Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed Virus, Cannot run ESET, All Browsers having problems.


  • Please log in to reply
3 replies to this topic

#1 AsgardBS

AsgardBS

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina USA
  • Local time:02:37 AM

Posted 24 September 2014 - 02:46 PM

Greeting Techies,

 

Used Avast and Adware removal but still getting problems using browsers. Eset will not download updates! Complains of proxy errors.

 

Your help is greatly appreciated.

 

FRST log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by test (administrator) on JOSEPHINE-HP on 24-09-2014 15:34:01
Running from F:\House Call Utilities 914\Antivirus Tools\Bleeping Computer Tools
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Symantec Corporation) C:\Users\test\AppData\Local\temp\7zSABCD.tmp\SymNRT.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-827145305-2353901250-1268732238-1003\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {113DE203-2824-4C19-BF91-1011E47CE0D0} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {C6970528-0D84-4C47-A2DC-B1DF9CE69A79} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM - {CDB20F90-966F-45F6-BC2D-CF263F734DA3} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscql
SearchScopes: HKLM-x32 - {C6970528-0D84-4C47-A2DC-B1DF9CE69A79} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 - {CDB20F90-966F-45F6-BC2D-CF263F734DA3} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscql
SearchScopes: HKCU - {113DE203-2824-4C19-BF91-1011E47CE0D0} URL =
SearchScopes: HKCU - {CDB20F90-966F-45F6-BC2D-CF263F734DA3} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {CB927D12-4FF7-4A9E-A169-56E4B8A75598} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-12-09]

