250C} - System32\Tasks\Security Center Update - 2425577634 => C:\Users\Lisa\AppData\Roaming\Ysoviw\qyceqin.exe [2014-06-29] (Mesrosifm Corporatien)
Task: {4542AEE1-D9F2-4E11-82B7-516501FE9FBA} - \Security Center Update - 927385066 No Task File <==== ATTENTION
Task: {454A9DA7-0147-4E91-B302-0BA526AAF881} - System32\Tasks\Security Center Update - 3503357704 => C:\Users\Lisa\AppData\Roaming\Olefby\omofbae.exe [2014-01-23] (Mesrosifm Corporatien)
Task: {46C13CF5-646F-4974-91E3-D63DBE6FEE4A} - \Security Center Update - 1855888854 No Task File <==== ATTENTION
Task: {48D5445C-C4FB-49F5-BD32-DF1178C76D23} - System32\Tasks\Security Center Update - 1345943332 => C:\Users\Lisa\AppData\Roaming\Katali\emyhs.exe [2013-08-04] (Intel Corporation)
Task: {4BEFF88B-B9BC-4E03-811B-EBD3F7DAB6D1} - System32\Tasks\Security Center Update - 714795581 => C:\Users\Lisa\AppData\Roaming\Makiorhi\ofneca.exe [2014-02-03] (M1crosoft Corporation)
Task: {4C0E8C2D-1896-4875-9C02-F642AE2B7998} - \Security Center Update - 3338805954 No Task File <==== ATTENTION
Task: {4C6BE521-A0CD-48C3-97B7-E617306D3201} - System32\Tasks\Security Center Update - 1758301648 => C:\Users\Lisa\AppData\Roaming\Imifuba\feuqrai.exe [2012-06-27] (Intel Corporation)
Task: {4D4A099E-D65A-4610-B7F7-936616F36FB6} - System32\Tasks\Security Center Update - 2104485432 => C:\Users\Lisa\AppData\Roaming\Bynual\wuuxy.exe [2012-09-28] (Mesrosift Corporatien)
Task: {4E670018-24DE-4014-B85F-A7AC596D0973} - System32\Tasks\Security Center Update - 3914522974 => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe [2014-03-13] (Antony Lewis)
Task: {4F6EB0E4-4434-4E66-925A-E3408B8D9A77} - \Security Center Update - 2979509591 No Task File <==== ATTENTION
Task: {4F92C8CB-E811-41E1-9E59-39351B5DCA8C} - System32\Tasks\Security Center Update - 779965912 => C:\Users\Lisa\AppData\Roaming\Ekkoevne\uklua.exe [2014-07-09] (Mesrosift Corporatien)
Task: {577040B3-CB35-4B03-9D25-07B3C1A947AA} - System32\Tasks\Security Center Update - 1379205928 => C:\Users\Lisa\AppData\Roaming\Nihaezu\ruyhv.exe [2013-10-21] (Antony Lewis)
Task: {5B806C89-B6F4-4491-BC05-BC08C4EA5AA5} - \Security Center Update - 1355868994 No Task File <==== ATTENTION
Task: {5C1C5D95-3451-4637-807A-F514F4C12EFD} - System32\Tasks\Security Center Update - 2488743118 => C:\Users\Lisa\AppData\Roaming\Ycohumu\fydasal.exe [2012-08-22] (Mesrosift Corporatien)
Task: {5D85E214-BB8C-47DF-A502-BCA35E1BC852} - System32\Tasks\Security Center Update - 3801360562 => C:\Users\Lisa\AppData\Roaming\Oqexsof\abgug.exe [2014-02-22] (Mesrosift Corporatien)
Task: {5FD12D6E-C94D-414C-A73F-F7E53CB8EB72} - \Security Center Update - 752820688 No Task File <==== ATTENTION
Task: {61F90348-1632-4370-BBD0-6430A089691B} - System32\Tasks\Security Center Update - 3723582334 => C:\Users\Lisa\AppData\Roaming\Riybubcy\vocuu.exe [2012-10-30] (Mesrosift Corporatien)
Task: {6934BE3C-9D2A-42D0-A8B1-891217E8415E} - System32\Tasks\Security Center Update - 337695781 => C:\Users\Lisa\AppData\Roaming\Noegbyh\onivy.exe [2014-06-14] (Mesrosift Corporatien)
Task: {6B2FB14B-2386-410C-8C42-CFD8E2844B9A} - System32\Tasks\Security Center Update - 3828944963 => C:\Users\Lisa\AppData\Roaming\Qaofywx\fuliak.exe [2013-04-01] (Intel Corporation)
Task: {750661EA-B5E4-4D3E-8F27-D9EFA1B74788} - \Security Center Update - 2479261886 No Task File <==== ATTENTION
Task: {75D47420-CB24-4D20-9ED2-C85E70EF2151} - \Security Center Update - 2104751866 No Task File <==== ATTENTION
Task: {79E1A60F-A6EA-4CB8-BE02-D7BC3EBFD870} - System32\Tasks\Security Center Update - 4249854711 => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe [2014-07-23] (Mesrosifm Corporatien)
Task: {7AD6CBD2-37D0-4A04-B9C6-0B144F669F33} - System32\Tasks\Security Center Update - 2808920971 => C:\Users\Lisa\AppData\Roaming\Ohyduza\paezam.exe [2013-09-10] (Intel Corporation)
Task: {7BF18A5C-4427-424E-B093-EF7E0E4A5A22} - \Security Center Update - 3715843453 No Task File <==== ATTENTION
Task: {7CDDA879-009C-4154-8CD3-BD06DFD0C1B8} - System32\Tasks\Security Center Update - 788173007 => C:\Users\Lisa\AppData\Roaming\Biahfoda\uktupu.exe [2012-08-01] (Antony Lewis)
Task: {7CE25652-EB51-493A-89F9-45392A31C9BA} - System32\Tasks\Security Center Update - 1853461507 => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe [2013-03-27] (Mesrosift Corporatien)
Task: {7D901313-4F98-4028-8062-A2537F3D6C0F} - \Security Center Update - 2038411680 No Task File <==== ATTENTION
Task: {8010DC90-B7CC-4BE1-85AD-04E38632FA92} - \Security Center Update - 2191080318 No Task File <==== ATTENTION
Task: {8B482D7A-3A63-48F1-AF33-1C3B45E96BBC} - System32\Tasks\Security Center Update - 392046224 => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [2014-08-29] (M1crosoft Corporation)
Task: {8F44A373-FD4F-4AD2-9557-80161BB7965B} - \Security Center Update - 371833040 No Task File <==== ATTENTION
Task: {9560F579-6320-48BD-81DD-5310D3299CC8} - \Security Center Update - 3942642799 No Task File <==== ATTENTION
Task: {978FDB14-77B6-4B4A-8344-AC358F30E9EA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9837810F-F11C-438C-84E7-D762685980D9} - System32\Tasks\Security Center Update - 2852106250 => C:\Users\Lisa\AppData\Roaming\Irezro\wopyno.exe [2013-11-18] (Mesrosift Corporatien)
Task: {98AB084F-C369-485A-8FF7-79508E654415} - \Security Center Update - 2106932050 No Task File <==== ATTENTION
Task: {9E6E8F43-0C79-4735-9400-1E23D811FE00} - System32\Tasks\Security Center Update - 1156754490 => C:\Users\Lisa\AppData\Roaming\Yhiqol\ixfeedu.exe [2013-11-29] (Intel Corporation)
Task: {9F6CC889-5C75-417D-A170-1B8C0615B89F} - System32\Tasks\Security Center Update - 3042525643 => C:\Users\Lisa\AppData\Roaming\Yhihcox\wyihg.exe [2013-04-10] (Mesrosift Corporatien)
Task: {A3BBBEBC-0C9A-4AE0-A8A8-B639567CBF97} - \Security Center Update - 3983964077 No Task File <==== ATTENTION
Task: {B3977328-01CA-49FB-9091-B42B3D341736} - \Security Center Update - 1640359643 No Task File <==== ATTENTION
Task: {B6FE1232-5A72-4ABA-8308-B6383E16B129} - System32\Tasks\Security Center Update - 3449893434 => C:\Users\Lisa\AppData\Roaming\Gybywaa\ilykt.exe [2012-09-30] (Mesrosifm Corporatien)
Task: {BDCB65CA-49FC-4584-9A9F-2FCFD69254FD} - System32\Tasks\Security Center Update - 238619398 => C:\Users\Lisa\AppData\Roaming\Moneukeg\ekuwebz.exe [2013-12-30] (Mesrosift Corporatien)
Task: {BE3172D4-97AA-402B-87C4-8167ABDDB3C4} - \Security Center Update - 3150405157 No Task File <==== ATTENTION
Task: {C6AB9866-93EB-40F9-AF52-B65EA1E4B326} - System32\Tasks\Security Center Update - 772651449 => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe [2014-03-30] (Intel Corporation)
Task: {C9BE3DD5-181E-43EB-BEC7-B97383015855} - \Security Center Update - 2194090041 No Task File <==== ATTENTION
Task: {CBF597A1-815E-4D7F-BE88-F273FB0D26A0} - System32\Tasks\Security Center Update - 709702460 => C:\Users\Lisa\AppData\Roaming\Ruusaky\yqtewee.exe [2014-08-13] (Mesrosift Corporatien)
Task: {CC1AD1AD-D302-432B-8504-6160E4BF81CA} - \Security Center Update - 2109373424 No Task File <==== ATTENTION
Task: {DDB4C012-746D-4511-9950-BA1C91BA0D54} - System32\Tasks\Security Center Update - 1492308399 => C:\Users\Lisa\AppData\Roaming\Siidraf\feecen.exe [2014-02-21] (Mesrosift Corporatien)
Task: {E005DE33-0357-4042-8570-A3F94929E411} - \Security Center Update - 1586098165 No Task File <==== ATTENTION
Task: {E43A154E-4AB1-41B0-AB14-086B16D1BDF9} - System32\Tasks\Security Center Update - 799365013 => C:\Users\Lisa\AppData\Roaming\Obdyva\xyfuuvu.exe [2014-04-18] (Mesrosift Corporatien)
Task: {EA338F8E-CA31-4AB3-BC05-C1BFE5D959C1} - System32\Tasks\HPCustParticipation HP Deskjet 1010 series => C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe [2013-02-08] (Hewlett-Packard Co.)
Task: {EF273F07-B050-49E3-95EB-F22B681A0EF5} - System32\Tasks\Security Center Update - 2322726845 => C:\Users\Lisa\AppData\Roaming\Faqooh\qexuw.exe [2014-07-30] (Mesrosift Corporatien)
Task: {FCA72012-4145-43A9-BAB2-3D48B6625BB2} - \Security Center Update - 2836356992 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1156754490.job => C:\Users\Lisa\AppData\Roaming\Yhiqol\ixfeedu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1345943332.job => C:\Users\Lisa\AppData\Roaming\Katali\emyhs.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1379205928.job => C:\Users\Lisa\AppData\Roaming\Nihaezu\ruyhv.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1399807146.job => C:\Users\Lisa\AppData\Roaming\Ostyhu\buzyecu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1492308399.job => C:\Users\Lisa\AppData\Roaming\Siidraf\feecen.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1574700934.job => C:\Users\Lisa\AppData\Roaming\Yqiluq\ceertyi.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1758301648.job => C:\Users\Lisa\AppData\Roaming\Imifuba\feuqrai.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1853461507.job => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1956719661.job => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2007530802.job => C:\Users\Lisa\AppData\Roaming\Lyarogu\iqmene.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2038411680.job => C:\Users\Lisa\AppData\Roaming\Ydpyyny\oqaky.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2104485432.job => C:\Users\Lisa\AppData\Roaming\Bynual\wuuxy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2135597057.job => C:\Users\Lisa\AppData\Roaming\Xumoavh\ofosko.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2322726845.job => C:\Users\Lisa\AppData\Roaming\Faqooh\qexuw.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 238619398.job => C:\Users\Lisa\AppData\Roaming\Moneukeg\ekuwebz.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2425577634.job => C:\Users\Lisa\AppData\Roaming\Ysoviw\qyceqin.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2458895620.job => C:\Users\Lisa\AppData\Roaming\Umkidyo\ebwoleb.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2488743118.job => C:\Users\Lisa\AppData\Roaming\Ycohumu\fydasal.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2808920971.job => C:\Users\Lisa\AppData\Roaming\Ohyduza\paezam.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2852106250.job => C:\Users\Lisa\AppData\Roaming\Irezro\wopyno.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3014236961.job => C:\Users\Lisa\AppData\Roaming\Toedqiom\dyixfo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3042525643.job => C:\Users\Lisa\AppData\Roaming\Yhihcox\wyihg.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3323728016.job => C:\Users\Lisa\AppData\Roaming\Ifkewubu\samigu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 337695781.job => C:\Users\Lisa\AppData\Roaming\Noegbyh\onivy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3449893434.job => C:\Users\Lisa\AppData\Roaming\Gybywaa\ilykt.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3503357704.job => C:\Users\Lisa\AppData\Roaming\Olefby\omofbae.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3723582334.job => C:\Users\Lisa\AppData\Roaming\Riybubcy\vocuu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3755073792.job => C:\Users\Lisa\AppData\Roaming\Woosyb\ecwia.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3801360562.job => C:\Users\Lisa\AppData\Roaming\Oqexsof\abgug.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3828944963.job => C:\Users\Lisa\AppData\Roaming\Qaofywx\fuliak.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3914522974.job => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 4249854711.job => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 709702460.job => C:\Users\Lisa\AppData\Roaming\Ruusaky\yqtewee.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 714795581.job => C:\Users\Lisa\AppData\Roaming\Makiorhi\ofneca.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 772651449.job => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 779965912.job => C:\Users\Lisa\AppData\Roaming\Ekkoevne\uklua.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 788173007.job => C:\Users\Lisa\AppData\Roaming\Biahfoda\uktupu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 799365013.job => C:\Users\Lisa\AppData\Roaming\Obdyva\xyfuuvu.exe <==== ATTENTION
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run.
  • Please copy and paste the log in your next reply.

--------------
 
Please re-run FRST from the desktop (like you did before), put a check in the box for Addition.txt under the optional scan, and press the scan button. It will produce a FRST.txt and an addition.txt log located on the desktop.  Please copy and paste the log into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Fixlog.txt
  • New FRST.txt
  • New Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#10 cpdion