Chrome:
=======
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 lxbf_device; C:\Windows\system32\lxbfcoms.exe [566704 2007-04-24] ( )
S4 lxbf_device; C:\Windows\SysWOW64\lxbfcoms.exe [537520 2007-04-24] ( )
S4 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
S2 HP Support Assistant Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-03-07] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R4 ccSet_N360; \SystemRoot\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [X]
U4 SRTSPX; \SystemRoot\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [X]
R4 SymDS; system32\drivers\N360x64\1503000.00C\SYMDS64.SYS [X]
R4 SymEFA; system32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 15:22 - 2014-09-24 15:22 - 00869456 _____ () C:\Users\test\Desktop\Norton_Removal_Tool.exe
2014-09-24 12:51 - 2014-09-24 12:51 - 00000000 ___HD () C:\Windows\AxInstSV
2014-09-24 12:49 - 2014-09-24 12:49 - 00271872 _____ (Secure By Design Inc.) C:\Users\test\Desktop\Ninite Firefox Installer.exe
2014-09-24 11:46 - 2014-09-24 11:46 - 00000637 _____ () C:\Users\josephine\Desktop\JRT.txt
2014-09-24 10:23 - 2014-09-24 10:23 - 00271872 _____ (Secure By Design Inc.) C:\Users\josephine\Desktop\Ninite Firefox Installer.exe
2014-09-24 10:17 - 2014-09-24 10:16 - 02347384 _____ (ESET) C:\Users\josephine\Desktop\esetsmartinstaller_enu.exe
2014-09-23 17:06 - 2014-09-23 17:06 - 00000000 ____D () C:\Users\test\AppData\Local\Hewlett-Packard
2014-09-23 17:05 - 2014-09-23 17:05 - 00000000 ____D () C:\Users\test\AppData\Roaming\Hewlett-Packard
2014-09-23 17:03 - 2014-09-23 17:03 - 00431336 _____ (Microsoft Corporation) C:\Users\test\Desktop\rootsupd.exe
2014-09-23 17:03 - 2014-09-23 17:03 - 00069112 _____ () C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-23 17:00 - 2014-09-23 17:02 - 00271872 _____ (Secure By Design Inc.) C:\Users\test\Downloads\Ninite Firefox Installer.exe
2014-09-23 16:50 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 16:50 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 16:37 - 2014-09-24 15:34 - 00000000 ____D () C:\FRST
2014-09-23 13:06 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-23 13:06 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-23 13:06 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-23 13:06 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-23 13:06 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-23 13:06 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-23 13:06 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-23 13:06 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-23 13:06 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-23 13:06 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-23 13:06 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-23 13:06 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-23 13:06 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-23 13:06 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-23 13:06 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-23 13:06 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-23 13:06 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-23 13:06 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-23 13:06 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-23 13:06 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-23 13:06 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-23 13:06 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-23 13:06 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-23 13:06 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-23 13:06 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-23 13:06 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-23 13:06 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-23 13:06 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-23 13:06 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-23 13:06 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-23 13:06 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-23 13:06 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-23 13:06 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-23 13:06 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-23 13:06 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-23 13:06 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-23 13:06 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-23 13:06 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-23 13:06 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-23 13:06 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-23 13:06 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-23 13:06 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-23 13:06 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-23 13:06 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-23 13:06 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-23 13:06 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-23 13:06 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-23 13:06 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-23 13:06 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-23 13:06 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-23 13:06 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-23 13:06 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-23 13:06 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-23 13:06 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-23 13:06 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-23 13:06 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-23 12:50 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-23 12:50 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-23 12:44 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-23 12:44 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-23 12:44 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-23 12:44 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-23 12:44 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-23 12:44 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-23 12:44 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-23 12:44 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-23 12:34 - 2014-09-23 12:34 - 00000000 ____D () C:\Users\test\AppData\Roaming\Macromedia
2014-09-23 12:14 - 2014-09-23 12:14 - 00001264 _____ () C:\Users\test\Desktop\Revo Uninstaller.lnk
2014-09-23 12:14 - 2014-09-23 12:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-23 12:08 - 2014-09-23 12:08 - 00007558 _____ () C:\Users\test\Documents\Lic Key Josephine.xls
2014-09-23 12:07 - 2014-09-23 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recover Keys
2014-09-23 12:06 - 2014-09-23 12:07 - 00000000 ____D () C:\Program Files\Recover Keys
2014-09-23 12:01 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-23 12:01 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-23 11:59 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-23 11:59 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-23 11:59 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-23 11:59 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-23 11:59 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-23 11:59 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-23 11:59 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-23 11:59 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-23 11:59 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-23 11:59 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-23 11:59 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-23 11:59 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-23 11:57 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-23 11:57 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-23 11:57 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-23 11:57 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-23 11:57 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-23 11:57 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-23 11:57 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-23 11:57 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-23 11:57 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-23 11:57 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-23 11:57 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-23 11:57 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-23 11:57 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-23 11:57 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-23 11:57 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-23 11:57 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-23 11:56 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-23 11:56 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-23 11:56 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-23 11:56 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-23 11:56 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-23 11:56 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-23 11:56 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-23 11:56 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-23 11:56 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-23 11:56 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-23 11:56 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-23 11:56 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-23 11:56 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-23 11:56 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-23 11:56 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-23 11:56 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-23 11:56 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-23 11:56 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-23 11:56 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-23 11:56 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-23 11:56 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-23 11:56 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-23 11:56 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-23 11:56 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-23 11:56 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-23 11:49 - 2014-09-23 11:49 - 00000000 __SHD () C:\Users\test\AppData\Local\EmieUserList
2014-09-23 11:49 - 2014-09-23 11:49 - 00000000 __SHD () C:\Users\test\AppData\Local\EmieSiteList
2014-09-23 11:47 - 2014-09-23 11:47 - 00001413 _____ () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-23 11:47 - 2014-09-23 11:47 - 00000000 ____D () C:\Users\test\AppData\Roaming\Adobe
2014-09-23 11:46 - 2014-09-23 11:46 - 00000258 __RSH () C:\Users\test\ntuser.pol
2014-09-23 11:46 - 2014-09-23 11:46 - 00000020 ___SH () C:\Users\test\ntuser.ini
2014-09-23 11:46 - 2014-09-23 11:46 - 00000000 ____D () C:\Users\test\AppData\Local\VirtualStore
2014-09-23 11:46 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-23 11:46 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-23 11:45 - 2014-09-23 11:47 - 00000000 ____D () C:\Users\test
2014-09-23 11:26 - 2014-09-23 11:26 - 00000000 ____D () C:\Users\josephine\AppData\Roaming\Auslogics
2014-09-23 11:21 - 2014-09-23 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-09-23 11:21 - 2014-09-23 11:21 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-09-23 11:15 - 2014-09-23 11:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-23 11:04 - 2014-09-23 11:04 - 00000000 ____D () C:\Windows\ERUNT
2014-09-23 10:57 - 2014-09-24 11:25 - 00000000 ____D () C:\AdwCleaner
2014-09-23 10:56 - 2014-09-23 10:56 - 00016075 _____ () C:\ComboFix.txt
2014-09-23 10:31 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-23 10:31 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-23 10:31 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-23 10:31 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-23 10:31 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-23 10:31 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-23 10:31 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-23 10:31 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-23 10:09 - 2014-09-23 10:56 - 00000000 ____D () C:\Qoobox
2014-09-23 10:09 - 2014-09-23 10:54 - 00000000 ____D () C:\Windows\erdnt
2014-09-22 10:40 - 2014-09-22 10:40 - 00000000 ____D () C:\Windows\pss
2014-09-17 17:10 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-17 17:10 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-17 17:10 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-17 17:10 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-17 17:09 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-17 17:09 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-17 17:09 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-17 17:09 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-17 17:09 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-17 17:09 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-17 17:09 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-17 17:09 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-17 17:09 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-17 17:09 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-17 11:05 - 2014-09-18 20:29 - 00017229 _____ () C:\Users\josephine\Documents\Suprem Timers Sept 2014.odt
2014-09-08 19:41 - 2014-09-08 19:41 - 00015945 _____ () C:\Users\josephine\Documents\Untitled 3.odt
2014-09-04 11:09 - 2014-09-04 17:20 - 00012930 _____ () C:\Users\josephine\Documents\Supreme Timer 9-20-13_.ods