cpdion
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:12:14 PM

Posted 30 August 2014 - 10:23 AM

FIXLOG:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-08-2014

Ran by Lisa at 2014-08-30 10:53:38 Run:2
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe
(Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe
(Intel Corporation) C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(PowerCmd Software) C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
(Meskisift Corporatien) C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
(Mesrisift Corporatien) C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
(CrystalIDEA Software) C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
() C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [qilxqfpd] => C:\Users\Lisa\AppData\Local\talgsuxx.exe [128000 2014-08-23] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Loelube] => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe [305365 2013-03-27] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ofqhhawe] => C:\Users\Lisa\AppData\Local\ganhlhfs.exe [128000 2014-08-24] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ecxorwrb] => C:\Users\Lisa\AppData\Local\njtppoqg.exe [125952 2014-08-25] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Saevdiykpeobub] => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe [305229 2013-12-27] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Awzuirufz] => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe [464896 2014-03-30] (Intel Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [hgrgqovo] => C:\Users\Lisa\AppData\Local\hcrkepvr.exe [125440 2014-08-26] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [obqnkhxm] => C:\Users\Lisa\AppData\Local\gjmbilpu.exe [114688 2014-08-27] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Haysyf] => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe [300748 2014-07-23] (Mesrosifm Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [btngfjql] => C:\Users\Lisa\AppData\Local\moavlcis.exe [115712 2014-08-28] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Piweibi] => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe [304140 2014-03-13] (Antony Lewis)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [kshowwqt] => C:\Users\Lisa\AppData\Local\aejrupmi.exe [115200 2014-08-29] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Iroxy] => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [460288 2014-08-29] (PowerCmd Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Buguicuzoltaa] => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [413184 2014-08-29] (CrystalIDEA Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Wyguosno] => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [308409 2014-08-29] (Mesrisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Gepeuninesuldy] => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [307322 2014-08-29] (Meskisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Owemyxgau] => C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe [368640 2014-08-29] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Igful] => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [277504 2014-08-29] (M1crosoft Corporation)
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-29 17:59 - 2014-08-29 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-29 17:58 - 2014-08-29 17:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-29 17:57 - 2014-08-29 17:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-29 16:56 - 2014-08-29 16:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Gybywaa
2014-08-29 16:54 - 2014-08-29 16:54 - 00115200 _____ () C:\Users\Lisa\AppData\Local\aejrupmi.exe
2014-08-28 22:21 - 2014-08-28 22:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Toedqiom
2014-08-28 21:42 - 2014-08-28 21:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\wrfkjolv.exe
2014-08-28 20:21 - 2014-08-28 20:21 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoavh
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Nihaezu
2014-08-28 17:46 - 2014-08-28 17:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Biahfoda
2014-08-28 17:05 - 2014-08-28 17:05 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuzaxu
2014-08-28 17:03 - 2014-08-28 17:03 - 00115712 _____ () C:\Users\Lisa\AppData\Local\moavlcis.exe
2014-08-27 22:19 - 2014-08-27 22:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\lftxadmu.exe
2014-08-27 21:44 - 2014-08-27 21:44 - 00094208 _____ () C:\Users\Lisa\AppData\Local\fdbujjkg.exe
2014-08-27 20:19 - 2014-08-27 20:19 - 00094208 _____ () C:\Users\Lisa\AppData\Local\xlooherw.exe
2014-08-27 18:24 - 2014-08-27 18:24 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Olefby
2014-08-27 17:50 - 2014-08-27 17:50 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ysoviw
2014-08-27 17:03 - 2014-08-27 17:03 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fiefra
2014-08-27 17:01 - 2014-08-27 17:01 - 00114688 _____() C:\Users\Lisa\AppData\Local\gjmbilpu.exe
2014-08-26 22:23 - 2014-08-26 22:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qaofywx
2014-08-26 21:49 - 2014-08-26 21:49 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Katali
2014-08-26 20:22 - 2014-08-26 20:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhiqol
2014-08-26 18:18 - 2014-08-26 18:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ohyduza
2014-08-26 17:44 - 2014-08-26 17:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Imifuba
2014-08-26 16:19 - 2014-08-26 16:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Umkidyo
2014-08-26 15:55 - 2014-08-26 15:55 - 00125440 _____ () C:\Users\Lisa\AppData\Local\hcrkepvr.exe
2014-08-26 15:55 - 2014-08-26 15:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qiyvarc
2014-08-26 08:10 - 2014-08-26 08:10 - 00094208 _____ () C:\Users\Lisa\AppData\Local\dlkdlnni.exe
2014-08-26 07:32 - 2014-08-26 07:32 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oqoiqlgm.exe
2014-08-25 22:14 - 2014-08-25 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Oqexsof
2014-08-25 21:57 - 2014-08-25 21:57 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ostyhu
2014-08-25 20:15 - 2014-08-25 20:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bynual
2014-08-25 18:16 - 2014-08-25 18:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ifkewubu
2014-08-25 17:59 - 2014-08-25 17:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yqiluq
2014-08-25 16:52 - 2014-08-25 16:52 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ycohumu
2014-08-25 15:22 - 2014-08-25 15:22 - 00125952 _____ () C:\Users\Lisa\AppData\Local\njtppoqg.exe
2014-08-25 15:22 - 2014-08-25 15:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuveyfb
2014-08-24 22:14 - 2014-08-24 22:14 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Lyarogu
2014-08-24 20:16 - 2014-08-24 20:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Irezro
2014-08-24 17:45 - 2014-08-24 17:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Woosyb
2014-08-24 16:23 - 2014-08-24 16:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ekkoevne
2014-08-24 15:45 - 2014-08-24 15:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\ganhlhfs.exe
2014-08-24 14:15 - 2014-08-24 14:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Siidraf
2014-08-24 13:44 - 2014-08-24 13:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Riybubcy
2014-08-24 12:19 - 2014-08-24 12:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Faqooh
2014-08-24 10:17 - 2014-08-24 10:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Obdyva
2014-08-24 09:42 - 2014-08-24 09:42 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yhihcox
2014-08-24 08:17 - 2014-08-24 08:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ruusaky
2014-08-24 06:27 - 2014-08-24 06:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Noegbyh
2014-08-24 05:56 - 2014-08-24 05:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Moneukeg
2014-08-24 04:30 - 2014-08-24 04:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Iwekaq
2014-08-24 03:26 - 2014-08-24 03:26 - 00000040 _____ () C:\Windows\system32\?º
2014-08-24 02:17 - 2014-08-24 02:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\oniexuwd.exe
2014-08-24 01:43 - 2014-08-24 01:43 - 00094208 _____ () C:\Users\Lisa\AppData\Local\efnutkja.exe
2014-08-24 00:17 - 2014-08-24 00:17 - 00094208 _____ () C:\Users\Lisa\AppData\Local\eujtibfw.exe
2014-08-23 22:12 - 2014-08-23 22:12 - 00094208 _____ () C:\Users\Lisa\AppData\Local\spgbguag.exe
2014-08-23 21:55 - 2014-08-23 21:55 - 00094208 _____ () C:\Users\Lisa\AppData\Local\gpreedbw.exe
2014-08-23 20:45 - 2014-08-23 20:45 - 00128000 _____ () C:\Users\Lisa\AppData\Local\talgsuxx.exe
2014-08-23 20:42 - 2014-08-23 20:42 - 00094208 _____ () C:\Users\Lisa\AppData\Local\pkkskcqr.exe
2014-08-23 13:46 - 2014-08-23 13:46 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Makiorhi
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_07feaf5a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_08d7f3da.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0d0630f1.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0e7fc431.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_138ad5f3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_160a5899.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1b22a697.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1f44950f.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2310a883.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_23a5dafa.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_242859f5.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_25ceaa8b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_299d66e6.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2cc27d8b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2d9f0d43.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_325d7ad2.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3513e5ea.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_40a48bb1.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_46a02e26.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_48fcd5c3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_4bee9a5c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_516a30f8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5bff6409.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfccebd.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6006a756.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_610e375c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6d2afcd5.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_72d0a894.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_764296d2.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d2b54e4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d991560.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_81133a85.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_8699b65d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_89cbcdd7.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9fa57dfc.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a600f5e8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a66fb69b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_aed602ed.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b30e7b4a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b920b40d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba27fe00.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bdc46ada.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c244ad96.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c6facbff.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c81b0665.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cba9da0b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d5aa5f40.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da274b41.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_de06fbfe.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e1d89567.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e415be9a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e7af9bb0.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ed4750b7.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_edaa6a28.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fc602931.exe
C:\Users\Lisa\AppData\Local\Temp\pkjlznb7.dll
C:\Users\Lisa\AppData\Local\Temp\032939rr.exe
Task: {006EAFAF-8BCD-413A-9067-20B3E52C40C2} - System32\Tasks\Security Center Update - 2007530802 => C:\Users\Lisa\AppData\Roaming\Lyarogu\iqmene.exe [2014-06-30] (Mesrosift Corporatien)
Task: {024FEDD9-1DC4-4872-B008-02B525F4A689} - System32\Tasks\Security Center Update - 3755073792 => C:\Users\Lisa\AppData\Roaming\Woosyb\ecwia.exe [2013-06-17] (Mesrosift Corporatien)
Task: {0483A422-B6DE-458D-8F8B-4AF68804ED00} - System32\Tasks\Security Center Update - 2135597057 => C:\Users\Lisa\AppData\Roaming\Xumoavh\ofosko.exe [2013-11-11] (Antony Lewis)
Task: {0C399329-F772-43DC-A2F6-241F7D6412E8} - System32\Tasks\Security Center Update - 1399807146 => C:\Users\Lisa\AppData\Roaming\Ostyhu\buzyecu.exe [2012-06-27] (Mesrosift Corporatien)
Task: {10F6BE5E-8FB5-42CB-A3EA-69756948F2AB} - \Security Center Update - 3089754028 No Task File <==== ATTENTION
Task: {157A01DB-6E8E-49B8-87EC-A0F24EA36F82} - \Security Center Update - 966665472 No Task File <==== ATTENTION
Task: {1619E43C-58DD-49D6-A651-60D499C254EE} - System32\Tasks\Security Center Update - 3323728016 => C:\Users\Lisa\AppData\Roaming\Ifkewubu\samigu.exe [2014-01-05] (Mesrosift Corporatien)
Task: {1663D225-43F8-45E3-95BE-5460AD494598} - \Security Center Update - 3431837355 No Task File <==== ATTENTION
Task: {178BB5FE-7E06-472B-8B9E-FED7252CFAE9} - System32\Tasks\Security Center Update - 2458895620 => C:\Users\Lisa\AppData\Roaming\Umkidyo\ebwoleb.exe [2012-12-09] (Intel Corporation)
Task: {1CF68C5D-3CC1-457C-8FA1-449026B07A83} - \Security Center Update - 2498235418 No Task File <==== ATTENTION
Task: {275D28C0-21F4-4C6B-BF4E-EB8B78475F65} - \Security Center Update - 418947291 No Task File <==== ATTENTION
Task: {27B820B0-EACD-476A-B121-AAEB60B70C77} - System32\Tasks\Security Center Update - 1956719661 => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe [2013-12-27] (Mesrosift Corporatien)
Task: {2BABA540-553D-4555-A828-0CC8463F516C} - \Security Center Update - 3488534018 No Task File <==== ATTENTION
Task: {2BE8FD63-CAE3-4F5F-A215-323E62DE36EB} - System32\Tasks\Security Center Update - 3014236961 => C:\Users\Lisa\AppData\Roaming\Toedqiom\dyixfo.exe [2013-03-03] (Antony Lewis)
Task: {2E7D3E2E-5F46-4721-B1EA-4B660609FE9A} - \Security Center Update - 2029705305 No Task File <==== ATTENTION
Task: {33416DCA-9E19-4A37-A920-D384254CE2B8} - \Security Center Update - 846557512 No Task File <==== ATTENTION
Task: {43DFD0E1-F0CB-4B2F-991A-8C7FB4951EE2} - System32\Tasks\Security Center Update - 1574700934 => C:\Users\Lisa\AppData\Roaming\Yqiluq\ceertyi.exe [2014-08-22] (Mesrosift Corporatien)
Task: {44FB8B0B-86BB-4F08-A090-2BA57D8D250C} - System32\Tasks\Security Center Update - 2425577634 => C:\Users\Lisa\AppData\Roaming\Ysoviw\qyceqin.exe [2014-06-29] (Mesrosifm Corporatien)
Task: {4542AEE1-D9F2-4E11-82B7-516501FE9FBA} - \Security Center Update - 927385066 No Task File <==== ATTENTION
Task: {454A9DA7-0147-4E91-B302-0BA526AAF881} - System32\Tasks\Security Center Update - 3503357704 => C:\Users\Lisa\AppData\Roaming\Olefby\omofbae.exe [2014-01-23] (Mesrosifm Corporatien)
Task: {46C13CF5-646F-4974-91E3-D63DBE6FEE4A} - \Security Center Update - 1855888854 No Task File <==== ATTENTION
Task: {48D5445C-C4FB-49F5-BD32-DF1178C76D23} - System32\Tasks\Security Center Update - 1345943332 => C:\Users\Lisa\AppData\Roaming\Katali\emyhs.exe [2013-08-04] (Intel Corporation)
Task: {4BEFF88B-B9BC-4E03-811B-EBD3F7DAB6D1} - System32\Tasks\Security Center Update - 714795581 => C:\Users\Lisa\AppData\Roaming\Makiorhi\ofneca.exe [2014-02-03] (M1crosoft Corporation)
Task: {4C0E8C2D-1896-4875-9C02-F642AE2B7998} - \Security Center Update - 3338805954 No Task File <==== ATTENTION
Task: {4C6BE521-A0CD-48C3-97B7-E617306D3201} - System32\Tasks\Security Center Update - 1758301648 => C:\Users\Lisa\AppData\Roaming\Imifuba\feuqrai.exe [2012-06-27] (Intel Corporation)
Task: {4D4A099E-D65A-4610-B7F7-936616F36FB6} - System32\Tasks\Security Center Update - 2104485432 => C:\Users\Lisa\AppData\Roaming\Bynual\wuuxy.exe [2012-09-28] (Mesrosift Corporatien)
Task: {4E670018-24DE-4014-B85F-A7AC596D0973} - System32\Tasks\Security Center Update - 3914522974 => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe [2014-03-13] (Antony Lewis)
Task: {4F6EB0E4-4434-4E66-925A-E3408B8D9A77} - \Security Center Update - 2979509591 No Task File <==== ATTENTION
Task: {4F92C8CB-E811-41E1-9E59-39351B5DCA8C} - System32\Tasks\Security Center Update - 779965912 => C:\Users\Lisa\AppData\Roaming\Ekkoevne\uklua.exe [2014-07-09] (Mesrosift Corporatien)
Task: {577040B3-CB35-4B03-9D25-07B3C1A947AA} - System32\Tasks\Security Center Update - 1379205928 => C:\Users\Lisa\AppData\Roaming\Nihaezu\ruyhv.exe [2013-10-21] (Antony Lewis)
Task: {5B806C89-B6F4-4491-BC05-BC08C4EA5AA5} - \Security Center Update - 1355868994 No Task File <==== ATTENTION
Task: {5C1C5D95-3451-4637-807A-F514F4C12EFD} - System32\Tasks\Security Center Update - 2488743118 => C:\Users\Lisa\AppData\Roaming\Ycohumu\fydasal.exe [2012-08-22] (Mesrosift Corporatien)
Task: {5D85E214-BB8C-47DF-A502-BCA35E1BC852} - System32\Tasks\Security Center Update - 3801360562 => C:\Users\Lisa\AppData\Roaming\Oqexsof\abgug.exe [2014-02-22] (Mesrosift Corporatien)
Task: {5FD12D6E-C94D-414C-A73F-F7E53CB8EB72} - \Security Center Update - 752820688 No Task File <==== ATTENTION
Task: {61F90348-1632-4370-BBD0-6430A089691B} - System32\Tasks\Security Center Update - 3723582334 => C:\Users\Lisa\AppData\Roaming\Riybubcy\vocuu.exe [2012-10-30] (Mesrosift Corporatien)
Task: {6934BE3C-9D2A-42D0-A8B1-891217E8415E} - System32\Tasks\Security Center Update - 337695781 => C:\Users\Lisa\AppData\Roaming\Noegbyh\onivy.exe [2014-06-14] (Mesrosift Corporatien)
Task: {6B2FB14B-2386-410C-8C42-CFD8E2844B9A} - System32\Tasks\Security Center Update - 3828944963 => C:\Users\Lisa\AppData\Roaming\Qaofywx\fuliak.exe [2013-04-01] (Intel Corporation)
Task: {750661EA-B5E4-4D3E-8F27-D9EFA1B74788} - \Security Center Update - 2479261886 No Task File <==== ATTENTION
Task: {75D47420-CB24-4D20-9ED2-C85E70EF2151} - \Security Center Update - 2104751866 No Task File <==== ATTENTION
Task: {79E1A60F-A6EA-4CB8-BE02-D7BC3EBFD870} - System32\Tasks\Security Center Update - 4249854711 => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe [2014-07-23] (Mesrosifm Corporatien)
Task: {7AD6CBD2-37D0-4A04-B9C6-0B144F669F33} - System32\Tasks\Security Center Update - 2808920971 => C:\Users\Lisa\AppData\Roaming\Ohyduza\paezam.exe [2013-09-10] (Intel Corporation)
Task: {7BF18A5C-4427-424E-B093-EF7E0E4A5A22} - \Security Center Update - 3715843453 No Task File <==== ATTENTION
Task: {7CDDA879-009C-4154-8CD3-BD06DFD0C1B8} - System32\Tasks\Security Center Update - 788173007 => C:\Users\Lisa\AppData\Roaming\Biahfoda\uktupu.exe [2012-08-01] (Antony Lewis)
Task: {7CE25652-EB51-493A-89F9-45392A31C9BA} - System32\Tasks\Security Center Update - 1853461507 => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe [2013-03-27] (Mesrosift Corporatien)
Task: {7D901313-4F98-4028-8062-A2537F3D6C0F} - \Security Center Update - 2038411680 No Task File <==== ATTENTION
Task: {8010DC90-B7CC-4BE1-85AD-04E38632FA92} - \Security Center Update - 2191080318 No Task File <==== ATTENTION
Task: {8B482D7A-3A63-48F1-AF33-1C3B45E96BBC} - System32\Tasks\Security Center Update - 392046224 => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [2014-08-29] (M1crosoft Corporation)
Task: {8F44A373-FD4F-4AD2-9557-80161BB7965B} - \Security Center Update - 371833040 No Task File <==== ATTENTION
Task: {9560F579-6320-48BD-81DD-5310D3299CC8} - \Security Center Update - 3942642799 No Task File <==== ATTENTION
Task: {978FDB14-77B6-4B4A-8344-AC358F30E9EA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9837810F-F11C-438C-84E7-D762685980D9} - System32\Tasks\Security Center Update - 2852106250 => C:\Users\Lisa\AppData\Roaming\Irezro\wopyno.exe [2013-11-18] (Mesrosift Corporatien)
Task: {98AB084F-C369-485A-8FF7-79508E654415} - \Security Center Update - 2106932050 No Task File <==== ATTENTION
Task: {9E6E8F43-0C79-4735-9400-1E23D811FE00} - System32\Tasks\Security Center Update - 1156754490 => C:\Users\Lisa\AppData\Roaming\Yhiqol\ixfeedu.exe [2013-11-29] (Intel Corporation)
Task: {9F6CC889-5C75-417D-A170-1B8C0615B89F} - System32\Tasks\Security Center Update - 3042525643 => C:\Users\Lisa\AppData\Roaming\Yhihcox\wyihg.exe [2013-04-10] (Mesrosift Corporatien)
Task: {A3BBBEBC-0C9A-4AE0-A8A8-B639567CBF97} - \Security Center Update - 3983964077 No Task File <==== ATTENTION
Task: {B3977328-01CA-49FB-9091-B42B3D341736} - \Security Center Update - 1640359643 No Task File <==== ATTENTION
Task: {B6FE1232-5A72-4ABA-8308-B6383E16B129} - System32\Tasks\Security Center Update - 3449893434 => C:\Users\Lisa\AppData\Roaming\Gybywaa\ilykt.exe [2012-09-30] (Mesrosifm Corporatien)
Task: {BDCB65CA-49FC-4584-9A9F-2FCFD69254FD} - System32\Tasks\Security Center Update - 238619398 => C:\Users\Lisa\AppData\Roaming\Moneukeg\ekuwebz.exe [2013-12-30] (Mesrosift Corporatien)
Task: {BE3172D4-97AA-402B-87C4-8167ABDDB3C4} - \Security Center Update - 3150405157 No Task File <==== ATTENTION
Task: {C6AB9866-93EB-40F9-AF52-B65EA1E4B326} - System32\Tasks\Security Center Update - 772651449 => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe [2014-03-30] (Intel Corporation)
Task: {C9BE3DD5-181E-43EB-BEC7-B97383015855} - \Security Center Update - 2194090041 No Task File <==== ATTENTION
Task: {CBF597A1-815E-4D7F-BE88-F273FB0D26A0} - System32\Tasks\Security Center Update - 709702460 => C:\Users\Lisa\AppData\Roaming\Ruusaky\yqtewee.exe [2014-08-13] (Mesrosift Corporatien)
Task: {CC1AD1AD-D302-432B-8504-6160E4BF81CA} - \Security Center Update - 2109373424 No Task File <==== ATTENTION
Task: {DDB4C012-746D-4511-9950-BA1C91BA0D54} - System32\Tasks\Security Center Update - 1492308399 => C:\Users\Lisa\AppData\Roaming\Siidraf\feecen.exe [2014-02-21] (Mesrosift Corporatien)
Task: {E005DE33-0357-4042-8570-A3F94929E411} - \Security Center Update - 1586098165 No Task File <==== ATTENTION
Task: {E43A154E-4AB1-41B0-AB14-086B16D1BDF9} - System32\Tasks\Security Center Update - 799365013 => C:\Users\Lisa\AppData\Roaming\Obdyva\xyfuuvu.exe [2014-04-18] (Mesrosift Corporatien)
Task: {EA338F8E-CA31-4AB3-BC05-C1BFE5D959C1} - System32\Tasks\HPCustParticipation HP Deskjet 1010 series => C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe [2013-02-08] (Hewlett-Packard Co.)
Task: {EF273F07-B050-49E3-95EB-F22B681A0EF5} - System32\Tasks\Security Center Update - 2322726845 => C:\Users\Lisa\AppData\Roaming\Faqooh\qexuw.exe [2014-07-30] (Mesrosift Corporatien)
Task: {FCA72012-4145-43A9-BAB2-3D48B6625BB2} - \Security Center Update - 2836356992 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1156754490.job => C:\Users\Lisa\AppData\Roaming\Yhiqol\ixfeedu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1345943332.job => C:\Users\Lisa\AppData\Roaming\Katali\emyhs.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1379205928.job => C:\Users\Lisa\AppData\Roaming\Nihaezu\ruyhv.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1399807146.job => C:\Users\Lisa\AppData\Roaming\Ostyhu\buzyecu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1492308399.job => C:\Users\Lisa\AppData\Roaming\Siidraf\feecen.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1574700934.job => C:\Users\Lisa\AppData\Roaming\Yqiluq\ceertyi.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1758301648.job => C:\Users\Lisa\AppData\Roaming\Imifuba\feuqrai.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1853461507.job => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1956719661.job => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2007530802.job => C:\Users\Lisa\AppData\Roaming\Lyarogu\iqmene.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2038411680.job => C:\Users\Lisa\AppData\Roaming\Ydpyyny\oqaky.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2104485432.job => C:\Users\Lisa\AppData\Roaming\Bynual\wuuxy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2135597057.job => C:\Users\Lisa\AppData\Roaming\Xumoavh\ofosko.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2322726845.job => C:\Users\Lisa\AppData\Roaming\Faqooh\qexuw.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 238619398.job => C:\Users\Lisa\AppData\Roaming\Moneukeg\ekuwebz.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2425577634.job => C:\Users\Lisa\AppData\Roaming\Ysoviw\qyceqin.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2458895620.job => C:\Users\Lisa\AppData\Roaming\Umkidyo\ebwoleb.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2488743118.job => C:\Users\Lisa\AppData\Roaming\Ycohumu\fydasal.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2808920971.job => C:\Users\Lisa\AppData\Roaming\Ohyduza\paezam.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2852106250.job => C:\Users\Lisa\AppData\Roaming\Irezro\wopyno.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3014236961.job => C:\Users\Lisa\AppData\Roaming\Toedqiom\dyixfo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3042525643.job => C:\Users\Lisa\AppData\Roaming\Yhihcox\wyihg.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3323728016.job => C:\Users\Lisa\AppData\Roaming\Ifkewubu\samigu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 337695781.job => C:\Users\Lisa\AppData\Roaming\Noegbyh\onivy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3449893434.job => C:\Users\Lisa\AppData\Roaming\Gybywaa\ilykt.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3503357704.job => C:\Users\Lisa\AppData\Roaming\Olefby\omofbae.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3723582334.job => C:\Users\Lisa\AppData\Roaming\Riybubcy\vocuu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3755073792.job => C:\Users\Lisa\AppData\Roaming\Woosyb\ecwia.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3801360562.job => C:\Users\Lisa\AppData\Roaming\Oqexsof\abgug.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3828944963.job => C:\Users\Lisa\AppData\Roaming\Qaofywx\fuliak.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3914522974.job => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 4249854711.job => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 709702460.job => C:\Users\Lisa\AppData\Roaming\Ruusaky\yqtewee.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 714795581.job => C:\Users\Lisa\AppData\Roaming\Makiorhi\ofneca.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 772651449.job => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 779965912.job => C:\Users\Lisa\AppData\Roaming\Ekkoevne\uklua.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 788173007.job => C:\Users\Lisa\AppData\Roaming\Biahfoda\uktupu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 799365013.job => C:\Users\Lisa\AppData\Roaming\Obdyva\xyfuuvu.exe <==== ATTENTION
*****************
 
Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe => Error: No automatic fix found for this entry.
[6608] C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe => Process closed successfully.
[6628] C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe => Process closed successfully.
[6692] C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe => Process closed successfully.
[6764] C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe => Process closed successfully.
C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe => No running process found
C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe => No running process found
C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe => No running process found
[6380] C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe => Process closed successfully.
[6336] C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe => Process closed successfully.
[6416] C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe => Process closed successfully.
[6528] C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe => Process closed successfully.
[6252] C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe => Process closed successfully.
[6564] C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe => Process closed successfully.
C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe => No running process found
C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe => No running process found
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\qilxqfpd => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Loelube => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ofqhhawe => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ecxorwrb => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Saevdiykpeobub => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Awzuirufz => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\hgrgqovo => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\obqnkhxm => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Haysyf => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\btngfjql => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Piweibi => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\kshowwqt => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Iroxy => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Buguicuzoltaa => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Wyguosno => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Gepeuninesuldy => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Owemyxgau => value deleted successfully.
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Igful => value deleted successfully.
C:\Users\Lisa\AppData\Roaming\Xumoovp => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vesookde => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yxozerak => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Vaaplo => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Arloedyd => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Anogiva => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Gybywaa => Moved successfully.
C:\Users\Lisa\AppData\Local\aejrupmi.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Toedqiom => Moved successfully.
C:\Users\Lisa\AppData\Local\wrfkjolv.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Xumoavh => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Nihaezu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Biahfoda => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Kuzaxu => Moved successfully.
C:\Users\Lisa\AppData\Local\moavlcis.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\lftxadmu.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\fdbujjkg.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\xlooherw.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Olefby => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ysoviw => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Fiefra => Moved successfully.
C:\Users\Lisa\AppData\Local\gjmbilpu.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Qaofywx => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Katali => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yhiqol => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ohyduza => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Imifuba => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Umkidyo => Moved successfully.
C:\Users\Lisa\AppData\Local\hcrkepvr.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Qiyvarc => Moved successfully.
C:\Users\Lisa\AppData\Local\dlkdlnni.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\oqoiqlgm.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Oqexsof => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ostyhu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Bynual => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ifkewubu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yqiluq => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ycohumu => Moved successfully.
C:\Users\Lisa\AppData\Local\njtppoqg.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Kuveyfb => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Lyarogu => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Irezro => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Woosyb => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ekkoevne => Moved successfully.
C:\Users\Lisa\AppData\Local\ganhlhfs.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Siidraf => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Riybubcy => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Faqooh => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Obdyva => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Yhihcox => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Ruusaky => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Noegbyh => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Moneukeg => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Iwekaq => Moved successfully.
Could not move "C:\Windows\system32\?º" => Scheduled to move on reboot.
C:\Users\Lisa\AppData\Local\oniexuwd.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\efnutkja.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\eujtibfw.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\spgbguag.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\gpreedbw.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\talgsuxx.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\pkkskcqr.exe => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Makiorhi => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_07feaf5a.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_08d7f3da.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0d0630f1.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_0e7fc431.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_138ad5f3.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_160a5899.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1b22a697.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1f44950f.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2310a883.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_23a5dafa.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_242859f5.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_25ceaa8b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_299d66e6.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2cc27d8b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2d9f0d43.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_325d7ad2.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3513e5ea.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_40a48bb1.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_46a02e26.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_48fcd5c3.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_4bee9a5c.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_516a30f8.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5bff6409.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfccebd.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6006a756.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_610e375c.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_6d2afcd5.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_72d0a894.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_764296d2.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d2b54e4.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7d991560.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_81133a85.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_8699b65d.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_89cbcdd7.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9fa57dfc.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a600f5e8.exe => Moved successfully.
"C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_a66fb69b.exe" => File/Directory not found.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_aed602ed.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b30e7b4a.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b920b40d.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba27fe00.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bdc46ada.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c244ad96.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c6facbff.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c81b0665.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cba9da0b.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d5aa5f40.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da274b41.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_de06fbfe.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e1d89567.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e415be9a.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e7af9bb0.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ed4750b7.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_edaa6a28.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fc602931.exe => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\pkjlznb7.dll => Moved successfully.
C:\Users\Lisa\AppData\Local\Temp\032939rr.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{006EAFAF-8BCD-413A-9067-20B3E52C40C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{006EAFAF-8BCD-413A-9067-20B3E52C40C2}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2007530802 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2007530802" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{024FEDD9-1DC4-4872-B008-02B525F4A689}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{024FEDD9-1DC4-4872-B008-02B525F4A689}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3755073792 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3755073792" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0483A422-B6DE-458D-8F8B-4AF68804ED00}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0483A422-B6DE-458D-8F8B-4AF68804ED00}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2135597057 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2135597057" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C399329-F772-43DC-A2F6-241F7D6412E8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C399329-F772-43DC-A2F6-241F7D6412E8}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1399807146 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1399807146" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10F6BE5E-8FB5-42CB-A3EA-69756948F2AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10F6BE5E-8FB5-42CB-A3EA-69756948F2AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3089754028" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{157A01DB-6E8E-49B8-87EC-A0F24EA36F82}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{157A01DB-6E8E-49B8-87EC-A0F24EA36F82}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 966665472" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1619E43C-58DD-49D6-A651-60D499C254EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1619E43C-58DD-49D6-A651-60D499C254EE}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3323728016 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3323728016" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1663D225-43F8-45E3-95BE-5460AD494598}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1663D225-43F8-45E3-95BE-5460AD494598}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3431837355" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{178BB5FE-7E06-472B-8B9E-FED7252CFAE9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{178BB5FE-7E06-472B-8B9E-FED7252CFAE9}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2458895620 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2458895620" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CF68C5D-3CC1-457C-8FA1-449026B07A83}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CF68C5D-3CC1-457C-8FA1-449026B07A83}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2498235418" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{275D28C0-21F4-4C6B-BF4E-EB8B78475F65}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{275D28C0-21F4-4C6B-BF4E-EB8B78475F65}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 418947291" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27B820B0-EACD-476A-B121-AAEB60B70C77}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27B820B0-EACD-476A-B121-AAEB60B70C77}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1956719661 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1956719661" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BABA540-553D-4555-A828-0CC8463F516C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BABA540-553D-4555-A828-0CC8463F516C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3488534018" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BE8FD63-CAE3-4F5F-A215-323E62DE36EB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BE8FD63-CAE3-4F5F-A215-323E62DE36EB}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3014236961 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3014236961" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E7D3E2E-5F46-4721-B1EA-4B660609FE9A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E7D3E2E-5F46-4721-B1EA-4B660609FE9A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2029705305" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33416DCA-9E19-4A37-A920-D384254CE2B8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33416DCA-9E19-4A37-A920-D384254CE2B8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 846557512" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43DFD0E1-F0CB-4B2F-991A-8C7FB4951EE2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43DFD0E1-F0CB-4B2F-991A-8C7FB4951EE2}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1574700934 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1574700934" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44FB8B0B-86BB-4F08-A090-2BA57D8D250C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44FB8B0B-86BB-4F08-A090-2BA57D8D250C}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2425577634 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2425577634" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4542AEE1-D9F2-4E11-82B7-516501FE9FBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4542AEE1-D9F2-4E11-82B7-516501FE9FBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 927385066" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{454A9DA7-0147-4E91-B302-0BA526AAF881}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{454A9DA7-0147-4E91-B302-0BA526AAF881}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3503357704 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3503357704" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46C13CF5-646F-4974-91E3-D63DBE6FEE4A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46C13CF5-646F-4974-91E3-D63DBE6FEE4A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1855888854" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48D5445C-C4FB-49F5-BD32-DF1178C76D23}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48D5445C-C4FB-49F5-BD32-DF1178C76D23}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1345943332 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1345943332" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BEFF88B-B9BC-4E03-811B-EBD3F7DAB6D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BEFF88B-B9BC-4E03-811B-EBD3F7DAB6D1}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 714795581 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 714795581" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C0E8C2D-1896-4875-9C02-F642AE2B7998}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C0E8C2D-1896-4875-9C02-F642AE2B7998}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3338805954" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C6BE521-A0CD-48C3-97B7-E617306D3201}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C6BE521-A0CD-48C3-97B7-E617306D3201}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1758301648 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1758301648" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D4A099E-D65A-4610-B7F7-936616F36FB6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D4A099E-D65A-4610-B7F7-936616F36FB6}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2104485432 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2104485432" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E670018-24DE-4014-B85F-A7AC596D0973}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E670018-24DE-4014-B85F-A7AC596D0973}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3914522974 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3914522974" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F6EB0E4-4434-4E66-925A-E3408B8D9A77}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F6EB0E4-4434-4E66-925A-E3408B8D9A77}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2979509591" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F92C8CB-E811-41E1-9E59-39351B5DCA8C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F92C8CB-E811-41E1-9E59-39351B5DCA8C}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 779965912 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 779965912" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{577040B3-CB35-4B03-9D25-07B3C1A947AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{577040B3-CB35-4B03-9D25-07B3C1A947AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1379205928 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1379205928" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B806C89-B6F4-4491-BC05-BC08C4EA5AA5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B806C89-B6F4-4491-BC05-BC08C4EA5AA5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1355868994" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C1C5D95-3451-4637-807A-F514F4C12EFD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C1C5D95-3451-4637-807A-F514F4C12EFD}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2488743118 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2488743118" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D85E214-BB8C-47DF-A502-BCA35E1BC852}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D85E214-BB8C-47DF-A502-BCA35E1BC852}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3801360562 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3801360562" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FD12D6E-C94D-414C-A73F-F7E53CB8EB72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FD12D6E-C94D-414C-A73F-F7E53CB8EB72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 752820688" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61F90348-1632-4370-BBD0-6430A089691B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61F90348-1632-4370-BBD0-6430A089691B}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3723582334 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3723582334" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6934BE3C-9D2A-42D0-A8B1-891217E8415E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6934BE3C-9D2A-42D0-A8B1-891217E8415E}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 337695781 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 337695781" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B2FB14B-2386-410C-8C42-CFD8E2844B9A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B2FB14B-2386-410C-8C42-CFD8E2844B9A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3828944963 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3828944963" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{750661EA-B5E4-4D3E-8F27-D9EFA1B74788}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{750661EA-B5E4-4D3E-8F27-D9EFA1B74788}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2479261886" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75D47420-CB24-4D20-9ED2-C85E70EF2151}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75D47420-CB24-4D20-9ED2-C85E70EF2151}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2104751866" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79E1A60F-A6EA-4CB8-BE02-D7BC3EBFD870}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79E1A60F-A6EA-4CB8-BE02-D7BC3EBFD870}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 4249854711 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4249854711" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AD6CBD2-37D0-4A04-B9C6-0B144F669F33}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AD6CBD2-37D0-4A04-B9C6-0B144F669F33}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2808920971 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2808920971" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BF18A5C-4427-424E-B093-EF7E0E4A5A22}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BF18A5C-4427-424E-B093-EF7E0E4A5A22}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3715843453" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CDDA879-009C-4154-8CD3-BD06DFD0C1B8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CDDA879-009C-4154-8CD3-BD06DFD0C1B8}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 788173007 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 788173007" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CE25652-EB51-493A-89F9-45392A31C9BA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CE25652-EB51-493A-89F9-45392A31C9BA}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1853461507 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1853461507" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D901313-4F98-4028-8062-A2537F3D6C0F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D901313-4F98-4028-8062-A2537F3D6C0F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2038411680" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8010DC90-B7CC-4BE1-85AD-04E38632FA92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8010DC90-B7CC-4BE1-85AD-04E38632FA92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2191080318" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B482D7A-3A63-48F1-AF33-1C3B45E96BBC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B482D7A-3A63-48F1-AF33-1C3B45E96BBC}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 392046224 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 392046224" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F44A373-FD4F-4AD2-9557-80161BB7965B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F44A373-FD4F-4AD2-9557-80161BB7965B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 371833040" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9560F579-6320-48BD-81DD-5310D3299CC8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9560F579-6320-48BD-81DD-5310D3299CC8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3942642799" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{978FDB14-77B6-4B4A-8344-AC358F30E9EA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{978FDB14-77B6-4B4A-8344-AC358F30E9EA}" => Key deleted successfully.
C:\Windows\System32\Tasks\SystemToolsDailyTest => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9837810F-F11C-438C-84E7-D762685980D9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9837810F-F11C-438C-84E7-D762685980D9}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2852106250 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2852106250" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98AB084F-C369-485A-8FF7-79508E654415}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98AB084F-C369-485A-8FF7-79508E654415}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2106932050" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E6E8F43-0C79-4735-9400-1E23D811FE00}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E6E8F43-0C79-4735-9400-1E23D811FE00}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1156754490 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1156754490" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F6CC889-5C75-417D-A170-1B8C0615B89F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F6CC889-5C75-417D-A170-1B8C0615B89F}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3042525643 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3042525643" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3BBBEBC-0C9A-4AE0-A8A8-B639567CBF97}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3BBBEBC-0C9A-4AE0-A8A8-B639567CBF97}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3983964077" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3977328-01CA-49FB-9091-B42B3D341736}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3977328-01CA-49FB-9091-B42B3D341736}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1640359643" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6FE1232-5A72-4ABA-8308-B6383E16B129}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6FE1232-5A72-4ABA-8308-B6383E16B129}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3449893434 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3449893434" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDCB65CA-49FC-4584-9A9F-2FCFD69254FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDCB65CA-49FC-4584-9A9F-2FCFD69254FD}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 238619398 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 238619398" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE3172D4-97AA-402B-87C4-8167ABDDB3C4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE3172D4-97AA-402B-87C4-8167ABDDB3C4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3150405157" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6AB9866-93EB-40F9-AF52-B65EA1E4B326}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6AB9866-93EB-40F9-AF52-B65EA1E4B326}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 772651449 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 772651449" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9BE3DD5-181E-43EB-BEC7-B97383015855}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9BE3DD5-181E-43EB-BEC7-B97383015855}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2194090041" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBF597A1-815E-4D7F-BE88-F273FB0D26A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBF597A1-815E-4D7F-BE88-F273FB0D26A0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 709702460 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 709702460" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC1AD1AD-D302-432B-8504-6160E4BF81CA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC1AD1AD-D302-432B-8504-6160E4BF81CA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2109373424" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDB4C012-746D-4511-9950-BA1C91BA0D54}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDB4C012-746D-4511-9950-BA1C91BA0D54}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 1492308399 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1492308399" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E005DE33-0357-4042-8570-A3F94929E411}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E005DE33-0357-4042-8570-A3F94929E411}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1586098165" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E43A154E-4AB1-41B0-AB14-086B16D1BDF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E43A154E-4AB1-41B0-AB14-086B16D1BDF9}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 799365013 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 799365013" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA338F8E-CA31-4AB3-BC05-C1BFE5D959C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA338F8E-CA31-4AB3-BC05-C1BFE5D959C1}" => Key deleted successfully.
C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1010 series => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP Deskjet 1010 series" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF273F07-B050-49E3-95EB-F22B681A0EF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF273F07-B050-49E3-95EB-F22B681A0EF5}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2322726845 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2322726845" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCA72012-4145-43A9-BAB2-3D48B6625BB2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCA72012-4145-43A9-BAB2-3D48B6625BB2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2836356992" => Key deleted successfully.
C:\Windows\Tasks\Security Center Update - 1156754490.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1345943332.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1379205928.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1399807146.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1492308399.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1574700934.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1758301648.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1853461507.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 1956719661.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2007530802.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2038411680.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2104485432.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2135597057.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2322726845.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 238619398.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2425577634.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2458895620.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2488743118.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2808920971.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 2852106250.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3014236961.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3042525643.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3323728016.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 337695781.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3449893434.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3503357704.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3723582334.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3755073792.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3801360562.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3828944963.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 3914522974.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 4249854711.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 709702460.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 714795581.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 772651449.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 779965912.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 788173007.job => Moved successfully.
C:\Windows\Tasks\Security Center Update - 799365013.job => Moved successfully.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-08-30 10:57:57)<=
 
"C:\Windows\system32\?º" => File could not move.
 
==== End of Fixlog ====
 
 
New FRST.txt:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014
Ran by Lisa (administrator) on LISA-PC on 30-08-2014 11:15:05
Running from C:\Users\Lisa\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Facebook Inc.) C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe
(Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe
(Mesrosift Corporatien) C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe
(Mesrisift Corporatien) C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe
(Meskisift Corporatien) C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe
(PowerCmd Software) C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe
(Antony Lewis) C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
(M1crosoft Corporation) C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe
(CrystalIDEA Software) C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe
() C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
(Intel Corporation) C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mesrosifm Corporatien) C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-01-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-14] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4365984 2012-03-12] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-03-16] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-13] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Facebook Update] => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-15] (Facebook Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-05] (Electronic Arts)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [GoogleChromeAutoLaunch_A963AF10D41C891DDF74F25191F896A3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-06-28] (Google Inc.)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [obununuo] => C:\Users\Lisa\AppData\Local\pmrxciqb.exe [155648 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [uxsqumrq] => C:\Users\Lisa\AppData\Local\ftmbftun.exe [168448 2014-08-02] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [wmxhmtrl] => C:\Users\Lisa\AppData\Local\lnxnrbjh.exe [117760 2014-08-03] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [fbffvguv] => C:\Users\Lisa\AppData\Local\ksqkmgfn.exe [145408 2014-08-04] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [dcvwmnif] => C:\Users\Lisa\AppData\Local\nqnvgvvj.exe [153600 2014-08-05] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [aabddxgj] => C:\Users\Lisa\AppData\Local\gxjiiqou.exe [153600 2014-08-06] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gcouijrg] => C:\Users\Lisa\AppData\Local\mtohoimn.exe [153600 2014-08-07] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [vdfxxgnd] => C:\Users\Lisa\AppData\Local\fmdvsdoh.exe [160768 2014-08-15] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bhouqppw] => C:\Users\Lisa\AppData\Local\wqwiwtfg.exe [162816 2014-08-16] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [edgslvdg] => C:\Users\Lisa\AppData\Local\jcgfjtoa.exe [165376 2014-08-17] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [bexuvgqo] => C:\Users\Lisa\AppData\Local\ujlveuwg.exe [165376 2014-08-18] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [xwlukcal] => C:\Users\Lisa\AppData\Local\tgwxupsa.exe [164864 2014-08-19] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [jnoiuicb] => C:\Users\Lisa\AppData\Local\akxhcokx.exe [132096 2014-08-20] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [putbocao] => C:\Users\Lisa\AppData\Local\wxpufssv.exe [132096 2014-08-21] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [gncbitsc] => C:\Users\Lisa\AppData\Local\imjkkxco.exe [132608 2014-08-22] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Cuinbo] => C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe [304354 2012-09-14] (Mesrosifm Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Loelube] => C:\Users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe [305365 2014-08-30] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Saevdiykpeobub] => C:\Users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe [305229 2014-08-30] (Mesrosift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Wyguosno] => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [308409 2014-08-30] (Mesrisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Gepeuninesuldy] => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [307322 2014-08-30] (Meskisift Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Iroxy] => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [460288 2014-08-30] (PowerCmd Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Haysyf] => C:\Users\Lisa\AppData\Roaming\Fiefra\nuwif.exe [300748 2014-08-30] (Mesrosifm Corporatien)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Piweibi] => C:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe [304140 2014-08-30] (Antony Lewis)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Igful] => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [277504 2014-08-30] (M1crosoft Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Buguicuzoltaa] => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [413184 2014-08-30] (CrystalIDEA Software)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Owemyxgau] => C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe [368640 2014-08-30] ()
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\Run: [Awzuirufz] => C:\Users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe [464896 2014-08-30] (Intel Corporation)
HKU\S-1-5-21-1465888645-1228132841-1644353950-1000\...\MountPoints2: {2f949a7c-b3b4-11e3-9791-c01885bc5d88} - E:\LG_PC_Programs.exe
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1010 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1010 series.lnk -> C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3F9B7245-D3E7-43AD-A837-9886B9105873} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US440&p={SearchTerms}
SearchScopes: HKCU - {3F9B7245-D3E7-43AD-A837-9886B9105873} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US440&p={SearchTerms}
SearchScopes: HKCU - {C2AB3595-E55C-42A0-B934-70A8A1C42D2D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Lisa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Lisa\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-07-04]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-07-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-10]
CHR Extension: (MapsGalaxy) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb [2014-08-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\McAfee\MSC\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-03-16] (Dell Inc.) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
U3 mfeapfk01; No ImagePath
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTPASp50a64; System32\Drivers\NTPASp50a64.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-30 11:15 - 2014-08-30 11:16 - 00034191 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-08-30 11:04 - 2014-08-30 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qiyvarc
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuzaxu
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuveyfb
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Iwekaq
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fiefra
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-30 10:53 - 2014-08-30 10:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup (2).exe
2014-08-30 10:51 - 2014-08-30 10:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup (1).exe
2014-08-30 10:46 - 2014-08-30 10:46 - 00094208 _____ () C:\Users\Lisa\AppData\Local\pejqmtew.exe
2014-08-30 08:17 - 2014-08-30 11:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2695952501.job
2014-08-30 08:17 - 2014-08-30 08:17 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2695952501
2014-08-30 08:17 - 2014-08-30 08:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Duuxqofo
2014-08-30 07:48 - 2014-08-30 11:16 - 00000000 ____D () C:\Users\Lisa\AppData\Local\PMB Files
2014-08-29 21:52 - 2014-08-30 07:44 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xeurukri
2014-08-29 21:30 - 2014-08-29 21:38 - 00000000 ____D () C:\Users\Lisa\Desktop\.minecraft
2014-08-29 17:07 - 2014-08-29 17:07 - 00001270 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-29 17:06 - 2014-08-29 17:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup.exe
2014-08-27 17:11 - 2014-08-27 17:12 - 145417920 _____ (Intel Corporation) C:\Users\Lisa\Downloads\Win64_152822.exe
2014-08-27 17:08 - 2014-08-27 17:08 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SystemRequirementsLab
2014-08-27 17:04 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 17:04 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 17:04 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 07:43 - 2014-08-26 07:43 - 00155648 _____ () C:\Users\Lisa\Downloads\CH15_Test_Bank.wiz
2014-08-26 07:42 - 2014-08-26 07:42 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank (1).wiz
2014-08-26 07:41 - 2014-08-26 07:41 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank.wiz
2014-08-24 03:26 - 2014-08-24 03:26 - 00000040 _____ () C:\Windows\system32\퐀º
2014-08-23 15:50 - 2014-08-23 20:33 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Warframe
2014-08-23 13:17 - 2014-08-27 17:08 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-23 13:17 - 2014-08-23 13:17 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-08-23 12:25 - 2014-08-23 12:27 - 00055844 _____ () C:\Users\Lisa\Downloads\Addition.txt
2014-08-23 12:24 - 2014-08-23 12:27 - 00118812 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-08-23 12:22 - 2014-08-30 11:15 - 00000000 ____D () C:\FRST
2014-08-23 12:22 - 2014-08-30 10:53 - 02103808 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-08-23 12:14 - 2014-08-30 09:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 392046224.job
2014-08-23 04:20 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ydpyyny
2014-08-23 04:20 - 2014-08-23 04:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2038411680
2014-08-23 04:02 - 2014-08-30 09:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3089754028.job
2014-08-23 04:02 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubyfinv
2014-08-23 04:02 - 2014-08-23 04:02 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3089754028
2014-08-23 00:15 - 2014-08-30 09:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2979509591.job
2014-08-23 00:15 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Paaqnaes
2014-08-23 00:15 - 2014-08-23 00:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2979509591
2014-08-22 22:40 - 2014-08-22 22:40 - 00011243 _____ () C:\Users\Lisa\Downloads\attach.txt
2014-08-22 22:29 - 2014-08-30 09:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2191080318.job
2014-08-22 22:29 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Egihnil
2014-08-22 22:29 - 2014-08-22 22:29 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2191080318
2014-08-22 21:59 - 2014-08-30 09:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1855888854.job
2014-08-22 21:59 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Saviha
2014-08-22 21:59 - 2014-08-22 21:59 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1855888854
2014-08-22 21:52 - 2014-08-22 21:52 - 00688992 ____R (Swearware) C:\Users\Lisa\Downloads\dds.com
2014-08-22 21:40 - 2014-08-30 09:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2194090041.job
2014-08-22 21:40 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ymyneq
2014-08-22 21:40 - 2014-08-22 21:40 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2194090041
2014-08-22 21:26 - 2014-08-22 21:26 - 00003728 ____N () C:\bootsqm.dat
2014-08-22 17:53 - 2014-08-22 17:53 - 00000017 _____ () C:\Users\Lisa\AppData\Local\resmon.resmoncfg
2014-08-22 16:58 - 2014-08-30 09:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 371833040.job
2014-08-22 16:58 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yzyfket
2014-08-22 16:58 - 2014-08-22 16:58 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 371833040
2014-08-22 16:05 - 2014-08-22 16:05 - 00132608 _____ () C:\Users\Lisa\AppData\Local\imjkkxco.exe
2014-08-22 16:04 - 2014-08-30 09:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 3431837355.job
2014-08-22 16:04 - 2014-08-22 16:04 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 3431837355
2014-08-22 15:58 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-08-22 06:20 - 2014-08-30 09:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3488534018.job
2014-08-22 06:20 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-22 06:20 - 2014-08-22 06:20 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3488534018
2014-08-22 06:18 - 2014-08-30 09:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 966665472.job
2014-08-22 06:18 - 2014-08-30 09:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3715843453.job
2014-08-22 06:18 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwweaxag
2014-08-22 06:18 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ircuuggu
2014-08-22 06:18 - 2014-08-22 06:18 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 966665472
2014-08-22 06:18 - 2014-08-22 06:18 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3715843453
2014-08-21 17:02 - 2014-08-21 17:02 - 00132096 _____ () C:\Users\Lisa\AppData\Local\wxpufssv.exe
2014-08-21 12:17 - 2014-08-30 09:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1586098165.job
2014-08-21 12:17 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Hutoite
2014-08-21 12:17 - 2014-08-21 12:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1586098165
2014-08-21 12:14 - 2014-08-30 09:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 927385066.job
2014-08-21 12:14 - 2014-08-21 12:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 927385066
2014-08-21 06:20 - 2014-08-30 09:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2836356992.job
2014-08-21 06:20 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afuxriap
2014-08-21 06:20 - 2014-08-21 06:20 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2836356992
2014-08-20 22:27 - 2014-08-30 09:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 752820688.job
2014-08-20 22:27 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peqiaz
2014-08-20 22:27 - 2014-08-20 22:27 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 752820688
2014-08-20 22:23 - 2014-08-20 22:23 - 00098304 _____ () C:\Users\Lisa\AppData\Local\hkiwuxep.exe
2014-08-20 22:10 - 2014-08-30 09:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1640359643.job
2014-08-20 22:10 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Adexve
2014-08-20 22:10 - 2014-08-20 22:10 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1640359643
2014-08-20 20:30 - 2014-08-30 09:00 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2106932050.job
2014-08-20 20:30 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vauvqaz
2014-08-20 20:30 - 2014-08-20 20:30 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2106932050
2014-08-20 18:32 - 2014-08-30 09:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3150405157.job
2014-08-20 18:32 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igaxuvky
2014-08-20 18:32 - 2014-08-20 18:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3150405157
2014-08-20 17:54 - 2014-08-30 09:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1355868994.job
2014-08-20 17:54 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Odypops
2014-08-20 17:54 - 2014-08-20 17:54 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1355868994
2014-08-20 17:15 - 2014-08-30 09:00 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2029705305.job
2014-08-20 17:15 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Enecorly
2014-08-20 17:15 - 2014-08-20 17:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2029705305
2014-08-20 17:14 - 2014-08-20 17:14 - 00132096 _____ () C:\Users\Lisa\AppData\Local\akxhcokx.exe
2014-08-20 14:19 - 2014-08-30 09:00 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104751866.job
2014-08-20 14:19 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Daryca
2014-08-20 14:19 - 2014-08-20 14:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104751866
2014-08-20 13:51 - 2014-08-30 09:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3983964077.job
2014-08-20 13:51 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-20 13:51 - 2014-08-20 13:51 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3983964077
2014-08-20 12:27 - 2014-08-30 09:00 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2479261886.job
2014-08-20 12:27 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Esmony
2014-08-20 12:27 - 2014-08-20 12:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2479261886
2014-08-20 10:29 - 2014-08-30 09:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2109373424.job
2014-08-20 10:29 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etlyedav
2014-08-20 10:29 - 2014-08-20 10:29 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2109373424
2014-08-20 09:53 - 2014-08-30 09:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3942642799.job
2014-08-20 09:53 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sapume
2014-08-20 09:53 - 2014-08-20 09:53 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3942642799
2014-08-20 09:33 - 2014-08-30 09:00 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 418947291.job
2014-08-20 09:33 - 2014-08-20 09:33 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 418947291
2014-08-20 01:55 - 2014-08-30 09:00 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3338805954.job
2014-08-20 01:55 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Owhodu
2014-08-20 01:55 - 2014-08-20 01:55 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3338805954
2014-08-20 01:52 - 2014-08-20 01:52 - 00086016 _____ () C:\Users\Lisa\AppData\Local\qjojndus.exe
2014-08-20 00:59 - 2014-08-30 09:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 846557512.job
2014-08-20 00:59 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bypoudte
2014-08-20 00:59 - 2014-08-20 00:59 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 846557512
2014-08-19 23:20 - 2014-08-30 09:00 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2498235418.job
2014-08-19 23:20 - 2014-08-19 23:20 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2498235418
2014-08-19 23:17 - 2014-08-19 23:17 - 00122880 _____ () C:\Users\Lisa\AppData\Local\mplssuve.exe
2014-08-19 15:31 - 2014-08-19 15:31 - 00164864 _____ () C:\Users\Lisa\AppData\Local\tgwxupsa.exe
2014-08-18 22:22 - 2014-08-18 22:22 - 00086016 _____ () C:\Users\Lisa\AppData\Local\njjudrfv.exe
2014-08-18 21:48 - 2014-08-18 21:48 - 00086016 _____ () C:\Users\Lisa\AppData\Local\pxpnlkid.exe
2014-08-18 19:08 - 2014-08-18 19:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-18 18:54 - 2014-08-18 18:55 - 00036473 _____ () C:\Windows\SysWOW64\Result.txt
2014-08-18 18:25 - 2014-08-18 18:25 - 00086016 _____ () C:\Users\Lisa\AppData\Local\adafhgir.exe
2014-08-18 17:54 - 2014-08-30 07:45 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exohrei
2014-08-18 17:53 - 2014-08-18 18:37 - 00036252 _____ () C:\Users\Lisa\Downloads\Result.txt
2014-08-18 17:48 - 2014-08-18 18:35 - 00002757 _____ () C:\Users\Lisa\Downloads\FSS.txt
2014-08-18 17:28 - 2014-08-18 17:28 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Downloads\rkill.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00401920 _____ (Farbar) C:\Users\Lisa\Downloads\MiniToolBox.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 17:27 - 2014-08-18 17:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00854417 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00415232 _____ (Farbar) C:\Users\Lisa\Downloads\FSS.exe
2014-08-18 17:00 - 2014-08-18 17:00 - 00165376 _____ () C:\Users\Lisa\AppData\Local\ujlveuwg.exe
2014-08-17 14:27 - 2014-08-17 14:27 - 00165376 _____ () C:\Users\Lisa\AppData\Local\jcgfjtoa.exe
2014-08-16 15:22 - 2014-08-16 15:22 - 00162816 _____ () C:\Users\Lisa\AppData\Local\wqwiwtfg.exe
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-08-16 14:59 - 2012-02-14 12:49 - 00114176 _____ (CPUID) C:\Windows\SysWOW64\PCWizard.cpl
2014-08-16 14:58 - 2014-08-16 14:58 - 05324650 _____ (CPUID ) C:\Users\Lisa\Downloads\pc-wizard_2012.2.11-setup.exe
2014-08-16 14:36 - 2014-08-17 14:56 - 00000000 ____D () C:\Users\Lisa\Documents\Witcher 2
2014-08-16 14:36 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher 2
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\Documents\The Witcher
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher
2014-08-16 14:16 - 2014-08-16 14:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-08-16 02:06 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 02:06 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 02:06 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 02:06 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 02:06 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 02:06 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 02:05 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 02:05 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-16 00:47 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 00:47 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-16 00:47 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-16 00:47 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 00:47 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-16 00:47 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-16 00:47 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-16 00:47 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-16 00:46 - 2014-08-06 22:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-16 00:46 - 2014-08-06 22:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-16 00:46 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-16 00:46 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-16 00:46 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 00:46 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-16 00:46 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-16 00:46 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 00:46 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-16 00:46 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-16 00:46 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-16 00:46 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 00:46 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-16 00:46 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-16 00:46 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-16 00:46 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-16 00:46 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-16 00:46 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-16 00:46 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-16 00:46 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-16 00:46 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-16 00:46 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 00:46 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-16 00:46 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-16 00:46 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-16 00:46 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-16 00:46 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 00:46 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-16 00:46 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 00:46 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-16 00:46 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-16 00:46 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 00:46 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-16 00:46 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-16 00:46 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 00:46 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-16 00:46 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-16 00:46 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 00:46 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 00:46 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 00:46 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 00:46 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-16 00:46 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 00:46 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-16 00:46 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-16 00:46 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 00:46 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 00:46 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 00:46 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 00:46 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-16 00:46 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-16 00:46 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 00:46 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 00:46 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 00:46 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-16 00:46 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-16 00:46 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 00:46 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 00:46 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-16 00:46 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-16 00:46 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 20:42 - 2014-08-15 20:42 - 25184629 _____ () C:\Users\Lisa\Downloads\Modern HD 1.8.zip
2014-08-15 17:29 - 2014-08-15 17:29 - 00160768 _____ () C:\Users\Lisa\AppData\Local\fmdvsdoh.exe
2014-08-11 21:47 - 2014-08-11 21:47 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 21:47 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 21:46 - 2014-08-11 21:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 21:46 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iPod
2014-08-11 19:54 - 2014-08-11 19:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-10 22:27 - 2014-08-10 22:27 - 00000000 _____ () C:\Users\Lisa\cd
2014-08-10 22:20 - 2014-08-10 22:20 - 03001270 _____ () C:\Users\Lisa\Downloads\Minecraft-Region-Fixer-0.1.3 (win32).zip
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-09 17:13 - 2014-08-09 17:23 - 00000000 ____D () C:\Users\Lisa\Documents\Euro Truck Simulator 2
2014-08-07 19:37 - 2014-08-07 19:37 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Ubisoft
2014-08-07 17:42 - 2014-08-07 17:42 - 00153600 _____ () C:\Users\Lisa\AppData\Local\mtohoimn.exe
2014-08-06 19:22 - 2014-08-06 19:22 - 00153600 _____ () C:\Users\Lisa\AppData\Local\gxjiiqou.exe
2014-08-05 18:28 - 2014-08-05 18:28 - 00153600 _____ () C:\Users\Lisa\AppData\Local\nqnvgvvj.exe
2014-08-04 18:11 - 2014-08-04 18:11 - 00145408 _____ () C:\Users\Lisa\AppData\Local\ksqkmgfn.exe
2014-08-03 14:51 - 2014-08-03 14:51 - 00117760 _____ () C:\Users\Lisa\AppData\Local\lnxnrbjh.exe
2014-08-02 15:17 - 2014-08-02 15:17 - 00168448 _____ () C:\Users\Lisa\AppData\Local\ftmbftun.exe
2014-08-02 09:43 - 2014-08-02 09:43 - 00000000 ____D () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1)
2014-08-02 09:42 - 2014-08-02 09:42 - 00155648 _____ () C:\Users\Lisa\AppData\Local\pmrxciqb.exe
2014-08-02 09:41 - 2014-08-02 09:41 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1).zip
2014-08-02 09:39 - 2014-08-02 09:39 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203.zip
2014-08-01 20:06 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 20:06 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 20:06 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 20:06 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 20:06 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 20:06 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 20:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 20:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 20:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 20:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\Users\Lisa\AppData\Local\WarThunder
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\ProgramData\WarThunder
2014-07-31 08:29 - 2014-07-31 08:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\StunlockStudios
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-30 11:16 - 2014-08-30 11:15 - 00034191 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-08-30 11:16 - 2014-08-30 07:48 - 00000000 ____D () C:\Users\Lisa\AppData\Local\PMB Files
2014-08-30 11:15 - 2014-08-23 12:22 - 00000000 ____D () C:\FRST
2014-08-30 11:14 - 2012-08-29 02:24 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Nero
2014-08-30 11:08 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-30 11:08 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-30 11:05 - 2012-05-26 01:39 - 01722387 _____ () C:\Windows\WindowsUpdate.log
2014-08-30 11:04 - 2014-08-30 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-30 11:04 - 2012-07-04 23:25 - 00001806 _____ () C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2014-08-30 11:00 - 2014-08-30 08:17 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2695952501.job
2014-08-30 10:58 - 2013-07-19 10:53 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-30 10:57 - 2012-06-28 01:39 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-30 10:57 - 2012-05-26 00:24 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-08-30 10:57 - 2012-05-26 00:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-08-30 10:57 - 2012-05-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-08-30 10:56 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-30 10:56 - 2009-07-14 00:51 - 00104407 _____ () C:\Windows\setupact.log
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yxozerak
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xumoovp
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vesookde
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vaaplo
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Qiyvarc
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuzaxu
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Kuveyfb
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Iwekaq
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Fiefra
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Arloedyd
2014-08-30 10:54 - 2014-08-30 10:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Anogiva
2014-08-30 10:54 - 2012-07-05 02:40 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps
2014-08-30 10:53 - 2014-08-30 10:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup (2).exe
2014-08-30 10:53 - 2014-08-23 12:22 - 02103808 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-08-30 10:51 - 2014-08-30 10:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup (1).exe
2014-08-30 10:46 - 2014-08-30 10:46 - 00094208 _____ () C:\Users\Lisa\AppData\Local\pejqmtew.exe
2014-08-30 09:34 - 2013-01-04 21:32 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA.job
2014-08-30 09:33 - 2012-06-28 01:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-30 09:00 - 2014-08-23 12:14 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 392046224.job
2014-08-30 09:00 - 2014-08-23 04:02 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3089754028.job
2014-08-30 09:00 - 2014-08-23 00:15 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2979509591.job
2014-08-30 09:00 - 2014-08-22 22:29 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2191080318.job
2014-08-30 09:00 - 2014-08-22 21:59 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 1855888854.job
2014-08-30 09:00 - 2014-08-22 21:40 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2194090041.job
2014-08-30 09:00 - 2014-08-22 16:58 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 371833040.job
2014-08-30 09:00 - 2014-08-22 16:04 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 3431837355.job
2014-08-30 09:00 - 2014-08-22 06:20 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 3488534018.job
2014-08-30 09:00 - 2014-08-22 06:18 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 966665472.job
2014-08-30 09:00 - 2014-08-22 06:18 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 3715843453.job
2014-08-30 09:00 - 2014-08-21 12:17 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 1586098165.job
2014-08-30 09:00 - 2014-08-21 12:14 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 927385066.job
2014-08-30 09:00 - 2014-08-21 06:20 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 2836356992.job
2014-08-30 09:00 - 2014-08-20 22:27 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 752820688.job
2014-08-30 09:00 - 2014-08-20 22:10 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 1640359643.job
2014-08-30 09:00 - 2014-08-20 20:30 - 00000796 _____ () C:\Windows\Tasks\Security Center Update - 2106932050.job
2014-08-30 09:00 - 2014-08-20 18:32 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3150405157.job
2014-08-30 09:00 - 2014-08-20 17:54 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 1355868994.job
2014-08-30 09:00 - 2014-08-20 17:15 - 00000802 _____ () C:\Windows\Tasks\Security Center Update - 2029705305.job
2014-08-30 09:00 - 2014-08-20 14:19 - 00000790 _____ () C:\Windows\Tasks\Security Center Update - 2104751866.job
2014-08-30 09:00 - 2014-08-20 13:51 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 3983964077.job
2014-08-30 09:00 - 2014-08-20 12:27 - 00000794 _____ () C:\Windows\Tasks\Security Center Update - 2479261886.job
2014-08-30 09:00 - 2014-08-20 10:29 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2109373424.job
2014-08-30 09:00 - 2014-08-20 09:53 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3942642799.job
2014-08-30 09:00 - 2014-08-20 09:33 - 00000800 _____ () C:\Windows\Tasks\Security Center Update - 418947291.job
2014-08-30 09:00 - 2014-08-20 01:55 - 00000792 _____ () C:\Windows\Tasks\Security Center Update - 3338805954.job
2014-08-30 09:00 - 2014-08-20 00:59 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 846557512.job
2014-08-30 09:00 - 2014-08-19 23:20 - 00000798 _____ () C:\Windows\Tasks\Security Center Update - 2498235418.job
2014-08-30 08:17 - 2014-08-30 08:17 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2695952501
2014-08-30 08:17 - 2014-08-30 08:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Duuxqofo
2014-08-30 07:46 - 2012-06-27 01:47 - 00000000 ____D () C:\Users\Lisa
2014-08-30 07:45 - 2014-08-23 04:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ydpyyny
2014-08-30 07:45 - 2014-08-23 04:02 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ubyfinv
2014-08-30 07:45 - 2014-08-23 00:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Paaqnaes
2014-08-30 07:45 - 2014-08-22 22:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Egihnil
2014-08-30 07:45 - 2014-08-22 21:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Saviha
2014-08-30 07:45 - 2014-08-22 21:40 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ymyneq
2014-08-30 07:45 - 2014-08-22 16:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yzyfket
2014-08-30 07:45 - 2014-08-22 15:58 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-08-30 07:45 - 2014-08-22 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-30 07:45 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Uwweaxag
2014-08-30 07:45 - 2014-08-22 06:18 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Ircuuggu
2014-08-30 07:45 - 2014-08-21 12:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Hutoite
2014-08-30 07:45 - 2014-08-21 06:20 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Afuxriap
2014-08-30 07:45 - 2014-08-20 22:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Peqiaz
2014-08-30 07:45 - 2014-08-20 22:10 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Adexve
2014-08-30 07:45 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Vauvqaz
2014-08-30 07:45 - 2014-08-20 18:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Igaxuvky
2014-08-30 07:45 - 2014-08-20 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Odypops
2014-08-30 07:45 - 2014-08-20 17:15 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Enecorly
2014-08-30 07:45 - 2014-08-20 14:19 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Daryca
2014-08-30 07:45 - 2014-08-20 13:51 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-30 07:45 - 2014-08-20 12:27 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Esmony
2014-08-30 07:45 - 2014-08-20 10:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Etlyedav
2014-08-30 07:45 - 2014-08-20 09:53 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Sapume
2014-08-30 07:45 - 2014-08-20 01:55 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Owhodu
2014-08-30 07:45 - 2014-08-20 00:59 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Bypoudte
2014-08-30 07:45 - 2014-08-18 17:54 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Exohrei
2014-08-30 07:44 - 2014-08-29 21:52 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xeurukri
2014-08-30 07:44 - 2014-06-29 05:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-30 07:44 - 2013-04-12 16:12 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-30 07:44 - 2012-12-13 18:50 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-30 07:44 - 2012-12-13 18:50 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-08-30 07:44 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-08-30 07:43 - 2014-02-05 20:32 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\.minecraft
2014-08-30 07:43 - 2012-07-08 18:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Skype
2014-08-29 21:38 - 2014-08-29 21:30 - 00000000 ____D () C:\Users\Lisa\Desktop\.minecraft
2014-08-29 17:14 - 2014-02-15 04:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Open Download Manager
2014-08-29 17:07 - 2014-08-29 17:07 - 00001270 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-29 17:06 - 2014-08-29 17:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup.exe
2014-08-28 20:08 - 2013-07-19 15:51 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-08-28 16:54 - 2010-11-20 23:47 - 00408894 _____ () C:\Windows\PFRO.log
2014-08-28 16:54 - 2009-07-14 00:45 - 00437152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:17 - 2012-06-27 13:03 - 00064512 _____ () C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-27 17:22 - 2012-05-26 01:38 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-27 17:15 - 2014-05-15 21:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 17:14 - 2012-05-26 01:38 - 00000000 ____D () C:\Intel
2014-08-27 17:12 - 2014-08-27 17:11 - 145417920 _____ (Intel Corporation) C:\Users\Lisa\Downloads\Win64_152822.exe
2014-08-27 17:08 - 2014-08-27 17:08 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SystemRequirementsLab
2014-08-27 17:08 - 2014-08-23 13:17 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-26 19:47 - 2009-07-14 01:13 - 00006498 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-26 07:43 - 2014-08-26 07:43 - 00155648 _____ () C:\Users\Lisa\Downloads\CH15_Test_Bank.wiz
2014-08-26 07:42 - 2014-08-26 07:42 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank (1).wiz
2014-08-26 07:41 - 2014-08-26 07:41 - 00134656 _____ () C:\Users\Lisa\Downloads\Test_Bank.wiz
2014-08-24 17:51 - 2013-07-19 10:56 - 00000000 ____D () C:\ProgramData\Origin
2014-08-24 03:26 - 2014-08-24 03:26 - 00000040 _____ () C:\Windows\system32\퐀º
2014-08-24 00:34 - 2013-01-04 21:32 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core.job
2014-08-23 20:33 - 2014-08-23 15:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Warframe
2014-08-23 15:51 - 2012-05-26 00:33 - 00286798 _____ () C:\Windows\DirectX.log
2014-08-23 14:02 - 2009-07-14 01:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-23 13:17 - 2014-08-23 13:17 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-08-23 12:27 - 2014-08-23 12:25 - 00055844 _____ () C:\Users\Lisa\Downloads\Addition.txt
2014-08-23 12:27 - 2014-08-23 12:24 - 00118812 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-08-23 04:20 - 2014-08-23 04:20 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2038411680
2014-08-23 04:02 - 2014-08-23 04:02 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3089754028
2014-08-23 00:15 - 2014-08-23 00:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2979509591
2014-08-22 22:40 - 2014-08-22 22:40 - 00011243 _____ () C:\Users\Lisa\Downloads\attach.txt
2014-08-22 22:29 - 2014-08-22 22:29 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2191080318
2014-08-22 22:07 - 2014-08-27 17:04 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:59 - 2014-08-22 21:59 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 1855888854
2014-08-22 21:52 - 2014-08-22 21:52 - 00688992 ____R (Swearware) C:\Users\Lisa\Downloads\dds.com
2014-08-22 21:45 - 2014-08-27 17:04 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 21:40 - 2014-08-22 21:40 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2194090041
2014-08-22 21:26 - 2014-08-22 21:26 - 00003728 ____N () C:\bootsqm.dat
2014-08-22 20:59 - 2014-08-27 17:04 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 17:53 - 2014-08-22 17:53 - 00000017 _____ () C:\Users\Lisa\AppData\Local\resmon.resmoncfg
2014-08-22 16:58 - 2014-08-22 16:58 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 371833040
2014-08-22 16:05 - 2014-08-22 16:05 - 00132608 _____ () C:\Users\Lisa\AppData\Local\imjkkxco.exe
2014-08-22 16:04 - 2014-08-22 16:04 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 3431837355
2014-08-22 06:20 - 2014-08-22 06:20 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 3488534018
2014-08-22 06:18 - 2014-08-22 06:18 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 966665472
2014-08-22 06:18 - 2014-08-22 06:18 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 3715843453
2014-08-21 17:02 - 2014-08-21 17:02 - 00132096 _____ () C:\Users\Lisa\AppData\Local\wxpufssv.exe
2014-08-21 12:17 - 2014-08-21 12:17 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 1586098165
2014-08-21 12:14 - 2014-08-21 12:14 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 927385066
2014-08-21 06:20 - 2014-08-21 06:20 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 2836356992
2014-08-20 22:27 - 2014-08-20 22:27 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 752820688
2014-08-20 22:23 - 2014-08-20 22:23 - 00098304 _____ () C:\Users\Lisa\AppData\Local\hkiwuxep.exe
2014-08-20 22:10 - 2014-08-20 22:10 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 1640359643
2014-08-20 20:30 - 2014-08-20 20:30 - 00003802 _____ () C:\Windows\System32\Tasks\Security Center Update - 2106932050
2014-08-20 18:32 - 2014-08-20 18:32 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3150405157
2014-08-20 17:54 - 2014-08-20 17:54 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 1355868994
2014-08-20 17:15 - 2014-08-20 17:15 - 00003808 _____ () C:\Windows\System32\Tasks\Security Center Update - 2029705305
2014-08-20 17:14 - 2014-08-20 17:14 - 00132096 _____ () C:\Users\Lisa\AppData\Local\akxhcokx.exe
2014-08-20 14:19 - 2014-08-20 14:19 - 00003796 _____ () C:\Windows\System32\Tasks\Security Center Update - 2104751866
2014-08-20 13:51 - 2014-08-20 13:51 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 3983964077
2014-08-20 12:27 - 2014-08-20 12:27 - 00003800 _____ () C:\Windows\System32\Tasks\Security Center Update - 2479261886
2014-08-20 10:29 - 2014-08-20 10:29 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2109373424
2014-08-20 09:53 - 2014-08-20 09:53 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3942642799
2014-08-20 09:33 - 2014-08-20 09:33 - 00003806 _____ () C:\Windows\System32\Tasks\Security Center Update - 418947291
2014-08-20 01:55 - 2014-08-20 01:55 - 00003798 _____ () C:\Windows\System32\Tasks\Security Center Update - 3338805954
2014-08-20 01:52 - 2014-08-20 01:52 - 00086016 _____ () C:\Users\Lisa\AppData\Local\qjojndus.exe
2014-08-20 00:59 - 2014-08-20 00:59 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 846557512
2014-08-19 23:20 - 2014-08-19 23:20 - 00003804 _____ () C:\Windows\System32\Tasks\Security Center Update - 2498235418
2014-08-19 23:17 - 2014-08-19 23:17 - 00122880 _____ () C:\Users\Lisa\AppData\Local\mplssuve.exe
2014-08-19 15:31 - 2014-08-19 15:31 - 00164864 _____ () C:\Users\Lisa\AppData\Local\tgwxupsa.exe
2014-08-18 22:22 - 2014-08-18 22:22 - 00086016 _____ () C:\Users\Lisa\AppData\Local\njjudrfv.exe
2014-08-18 21:48 - 2014-08-18 21:48 - 00086016 _____ () C:\Users\Lisa\AppData\Local\pxpnlkid.exe
2014-08-18 19:58 - 2014-08-18 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-18 19:07 - 2014-05-26 01:28 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-18 18:55 - 2014-08-18 18:54 - 00036473 _____ () C:\Windows\SysWOW64\Result.txt
2014-08-18 18:37 - 2014-08-18 17:53 - 00036252 _____ () C:\Users\Lisa\Downloads\Result.txt
2014-08-18 18:37 - 2014-05-26 01:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 18:35 - 2014-08-18 17:48 - 00002757 _____ () C:\Users\Lisa\Downloads\FSS.txt
2014-08-18 18:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Globalization
2014-08-18 18:25 - 2014-08-18 18:25 - 00086016 _____ () C:\Users\Lisa\AppData\Local\adafhgir.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Downloads\rkill.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00401920 _____ (Farbar) C:\Users\Lisa\Downloads\MiniToolBox.exe
2014-08-18 17:28 - 2014-08-18 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-18 17:28 - 2014-08-18 17:27 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1012.exe
2014-08-18 17:28 - 2014-05-26 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-18 17:28 - 2014-05-26 01:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-18 17:27 - 2014-08-18 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00854417 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-08-18 17:27 - 2014-08-18 17:27 - 00415232 _____ (Farbar) C:\Users\Lisa\Downloads\FSS.exe
2014-08-18 17:00 - 2014-08-18 17:00 - 00165376 _____ () C:\Users\Lisa\AppData\Local\ujlveuwg.exe
2014-08-17 14:56 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\Documents\Witcher 2
2014-08-17 14:27 - 2014-08-17 14:27 - 00165376 _____ () C:\Users\Lisa\AppData\Local\jcgfjtoa.exe
2014-08-17 04:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 15:22 - 2014-08-16 15:22 - 00162816 _____ () C:\Users\Lisa\AppData\Local\wqwiwtfg.exe
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-08-16 14:58 - 2014-08-16 14:58 - 05324650 _____ (CPUID ) C:\Users\Lisa\Downloads\pc-wizard_2012.2.11-setup.exe
2014-08-16 14:36 - 2014-08-16 14:36 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher 2
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\Documents\The Witcher
2014-08-16 14:20 - 2014-08-16 14:20 - 00000000 ____D () C:\Users\Lisa\AppData\Local\The Witcher
2014-08-16 14:16 - 2014-08-16 14:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-08-16 12:27 - 2013-08-06 00:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-16 02:10 - 2012-07-08 01:48 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-16 02:05 - 2014-04-30 00:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 20:42 - 2014-08-15 20:42 - 25184629 _____ () C:\Users\Lisa\Downloads\Modern HD 1.8.zip
2014-08-15 17:35 - 2012-07-26 22:59 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 17:29 - 2014-08-15 17:29 - 00160768 _____ () C:\Users\Lisa\AppData\Local\fmdvsdoh.exe
2014-08-14 17:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-11 22:46 - 2012-06-27 21:17 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SoftGrid Client
2014-08-11 21:47 - 2014-08-11 21:47 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 21:47 - 2014-08-11 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 21:47 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 21:46 - 2014-08-11 21:46 - 00000000 ____D () C:\Program Files\iPod
2014-08-11 19:57 - 2013-07-19 17:12 - 00000000 ____D () C:\Users\Lisa\Documents\Electronic Arts
2014-08-11 19:57 - 2013-07-19 10:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-11 19:55 - 2014-08-11 19:54 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 19:55 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-11 19:18 - 2013-07-19 11:01 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-10 22:27 - 2014-08-10 22:27 - 00000000 _____ () C:\Users\Lisa\cd
2014-08-10 22:20 - 2014-08-10 22:20 - 03001270 _____ () C:\Users\Lisa\Downloads\Minecraft-Region-Fixer-0.1.3 (win32).zip
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 11:15 - 2014-08-10 11:15 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-10 11:15 - 2014-07-05 22:33 - 00000000 ____D () C:\Users\Lisa\Documents\My Games
2014-08-09 22:09 - 2014-06-11 00:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Paint.NET
2014-08-09 22:03 - 2014-06-11 00:51 - 00001150 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-08-09 22:03 - 2014-06-11 00:51 - 00001138 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-08-09 22:03 - 2014-06-11 00:51 - 00000000 ____D () C:\Program Files\Paint.NET
2014-08-09 21:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-09 17:23 - 2014-08-09 17:13 - 00000000 ____D () C:\Users\Lisa\Documents\Euro Truck Simulator 2
2014-08-07 19:37 - 2014-08-07 19:37 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Ubisoft
2014-08-07 17:42 - 2014-08-07 17:42 - 00153600 _____ () C:\Users\Lisa\AppData\Local\mtohoimn.exe
2014-08-06 22:06 - 2014-08-16 00:46 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 22:01 - 2014-08-16 00:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 19:22 - 2014-08-06 19:22 - 00153600 _____ () C:\Users\Lisa\AppData\Local\gxjiiqou.exe
2014-08-05 18:28 - 2014-08-05 18:28 - 00153600 _____ () C:\Users\Lisa\AppData\Local\nqnvgvvj.exe
2014-08-04 18:11 - 2014-08-04 18:11 - 00145408 _____ () C:\Users\Lisa\AppData\Local\ksqkmgfn.exe
2014-08-03 15:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-03 14:51 - 2014-08-03 14:51 - 00117760 _____ () C:\Users\Lisa\AppData\Local\lnxnrbjh.exe
2014-08-02 15:17 - 2014-08-02 15:17 - 00168448 _____ () C:\Users\Lisa\AppData\Local\ftmbftun.exe
2014-08-02 09:43 - 2014-08-02 09:43 - 00000000 ____D () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1)
2014-08-02 09:42 - 2014-08-02 09:42 - 00155648 _____ () C:\Users\Lisa\AppData\Local\pmrxciqb.exe
2014-08-02 09:41 - 2014-08-02 09:41 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203 (1).zip
2014-08-02 09:39 - 2014-08-02 09:39 - 00077686 _____ () C:\Users\Lisa\Downloads\&#1057opy_of_document_SER1203.zip
2014-08-02 02:16 - 2012-12-16 00:09 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\Users\Lisa\AppData\Local\WarThunder
2014-08-01 10:34 - 2014-08-01 10:34 - 00000000 ____D () C:\ProgramData\WarThunder
2014-07-31 19:41 - 2014-08-16 00:46 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 19:16 - 2014-08-16 00:46 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 08:29 - 2014-07-31 08:29 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\StunlockStudios
 
Files to move or delete:
====================
C:\Users\Lisa\jagex_cl_runescape_LIVE.dat
 
 
Some content of TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Lisa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Lisa\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\Lisa\AppData\Local\Temp\contentDATs.exe
C:\Users\Lisa\AppData\Local\Temp\D2M-Precheck.exe
C:\Users\Lisa\AppData\Local\Temp\del.dll
C:\Users\Lisa\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Lisa\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Lisa\AppData\Local\Temp\mssinstaller.exe
C:\Users\Lisa\AppData\Local\Temp\NGMDll.dll
C:\Users\Lisa\AppData\Local\Temp\NGMResource.dll
C:\Users\Lisa\AppData\Local\Temp\nsmC5CC.tmp.exe
C:\Users\Lisa\AppData\Local\Temp\paint.net.4.0.3.install.exe
C:\Users\Lisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Lisa\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Lisa\AppData\Local\Temp\setup.exe
C:\Users\Lisa\AppData\Local\Temp\speedupmypc.exe
C:\Users\Lisa\AppData\Local\Temp\SRLDetectionLibrary1166339853304169505.dll
C:\Users\Lisa\AppData\Local\Temp\stageremote_2.0.0.43_2.0.0.50_update_all.exe
C:\Users\Lisa\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Lisa\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Lisa\AppData\Local\Temp\tbFree.dll
C:\Users\Lisa\AppData\Local\Temp\unicows.dll
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_02f7a23a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_13e4dcab.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_1bc98a7d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_21c5c48a.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_2ff04997.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3290907b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_3395f225.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_35e998fa.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_37472dc4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_554dd13d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5cfb770c.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_5e6a8f98.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_61f087dd.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_64183c61.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_7251dd4b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_79e97e1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_91aa4c9b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_939416b4.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_95757909.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_96c95518.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_99c572f8.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9a4a7529.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9ae80cde.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_9f6d1442.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ad4b2921.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b2db83ae.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b316a696.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_b32cfc92.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ba5af972.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_bbcdc72e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_c88e7a0e.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_cddd4d1b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d08fffb6.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d35b2564.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_d40ecf34.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_da798d03.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_e3424573.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_ef807fc3.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f0690cee.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f1810c3b.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_f30fa441.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fabbe379.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fca2020d.exe
C:\Users\Lisa\AppData\Local\Temp\UpdateFlashPlayer_fd9a4825.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-07 09:55
 
==================== End Of Log ============================
 
 
 

New Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2014
Ran by Lisa at 2014-08-30 11:17:05
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version:  - X-Legend)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - )
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Carnage Racing (HKLM-x32\...\Steam App 228940) (Version:  - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11350.0 - Cisco Consumer Products LLC)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Corel PaintShop Pro X4 (HKLM-x32\...\_{00580795-581C-4587-B9F2-37320D7AB37F}) (Version: 14.0.0.345 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.215 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.49 - Dell Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Euro Truck Simulator 2 Demo (HKLM-x32\...\Steam App 231120) (Version:  - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Realms (HKCU\...\SOE-Free Realms) (Version:  - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version:  - SimBin)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
HP Deskjet 1010 series Basic Device Software (HKLM\...\{43211ACE-5EBF-48A1-8497-8F53CB0FC1E4}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 1010 series Help (HKLM-x32\...\{BFB6C2B0-9643-4B59-A706-71DEB3017A99}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
ICA (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version:  - Free Lunch Design)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
IPM_PSP_COM (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
La Tale (HKLM-x32\...\Steam App 264360) (Version:  - Actoz Soft)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140806.90000 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Wizard 2012.2.12 (HKLM-x32\...\PC Wizard 2012_is1) (Version:  - CPUID)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Product Improvement Study for HP Deskjet 1010 series (HKLM\...\{89F99A52-34C0-48A5-B0DA-33F7E4760FA9}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
Project Cyber (HKLM-x32\...\Steam App 285580) (Version:  - Spearhead Games)
PSPPContent (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPro64 (Version: 14.0.0.345 - Corel Corporation) Hidden
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.17 - Dell Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - SimBin Studios AB)
Really Big Sky (HKLM-x32\...\Steam App 201570) (Version:  - Boss Baddie)
Respondus 4.0 Single-User (HKLM-x32\...\{D60A153B-5292-4833-9C5C-2556D54FDE4B}) (Version: 4.0.1.00 - Respondus, Inc.)
Respondus Equation Editor 4 (HKLM-x32\...\RSEE4) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
SavetheChildren Reminder by We-Care.com v4.1.26.4 (HKLM-x32\...\{26B4D0E1-6F6D-48DF-8719-80276A259F7E}) (Version: 4.1.26.4 - We-Care.com)
Setup (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.10.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465888645-1228132841-1644353950-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
23-08-2014 19:50:52 Installed DirectX
28-08-2014 04:10:07 Windows Update
29-08-2014 21:13:18 Revo Uninstaller's restore point - Open Downloader Manager
29-08-2014 21:26:00 Revo Uninstaller's restore point - Ask Shopping Toolbar
29-08-2014 21:28:51 Revo Uninstaller's restore point - Pando Media Booster
30-08-2014 11:33:21 Restore Operation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05F00170-4698-4B3C-8054-EF2E1BCB1134} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {18D8F1D1-90F2-4915-A59D-6DEBAE776475} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {2050F09F-0791-44B8-8B3F-4B66A00D4F14} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {3B428BDE-836D-4BC2-9A0F-8A8CB2E39F7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {40B655BD-3ECB-4530-892C-5771FA4E7739} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {4FEAEBF8-F9CB-43E0-A300-C2069A47660C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {557F6025-CDEA-4311-B777-28DA219AE4B4} - System32\Tasks\Security Center Update - 2695952501 => C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe [2012-09-14] (Mesrosifm Corporatien) <==== ATTENTION
Task: {6C50E672-6AE8-4EBC-98CD-E0E9A2E87106} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15] (Facebook Inc.)
Task: {6E574FE7-CD99-486A-BB85-26C822FD69EF} - System32\Tasks\{682840C9-C865-4F05-B807-8BA9AD57D886} => C:\Users\Lisa\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
Task: {81694AED-AEE0-41D3-AC36-5A29E8702CDF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15] (Facebook Inc.)
Task: {B5AACB6F-BF50-4246-A1CF-B69A36713BDB} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {D758F8FB-73F9-4796-864D-3B54E91CBEED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FC5721B2-3BB1-4700-A7FB-872F3B28C0CF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-27] (Microsoft Corporation)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core.job => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA.job => C:\Users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Security Center Update - 1355868994.job => C:\Users\Lisa\AppData\Roaming\Odypops\wanef.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1586098165.job => C:\Users\Lisa\AppData\Roaming\Hutoite\taqauda.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1640359643.job => C:\Users\Lisa\AppData\Roaming\Adexve\ciruhi.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1855888854.job => C:\Users\Lisa\AppData\Roaming\Saviha\lovan.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2029705305.job => C:\Users\Lisa\AppData\Roaming\Enecorly\irocpal.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2104751866.job => C:\Users\Lisa\AppData\Roaming\Daryca\yrvik.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2106932050.job => C:\Users\Lisa\AppData\Roaming\Vauvqaz\yzuhov.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2109373424.job => C:\Users\Lisa\AppData\Roaming\Etlyedav\icuvd.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2191080318.job => C:\Users\Lisa\AppData\Roaming\Egihnil\oswyky.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2194090041.job => C:\Users\Lisa\AppData\Roaming\Ymyneq\hilao.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2479261886.job => C:\Users\Lisa\AppData\Roaming\Esmony\tuyqato.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2498235418.job => C:\Users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2695952501.job => C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2836356992.job => C:\Users\Lisa\AppData\Roaming\Afuxriap\bowytu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 2979509591.job => C:\Users\Lisa\AppData\Roaming\Paaqnaes\ystyxym.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3089754028.job => C:\Users\Lisa\AppData\Roaming\Ubyfinv\ilmoka.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3150405157.job => C:\Users\Lisa\AppData\Roaming\Igaxuvky\togobo.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3338805954.job => C:\Users\Lisa\AppData\Roaming\Owhodu\onixeg.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3431837355.job => C:\Users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3488534018.job => C:\Users\Lisa\AppData\Roaming\Ulaqbeq\ihahir.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3715843453.job => C:\Users\Lisa\AppData\Roaming\Uwweaxag\izxyu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 371833040.job => C:\Users\Lisa\AppData\Roaming\Yzyfket\sawymu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 392046224.job => C:\Users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3942642799.job => C:\Users\Lisa\AppData\Roaming\Sapume\etfivu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3983964077.job => C:\Users\Lisa\AppData\Roaming\Yrpeqiod\ulepqi.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 418947291.job => C:\Users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 752820688.job => C:\Users\Lisa\AppData\Roaming\Peqiaz\opdofa.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 846557512.job => C:\Users\Lisa\AppData\Roaming\Bypoudte\zuudv.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 927385066.job => C:\Users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 966665472.job => C:\Users\Lisa\AppData\Roaming\Ircuuggu\igebly.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-08-27 17:12 - 2014-08-27 17:12 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-15 21:11 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-12-16 00:09 - 2011-02-07 12:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-05-26 00:19 - 2012-01-26 22:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-27 20:26 - 2011-06-27 20:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2012-05-26 01:09 - 2011-12-15 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-13 18:50 - 2012-12-13 18:50 - 03093624 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2011-06-29 09:52 - 2011-06-29 09:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2014-08-30 10:54 - 2014-08-30 10:54 - 00368640 _____ () C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-02-01 12:50 - 2012-02-01 12:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 16:52 - 2010-03-22 16:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 00:20 - 2011-06-25 00:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-27 20:25 - 2011-06-27 20:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-25 00:21 - 2011-06-25 00:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-02-10 19:54 - 2014-08-05 18:23 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 17:35 - 2014-08-06 23:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-17 22:54 - 2014-08-17 22:54 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-05-26 00:03 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-05-26 00:07 - 2012-01-20 12:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2011-12-31 18:04 - 2011-12-31 18:04 - 00251688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
2011-12-31 18:04 - 2011-12-31 18:04 - 00891688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/30/2014 10:57:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/30/2014 10:57:02 AM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 1
 
Error: (08/30/2014 10:54:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ilhauq.exe, version: 0.0.0.0, time stamp: 0x53f2109a
Faulting module name: ilhauq.exe, version: 0.0.0.0, time stamp: 0x53f2109a
Exception code: 0xc0000005
Fault offset: 0x000042b5
Faulting process id: 0x608
Faulting application start time: 0xilhauq.exe0
Faulting application path: ilhauq.exe1
Faulting module path: ilhauq.exe2
Report Id: ilhauq.exe3
 
Error: (08/30/2014 10:46:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pejqmtew.exe, version: 0.0.0.0, time stamp: 0x01e7c86f
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x00093547
Faulting process id: 0x18d0
Faulting application start time: 0xpejqmtew.exe0
Faulting application path: pejqmtew.exe1
Faulting module path: pejqmtew.exe2
Report Id: pejqmtew.exe3
 
Error: (08/30/2014 10:40:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/30/2014 10:39:19 AM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 1
 
Error: (08/30/2014 09:05:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: abreox.exe, version: 0.192.6230.14277, time stamp: 0x53d75949
Faulting module name: mshtml.dll, version: 11.0.9600.17239, time stamp: 0x53d26078
Exception code: 0xc0000005
Fault offset: 0x002f6731
Faulting process id: 0x2d5c
Faulting application start time: 0xabreox.exe0
Faulting application path: abreox.exe1
Faulting module path: abreox.exe2
Report Id: abreox.exe3
 
Error: (08/30/2014 08:23:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: abreox.exe, version: 0.192.6230.14277, time stamp: 0x53d75949
Faulting module name: jscript9.dll, version: 11.0.9600.17239, time stamp: 0x53d2481e
Exception code: 0xc0000005
Fault offset: 0x000ec306
Faulting process id: 0x2508
Faulting application start time: 0xabreox.exe0
Faulting application path: abreox.exe1
Faulting module path: abreox.exe2
Report Id: abreox.exe3
 
Error: (08/30/2014 08:00:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ypgain.exe, version: 1.2.0.9, time stamp: 0x53d75949
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0002dfe4
Faulting process id: 0x1dd0
Faulting application start time: 0xypgain.exe0
Faulting application path: ypgain.exe1
Faulting module path: ypgain.exe2
Report Id: ypgain.exe3
 
Error: (08/30/2014 07:48:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (08/30/2014 11:03:47 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
Error: (08/30/2014 11:02:16 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (08/30/2014 11:02:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (08/30/2014 11:00:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/30/2014 10:46:10 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
 
Error: (08/30/2014 10:44:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (08/30/2014 10:44:38 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (08/30/2014 10:44:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The McAfee Home Network service hung on starting.
 
Error: (08/30/2014 10:42:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/30/2014 08:21:40 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
 
Microsoft Office Sessions:
=========================
Error: (08/30/2014 10:57:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/30/2014 10:57:02 AM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
Error: (08/30/2014 10:54:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ilhauq.exe0.0.0.053f2109ailhauq.exe0.0.0.053f2109ac0000005000042b560801cfc4623ed7abb5C:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exeC:\Users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe80240fd4-3055-11e4-8e99-c01885bc5d88
 
Error: (08/30/2014 10:46:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: pejqmtew.exe0.0.0.001e7c86fntdll.dll6.1.7601.18247521ea8e7c00000050009354718d001cfc4611e45f815C:\Users\Lisa\AppData\Local\pejqmtew.exeC:\Windows\SysWOW64\ntdll.dll5ca172ce-3054-11e4-8e99-c01885bc5d88
 
Error: (08/30/2014 10:40:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/30/2014 10:39:19 AM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
Error: (08/30/2014 09:05:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: abreox.exe0.192.6230.1427753d75949mshtml.dll11.0.9600.1723953d26078c0000005002f67312d5c01cfc452fba9e2fbC:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exeC:\Windows\SysWOW64\mshtml.dll4aa2ff2d-3046-11e4-8bdf-c01885bc5d88
 
Error: (08/30/2014 08:23:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: abreox.exe0.192.6230.1427753d75949jscript9.dll11.0.9600.1723953d2481ec0000005000ec306250801cfc44cdc6f7ff0C:\Users\Lisa\AppData\Roaming\Duuxqofo\abreox.exeC:\Windows\SysWOW64\jscript9.dll77cfd586-3040-11e4-8bdf-c01885bc5d88
 
Error: (08/30/2014 08:00:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ypgain.exe1.2.0.953d75949ntdll.dll6.1.7601.18247521ea8e7c00000050002dfe41dd001cfc44915a620deC:\Users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exeC:\Windows\SysWOW64\ntdll.dll4c2a2c9c-303d-11e4-8bdf-c01885bc5d88
 
Error: (08/30/2014 07:48:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 56%
Total physical RAM: 6008.64 MB
Available physical RAM: 2587.7 MB
Total Pagefile: 12015.47 MB
Available Pagefile: 7788.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.91 GB) (Free:106.8 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 88E8EB63)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,078 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:14 PM

Posted 30 August 2014 - 11:16 AM

Hi cpdion,
 
Running Combofix:

Download Combofix from this link and save it to your desktop

  • Close any open browsers or any other programs that are open.
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • You can also find the log here: C:\ComboFix.txt

Please also note:

  • Do not click combofix's window while it's running. That may cause combofix to stall.
  • Combofix may reboot your computer a number of times, this is normal.
  • If you receive an error, "Illegal operation attempted on a registry key that has been marked for deletion,"  then please restart the computer to resolve this.

--------------
 
Please re-run FRST from the desktop (like you did before), put a check in the box for Addition.txt under the optional scan, and press the scan button. It will produce a FRST.txt and an addition.txt log located on the desktop.  Please copy and paste the log into your next reply.
 
--------------

To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • ComboFix.txt
  • New FRST.txt
  • New Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#12 cpdion

cpdion
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:12:14 PM

Posted 01 September 2014 - 03:46 PM

COMBOFIX.TXT:

 

ComboFix 14-08-31.01 - Lisa 09/01/2014  15:07:24.2.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6009.2689 [GMT -4:00]
Running from: c:\users\Lisa\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lisa\AppData\Roaming\Adexve
c:\users\Lisa\AppData\Roaming\Adexve\ciruhi.exe
c:\users\Lisa\AppData\Roaming\Daryca
c:\users\Lisa\AppData\Roaming\Daryca\yrvik.exe
c:\users\Lisa\AppData\Roaming\Eqaknic\asyzs.exe
c:\users\Lisa\AppData\Roaming\Fiefra
c:\users\Lisa\AppData\Roaming\Fiefra\nuwif.exe
c:\users\Lisa\AppData\Roaming\Iwekaq
c:\users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe
c:\users\Lisa\AppData\Roaming\Kuzaxu
c:\users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
c:\users\Lisa\AppData\Roaming\Owhodu
c:\users\Lisa\AppData\Roaming\Owhodu\onixeg.exe
c:\users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-08-01 to 2014-09-01  )))))))))))))))))))))))))))))))
.
.
2014-09-01 19:32 . 2014-09-01 19:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-01 19:31 . 2014-09-01 20:06 -------- d-----w- c:\users\Lisa\AppData\Roaming\Kuzaxu
2014-09-01 19:31 . 2014-09-01 20:06 -------- d-----w- c:\users\Lisa\AppData\Roaming\Iwekaq
2014-09-01 19:31 . 2014-09-01 20:06 -------- d-----w- c:\users\Lisa\AppData\Roaming\Fiefra
2014-09-01 12:23 . 2014-09-01 20:06 -------- d-----w- c:\users\Lisa\AppData\Roaming\Eqaknic
2014-09-01 02:16 . 2014-09-01 02:16 -------- d-----w- c:\users\Lisa\AppData\Roaming\Isekgoiq
2014-09-01 00:19 . 2014-09-01 00:19 -------- d-----w- c:\users\Lisa\AppData\Roaming\Absuosaf
2014-08-31 22:19 . 2014-08-31 22:19 -------- d-----w- c:\users\Lisa\AppData\Roaming\Nufegi
2014-08-31 21:44 . 2014-08-31 21:44 -------- d-----w- c:\users\Lisa\AppData\Roaming\Nudoucun
2014-08-31 20:22 . 2014-08-31 20:22 -------- d-----w- c:\users\Lisa\AppData\Roaming\Culeuccy
2014-08-31 18:20 . 2014-08-31 18:20 -------- d-----w- c:\users\Lisa\AppData\Roaming\Opxyxi
2014-08-31 17:45 . 2014-08-31 17:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ixebfuo
2014-08-31 16:20 . 2014-08-31 16:20 -------- d-----w- c:\users\Lisa\AppData\Roaming\Fupoonve
2014-08-31 14:13 . 2014-08-31 14:13 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ipemsip
2014-08-31 13:59 . 2014-08-31 13:59 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ewwunyos
2014-08-31 12:34 . 2014-08-31 12:34 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ubepory
2014-08-31 06:25 . 2014-08-31 06:25 -------- d-----w- c:\users\Lisa\AppData\Roaming\Uhmaxewu
2014-08-31 05:51 . 2014-08-31 05:51 -------- d-----w- c:\users\Lisa\AppData\Roaming\Turowaas
2014-08-31 04:25 . 2014-08-31 04:25 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ibaduhi
2014-08-31 02:26 . 2014-08-31 02:26 -------- d-----w- c:\users\Lisa\AppData\Roaming\Fyunwym
2014-08-31 01:52 . 2014-08-31 01:52 -------- d-----w- c:\users\Lisa\AppData\Roaming\Eqiqgeo
2014-08-31 01:16 . 2014-08-31 01:16 -------- d-----w- c:\users\Lisa\AppData\Roaming\Naluat
2014-08-30 21:47 . 2014-08-30 21:47 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ycocyn
2014-08-30 20:55 . 2014-08-30 20:55 -------- d-----w- c:\programdata\CanonIJ
2014-08-30 20:36 . 2014-08-30 20:36 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ozdoxoe
2014-08-30 14:54 . 2014-09-01 20:06 -------- d-----w- c:\users\Lisa\AppData\Roaming\Vesookde
2014-08-30 14:54 . 2014-08-30 14:54 -------- d-----w- c:\users\Lisa\AppData\Roaming\Yxozerak
2014-08-30 14:54 . 2014-08-30 14:54 -------- d-----w- c:\users\Lisa\AppData\Roaming\Xumoovp
2014-08-30 14:54 . 2014-08-30 14:54 -------- d-----w- c:\users\Lisa\AppData\Roaming\Vaaplo
2014-08-30 14:54 . 2014-08-30 14:54 -------- d-----w- c:\users\Lisa\AppData\Roaming\Qiyvarc
2014-08-30 14:54 . 2014-08-30 14:54 -------- d-----w- c:\users\Lisa\AppData\Roaming\Kuveyfb
2014-08-30 14:54 . 2014-08-30 14:54 -------- d-----w- c:\users\Lisa\AppData\Roaming\Arloedyd
2014-08-30 14:54 . 2014-08-30 14:54 -------- d-----w- c:\users\Lisa\AppData\Roaming\Anogiva
2014-08-30 12:17 . 2014-08-30 12:17 -------- d-----w- c:\users\Lisa\AppData\Roaming\Duuxqofo
2014-08-30 11:48 . 2014-09-01 18:43 -------- d-----w- c:\users\Lisa\AppData\Local\PMB Files
2014-08-30 01:52 . 2014-08-30 11:44 -------- d-----w- c:\users\Lisa\AppData\Roaming\Xeurukri
2014-08-29 21:07 . 2014-08-29 21:07 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-08-27 21:08 . 2014-08-27 21:08 -------- d-----w- c:\users\Lisa\AppData\Roaming\SystemRequirementsLab
2014-08-27 21:04 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-27 21:04 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-27 21:04 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 19:50 . 2014-08-24 00:33 -------- d-----w- c:\users\Lisa\AppData\Local\Warframe
2014-08-23 17:17 . 2014-08-27 21:08 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-08-23 17:17 . 2014-08-23 17:17 -------- d-----w- c:\programdata\SystemRequirementsLab
2014-08-23 16:22 . 2014-08-30 15:18 -------- d-----w- C:\FRST
2014-08-23 08:20 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ydpyyny
2014-08-23 08:02 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ubyfinv
2014-08-23 04:15 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Paaqnaes
2014-08-23 02:29 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Egihnil
2014-08-23 01:59 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Saviha
2014-08-23 01:40 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ymyneq
2014-08-22 20:58 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Yzyfket
2014-08-22 10:20 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ulaqbeq
2014-08-22 10:18 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Ircuuggu
2014-08-22 10:18 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Uwweaxag
2014-08-21 16:17 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Hutoite
2014-08-21 10:20 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Afuxriap
2014-08-21 02:27 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Peqiaz
2014-08-21 00:30 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Vauvqaz
2014-08-20 22:32 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Igaxuvky
2014-08-20 21:54 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Odypops
2014-08-20 21:15 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Enecorly
2014-08-20 17:51 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Yrpeqiod
2014-08-20 16:27 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Esmony
2014-08-20 14:29 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Etlyedav
2014-08-20 13:53 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Sapume
2014-08-20 04:59 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Bypoudte
2014-08-18 23:08 . 2014-08-18 23:58 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-08-18 21:54 . 2014-08-30 11:45 -------- d-----w- c:\users\Lisa\AppData\Roaming\Exohrei
2014-08-16 18:59 . 2012-02-14 16:49 114176 ----a-w- c:\windows\SysWow64\PCWizard.cpl
2014-08-16 18:59 . 2014-08-16 18:59 -------- d-----w- c:\program files (x86)\CPUID
2014-08-16 18:36 . 2014-08-16 18:36 -------- d-----w- c:\users\Lisa\AppData\Local\The Witcher 2
2014-08-16 18:20 . 2014-08-16 18:20 -------- d-----w- c:\users\Lisa\AppData\Local\The Witcher
2014-08-16 06:06 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-16 06:06 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-16 06:06 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-16 06:06 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-16 06:06 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-16 06:06 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-16 06:05 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-16 06:05 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-16 04:47 . 2014-06-03 10:02 112064 ----a-w- c:\windows\system32\consent.exe
2014-08-16 04:47 . 2014-06-03 10:02 504320 ----a-w- c:\windows\system32\msihnd.dll
2014-08-16 04:47 . 2014-06-03 10:02 3241984 ----a-w- c:\windows\system32\msi.dll
2014-08-16 04:47 . 2014-06-03 10:02 1941504 ----a-w- c:\windows\system32\authui.dll
2014-08-16 04:47 . 2014-06-03 09:29 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-08-16 04:47 . 2014-06-03 09:29 2363392 ----a-w- c:\windows\SysWow64\msi.dll
2014-08-16 04:47 . 2014-06-03 09:29 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2014-08-16 04:47 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-16 04:47 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-16 04:47 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-16 04:47 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-08-15 02:28 . 2014-08-15 02:28 189128 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2014-08-12 01:46 . 2014-08-12 01:46 -------- d-----w- c:\program files\iPod
2014-08-12 01:46 . 2014-08-12 01:47 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-12 01:46 . 2014-08-12 01:47 -------- d-----w- c:\program files\iTunes
2014-08-12 01:46 . 2014-08-12 01:47 -------- d-----w- c:\program files (x86)\iTunes
2014-08-11 23:54 . 2014-08-11 23:55 -------- d-----w- c:\programdata\Package Cache
2014-08-10 15:15 . 2014-08-10 15:15 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2014-08-10 15:15 . 2014-08-10 15:15 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-08-07 23:37 . 2014-08-07 23:37 -------- d-----w- c:\users\Lisa\AppData\Local\Ubisoft
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-31 12:33 . 2012-05-26 03:46 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-31 12:33 . 2012-05-26 03:46 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-27 21:10 . 2014-05-16 01:27 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-08-18 23:07 . 2014-05-26 05:28 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-18 22:37 . 2014-05-26 05:28 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-16 06:10 . 2012-07-08 05:48 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-04 22:54 . 2010-06-24 16:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-07-26 16:30 . 2014-06-01 04:12 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-07-26 16:30 . 2014-07-26 16:30 321448 ----a-w- c:\windows\system32\javaws.exe
2014-07-26 16:30 . 2014-06-01 04:12 191400 ----a-w- c:\windows\system32\javaw.exe
2014-07-26 16:30 . 2014-06-01 04:12 190888 ----a-w- c:\windows\system32\java.exe
2014-07-22 19:14 . 2014-07-22 19:14 137376 ----a-w- c:\windows\system32\vcomp120.dll
2014-07-21 11:17 . 2014-07-21 11:17 0 ----a-w- c:\windows\SysWow64\shoFF4B.tmp
2014-07-13 11:05 . 2014-07-13 11:05 0 ----a-w- c:\windows\SysWow64\sho44B6.tmp
2014-07-11 07:02 . 2014-07-30 21:03 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-06 10:35 . 2014-07-06 10:35 0 ----a-w- c:\windows\SysWow64\sho8410.tmp
2014-07-02 08:36 . 2014-07-02 08:36 0 ----a-w- c:\windows\SysWow64\sho4A49.tmp
2014-06-27 10:38 . 2014-06-27 10:38 0 ----a-w- c:\windows\SysWow64\sho6FA2.tmp
2014-06-25 10:32 . 2014-06-25 10:32 0 ----a-w- c:\windows\SysWow64\shoD858.tmp
2014-06-20 14:38 . 2012-07-05 03:22 72128 ----a-w- c:\windows\system32\drivers\cfwids.sys
2014-06-20 14:31 . 2012-07-05 03:41 348552 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2014-06-20 14:30 . 2011-10-06 21:44 189912 ----a-w- c:\windows\system32\mfevtps.exe
2014-06-20 14:26 . 2012-07-05 03:41 786296 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2014-06-20 14:23 . 2012-07-05 03:22 523792 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2014-06-20 14:21 . 2012-07-05 03:22 313544 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2014-06-20 14:20 . 2012-07-05 03:41 181704 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2014-06-18 02:18 . 2014-07-09 04:49 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 04:49 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-12 08:24 . 2014-06-12 08:24 0 ----a-w- c:\windows\SysWow64\sho7B82.tmp
2014-06-06 10:10 . 2014-07-09 04:49 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 04:49 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 04:47 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 04:47 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 04:47 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-16 01:48 222920 ----a-w- c:\users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-16 01:48 222920 ----a-w- c:\users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-16 01:48 222920 ----a-w- c:\users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-13 3093624]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-08-30 3600216]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"GoogleChromeAutoLaunch_A963AF10D41C891DDF74F25191F896A3"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-08-07 860488]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-06-28 39408]
"Cuinbo"="c:\users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe" [2012-09-15 304354]
"Saevdiykpeobub"="c:\users\Lisa\AppData\Roaming\Kuveyfb\aqobxe.exe" [2014-08-30 305229]
"Wyguosno"="c:\users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe" [2014-08-30 308409]
"Gepeuninesuldy"="c:\users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe" [2014-08-30 307322]
"Iroxy"="c:\users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe" [2014-08-30 460288]
"Igful"="c:\users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe" [2014-08-30 277504]
"Buguicuzoltaa"="c:\users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe" [2014-08-30 413184]
"Awzuirufz"="c:\users\Lisa\AppData\Roaming\Qiyvarc\zibuc.exe" [2014-08-30 464896]
"Madeci"="c:\users\Lisa\AppData\Roaming\Ozdoxoe\upwoohb.exe" [2014-05-31 323806]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2011-08-04 4165440]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2014-05-08 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 959904]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-08-21 67496]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-04-25 537992]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-04-25 537992]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-08-01 152392]
.
c:\users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Ink Alerts - HP Deskjet 1010 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 1010 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN39A18MGX05S8;CONNECTION=USB;MONITOR=1; [2009-7-13 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-2-1 1380128]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ   scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 NTPASp50a64;NTPASp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\NTPASp50a64.sys;c:\windows\SYSNATIVE\Drivers\NTPASp50a64.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va021;X6va021;c:\windows\SysWOW64\Drivers\X6va021;c:\windows\SysWOW64\Drivers\X6va021 [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeapfk01
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-15 21:33 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-26 12:33]
.
2014-09-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000Core.job
- c:\users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-05 05:29]
.
2014-09-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465888645-1228132841-1644353950-1000UA.job
- c:\users\Lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-05 05:29]
.
2014-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28 05:39]
.
2014-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28 05:39]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 1186791309.job
- c:\users\Lisa\AppData\Roaming\Opxyxi\rocehiy.exe [2014-04-23 10:56]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 1355868994.job
- c:\users\Lisa\AppData\Roaming\Odypops\wanef.exe [2014-04-18 01:21]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 1586098165.job
- c:\users\Lisa\AppData\Roaming\Hutoite\taqauda.exe [2013-11-16 06:48]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 1855888854.job
- c:\users\Lisa\AppData\Roaming\Saviha\lovan.exe [2013-06-14 03:46]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 1938118605.job
- c:\users\Lisa\AppData\Roaming\Uhmaxewu\enimtoe.exe [2014-07-28 08:49]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2029705305.job
- c:\users\Lisa\AppData\Roaming\Enecorly\irocpal.exe [2013-01-30 00:18]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2106932050.job
- c:\users\Lisa\AppData\Roaming\Vauvqaz\yzuhov.exe [2014-03-12 02:27]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2109373424.job
- c:\users\Lisa\AppData\Roaming\Etlyedav\icuvd.exe [2014-04-10 10:04]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2191080318.job
- c:\users\Lisa\AppData\Roaming\Egihnil\oswyky.exe [2012-08-02 22:32]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2194090041.job
- c:\users\Lisa\AppData\Roaming\Ymyneq\hilao.exe [2013-11-20 01:57]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 243605682.job
- c:\users\Lisa\AppData\Roaming\Eqiqgeo\koahda.exe [2012-09-19 23:20]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2479261886.job
- c:\users\Lisa\AppData\Roaming\Esmony\tuyqato.exe [2013-01-06 09:29]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2498235418.job
- c:\users\Lisa\AppData\Roaming\Xumoovp\myywonu.exe [2014-08-30 14:54]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 2535594760.job
- c:\users\Lisa\AppData\Roaming\Ubepory\almuma.exe [2014-06-23 16:42]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 2695952501.job
- c:\users\Lisa\AppData\Roaming\Duuxqofo\abreox.exe [2012-09-15 01:37]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2836356992.job
- c:\users\Lisa\AppData\Roaming\Afuxriap\bowytu.exe [2013-09-12 16:30]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 2872366529.job
- c:\users\Lisa\AppData\Roaming\Nufegi\ivqyqan.exe [2012-09-02 10:38]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 2944488936.job
- c:\users\Lisa\AppData\Roaming\Turowaas\byyspuu.exe [2012-08-21 12:16]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 2979509591.job
- c:\users\Lisa\AppData\Roaming\Paaqnaes\ystyxym.exe [2013-01-28 13:23]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 3089754028.job
- c:\users\Lisa\AppData\Roaming\Ubyfinv\ilmoka.exe [2012-07-29 05:50]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 3150405157.job
- c:\users\Lisa\AppData\Roaming\Igaxuvky\togobo.exe [2012-09-07 18:07]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 3211553988.job
- c:\users\Lisa\AppData\Roaming\Ewwunyos\nomyry.exe [2014-07-02 09:59]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 3228781764.job
- c:\users\Lisa\AppData\Roaming\Fyunwym\uteqlix.exe [2013-02-14 11:10]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 3245680545.job
- c:\users\Lisa\AppData\Roaming\Culeuccy\wafafoz.exe [2013-08-06 06:47]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 3431837355.job
- c:\users\Lisa\AppData\Roaming\Arloedyd\ewowemf.exe [2014-08-30 14:54]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 34427003.job
- c:\users\Lisa\AppData\Roaming\Isekgoiq\piheza.exe [2014-01-02 06:58]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 3488534018.job
- c:\users\Lisa\AppData\Roaming\Ulaqbeq\ihahir.exe [2013-11-01 18:58]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 3643730050.job
- c:\users\Lisa\AppData\Roaming\Ibaduhi\koahasp.exe [2012-12-11 05:08]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 3673628682.job
- c:\users\Lisa\AppData\Roaming\Naluat\iqwumoa.exe [2014-06-27 21:17]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 3715843453.job
- c:\users\Lisa\AppData\Roaming\Uwweaxag\izxyu.exe [2014-08-18 08:16]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 371833040.job
- c:\users\Lisa\AppData\Roaming\Yzyfket\sawymu.exe [2013-02-12 00:11]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 3854208755.job
- c:\users\Lisa\AppData\Roaming\Ixebfuo\veokavo.exe [2013-12-31 20:50]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 392046224.job
- c:\users\Lisa\AppData\Roaming\Anogiva\esozbaa.exe [2014-08-30 14:54]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 3942642799.job
- c:\users\Lisa\AppData\Roaming\Sapume\etfivu.exe [2014-06-25 08:47]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 3983964077.job
- c:\users\Lisa\AppData\Roaming\Yrpeqiod\ulepqi.exe [2012-09-02 07:45]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 4024924293.job
- c:\users\Lisa\AppData\Roaming\Ipemsip\xyyry.exe [2013-07-18 22:35]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 4049033972.job
- c:\users\Lisa\AppData\Roaming\Ozdoxoe\upwoohb.exe [2014-05-31 13:45]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 418947291.job
- c:\users\Lisa\AppData\Roaming\Yxozerak\yfveyw.exe [2014-08-30 14:54]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 4238635741.job
- c:\users\Lisa\AppData\Roaming\Fupoonve\imzasod.exe [2012-09-02 15:28]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 541893101.job
- c:\users\Lisa\AppData\Roaming\Nudoucun\soocent.exe [2012-09-18 10:30]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 752820688.job
- c:\users\Lisa\AppData\Roaming\Peqiaz\opdofa.exe [2013-01-17 04:44]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 834479443.job
- c:\users\Lisa\AppData\Roaming\Absuosaf\egmea.exe [2013-03-15 06:31]
.
2014-09-01 c:\windows\Tasks\Security Center Update - 837653363.job
- c:\users\Lisa\AppData\Roaming\Ycocyn\atqeigo.exe [2014-05-28 07:44]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 846557512.job
- c:\users\Lisa\AppData\Roaming\Bypoudte\zuudv.exe [2012-12-16 04:34]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 927385066.job
- c:\users\Lisa\AppData\Roaming\Vaaplo\anevanu.exe [2014-08-30 14:54]
.
2014-08-30 c:\windows\Tasks\Security Center Update - 966665472.job
- c:\users\Lisa\AppData\Roaming\Ircuuggu\igebly.exe [2013-01-02 21:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-16 01:48 261832 ----a-w- c:\users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-16 01:48 261832 ----a-w- c:\users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-16 01:48 261832 ----a-w- c:\users\Lisa\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-08-27 21:12 2335960 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-08-27 21:12 2335960 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-08-27 21:12 2335960 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2012-01-26 626552]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-02-14 1425408]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2012-03-16 7520768]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-15 2779024]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-04-09 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-04-09 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-04-09 442352]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: live.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-OutfoxTV - c:\program files\OutfoxTV\OutfoxTV\DesktopContainer.exe
Wow6432Node-HKCU-Run-obununuo - c:\users\Lisa\AppData\Local\pmrxciqb.exe
Wow6432Node-HKCU-Run-uxsqumrq - c:\users\Lisa\AppData\Local\ftmbftun.exe
Wow6432Node-HKCU-Run-wmxhmtrl - c:\users\Lisa\AppData\Local\lnxnrbjh.exe
Wow6432Node-HKCU-Run-fbffvguv - c:\users\Lisa\AppData\Local\ksqkmgfn.exe
Wow6432Node-HKCU-Run-dcvwmnif - c:\users\Lisa\AppData\Local\nqnvgvvj.exe
Wow6432Node-HKCU-Run-aabddxgj - c:\users\Lisa\AppData\Local\gxjiiqou.exe
Wow6432Node-HKCU-Run-gcouijrg - c:\users\Lisa\AppData\Local\mtohoimn.exe
Wow6432Node-HKCU-Run-vdfxxgnd - c:\users\Lisa\AppData\Local\fmdvsdoh.exe
Wow6432Node-HKCU-Run-bhouqppw - c:\users\Lisa\AppData\Local\wqwiwtfg.exe
Wow6432Node-HKCU-Run-edgslvdg - c:\users\Lisa\AppData\Local\jcgfjtoa.exe
Wow6432Node-HKCU-Run-bexuvgqo - c:\users\Lisa\AppData\Local\ujlveuwg.exe
Wow6432Node-HKCU-Run-xwlukcal - c:\users\Lisa\AppData\Local\tgwxupsa.exe
Wow6432Node-HKCU-Run-jnoiuicb - c:\users\Lisa\AppData\Local\akxhcokx.exe
Wow6432Node-HKCU-Run-putbocao - c:\users\Lisa\AppData\Local\wxpufssv.exe
Wow6432Node-HKCU-Run-gncbitsc - c:\users\Lisa\AppData\Local\imjkkxco.exe
Wow6432Node-HKCU-Run-Loelube - c:\users\Lisa\AppData\Roaming\Iwekaq\wuxiva.exe
Wow6432Node-HKCU-Run-Haysyf - c:\users\Lisa\AppData\Roaming\Fiefra\nuwif.exe
Wow6432Node-HKCU-Run-Piweibi - c:\users\Lisa\AppData\Roaming\Kuzaxu\ypgain.exe
Wow6432Node-HKCU-Run-Owemyxgau - c:\users\Lisa\AppData\Roaming\Vesookde\ilhauq.exe
Wow6432Node-HKCU-Run-qnfqiovt - c:\users\Lisa\AppData\Local\tkjddxlg.exe
Wow6432Node-HKCU-Run-fmpdqexp - c:\users\Lisa\AppData\Local\uvrfmquv.exe
Wow6432Node-HKCU-Run-Acoqyvikofu - c:\users\Lisa\AppData\Roaming\Eqaknic\asyzs.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{A5AE8924-4036-420F-B7F6-A47E4B8F692E} - (no file)
AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va021]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va021"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-09-01  16:14:23 - machine was rebooted
ComboFix-quarantined-files.txt  2014-09-01 20:14
.
Pre-Run: 136,427,622,400 bytes free
Post-Run: 137,811,636,224 bytes free
.
- - End Of File - - DE05BF0C0C33CE3BC740664D673F0097
 
 
 
NEW FRST.TXT:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Lisa (administrator) on LISA-PC on 01-09-2014 16:38:19
Running from C:\Users\Lisa\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Cor