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 15:34 - 2014-09-23 16:37 - 00000000 ____D () C:\FRST
2014-09-24 15:30 - 2014-03-09 21:05 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-09-24 15:22 - 2014-09-24 15:22 - 00869456 _____ () C:\Users\test\Desktop\Norton_Removal_Tool.exe
2014-09-24 15:20 - 2012-06-28 09:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 12:51 - 2014-09-24 12:51 - 00000000 ___HD () C:\Windows\AxInstSV
2014-09-24 12:49 - 2014-09-24 12:49 - 00271872 _____ (Secure By Design Inc.) C:\Users\test\Desktop\Ninite Firefox Installer.exe
2014-09-24 12:44 - 2013-03-16 16:31 - 00000410 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2014-09-24 12:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 11:46 - 2014-09-24 11:46 - 00000637 _____ () C:\Users\josephine\Desktop\JRT.txt
2014-09-24 11:33 - 2009-07-14 00:45 - 00026512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-24 11:33 - 2009-07-14 00:45 - 00026512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-24 11:32 - 2010-09-13 04:43 - 01383475 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 11:26 - 2010-12-27 20:25 - 00768268 _____ () C:\Windows\PFRO.log
2014-09-24 11:26 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 11:26 - 2009-07-14 00:51 - 00073925 _____ () C:\Windows\setupact.log
2014-09-24 11:25 - 2014-09-23 10:57 - 00000000 ____D () C:\AdwCleaner
2014-09-24 10:23 - 2014-09-24 10:23 - 00271872 _____ (Secure By Design Inc.) C:\Users\josephine\Desktop\Ninite Firefox Installer.exe
2014-09-24 10:16 - 2014-09-24 10:17 - 02347384 _____ (ESET) C:\Users\josephine\Desktop\esetsmartinstaller_enu.exe
2014-09-23 17:06 - 2014-09-23 17:06 - 00000000 ____D () C:\Users\test\AppData\Local\Hewlett-Packard
2014-09-23 17:05 - 2014-09-23 17:05 - 00000000 ____D () C:\Users\test\AppData\Roaming\Hewlett-Packard
2014-09-23 17:03 - 2014-09-23 17:03 - 00431336 _____ (Microsoft Corporation) C:\Users\test\Desktop\rootsupd.exe
2014-09-23 17:03 - 2014-09-23 17:03 - 00069112 _____ () C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-23 17:02 - 2014-09-23 17:00 - 00271872 _____ (Secure By Design Inc.) C:\Users\test\Downloads\Ninite Firefox Installer.exe
2014-09-23 13:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-23 13:53 - 2013-08-30 11:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-23 13:47 - 2012-03-19 07:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-23 13:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-23 13:29 - 2009-07-14 00:45 - 00305744 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-23 13:26 - 2014-05-10 16:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-23 13:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-23 13:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-23 13:25 - 2013-03-16 17:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-23 13:25 - 2013-03-16 17:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-23 12:59 - 2012-04-24 11:16 - 00776038 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-23 12:59 - 2009-07-14 01:13 - 00776038 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-23 12:55 - 2013-03-16 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-23 12:34 - 2014-09-23 12:34 - 00000000 ____D () C:\Users\test\AppData\Roaming\Macromedia
2014-09-23 12:14 - 2014-09-23 12:14 - 00001264 _____ () C:\Users\test\Desktop\Revo Uninstaller.lnk
2014-09-23 12:14 - 2014-09-23 12:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-23 12:08 - 2014-09-23 12:08 - 00007558 _____ () C:\Users\test\Documents\Lic Key Josephine.xls
2014-09-23 12:07 - 2014-09-23 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recover Keys
2014-09-23 12:07 - 2014-09-23 12:06 - 00000000 ____D () C:\Program Files\Recover Keys
2014-09-23 11:49 - 2014-09-23 11:49 - 00000000 __SHD () C:\Users\test\AppData\Local\EmieUserList
2014-09-23 11:49 - 2014-09-23 11:49 - 00000000 __SHD () C:\Users\test\AppData\Local\EmieSiteList
2014-09-23 11:47 - 2014-09-23 11:47 - 00001413 _____ () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-23 11:47 - 2014-09-23 11:47 - 00000000 ____D () C:\Users\test\AppData\Roaming\Adobe
2014-09-23 11:47 - 2014-09-23 11:45 - 00000000 ____D () C:\Users\test
2014-09-23 11:46 - 2014-09-23 11:46 - 00000258 __RSH () C:\Users\test\ntuser.pol
2014-09-23 11:46 - 2014-09-23 11:46 - 00000020 ___SH () C:\Users\test\ntuser.ini
2014-09-23 11:46 - 2014-09-23 11:46 - 00000000 ____D () C:\Users\test\AppData\Local\VirtualStore
2014-09-23 11:26 - 2014-09-23 11:26 - 00000000 ____D () C:\Users\josephine\AppData\Roaming\Auslogics
2014-09-23 11:21 - 2014-09-23 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-09-23 11:21 - 2014-09-23 11:21 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-09-23 11:15 - 2014-09-23 11:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-23 11:04 - 2014-09-23 11:04 - 00000000 ____D () C:\Windows\ERUNT
2014-09-23 10:56 - 2014-09-23 10:56 - 00016075 _____ () C:\ComboFix.txt
2014-09-23 10:56 - 2014-09-23 10:09 - 00000000 ____D () C:\Qoobox
2014-09-23 10:56 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-09-23 10:54 - 2014-09-23 10:09 - 00000000 ____D () C:\Windows\erdnt
2014-09-23 10:50 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-23 10:48 - 2009-07-13 22:34 - 77332480 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-23 10:48 - 2009-07-13 22:34 - 16515072 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-23 10:48 - 2009-07-13 22:34 - 01048576 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-23 10:48 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-23 10:48 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-22 10:40 - 2014-09-22 10:40 - 00000000 ____D () C:\Windows\pss
2014-09-18 20:29 - 2014-09-17 11:05 - 00017229 _____ () C:\Users\josephine\Documents\Suprem Timers Sept 2014.odt
2014-09-18 20:19 - 2011-01-08 18:52 - 00000000 ____D () C:\Users\josephine\AppData\Roaming\Skype
2014-09-17 17:02 - 2010-12-27 13:33 - 00000000 ____D () C:\Users\josephine
2014-09-17 17:00 - 2010-09-13 04:55 - 00000000 ____D () C:\ProgramData\CinemaNow
2014-09-17 17:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-09-16 13:21 - 2014-05-26 22:40 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-16 13:21 - 2014-03-09 21:05 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-16 13:21 - 2014-03-07 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-16 13:21 - 2013-03-26 10:56 - 00000000 ____D () C:\Users\josephine\AppData\Roaming\FreeFileViewer
2014-09-16 13:21 - 2012-02-20 14:14 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-16 13:21 - 2011-01-08 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-16 13:21 - 2010-09-13 04:58 - 00000000 ____D () C:\ProgramData\Norton
2014-09-16 13:21 - 2010-07-10 22:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-16 13:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-09-16 13:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\schemas
2014-09-16 13:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-16 13:08 - 2010-07-10 22:56 - 00000000 ____D () C:\ProgramData\Skype
2014-09-09 18:11 - 2014-09-23 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 17:47 - 2014-09-23 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-08 19:41 - 2014-09-08 19:41 - 00015945 _____ () C:\Users\josephine\Documents\Untitled 3.odt
2014-09-04 22:10 - 2014-09-23 11:59 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 22:05 - 2014-09-23 11:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 17:20 - 2014-09-04 11:09 - 00012930 _____ () C:\Users\josephine\Documents\Supreme Timer 9-20-13_.ods

Some content of TEMP:
====================
C:\Users\josephine\AppData\Local\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-23 14:47

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


#2 AsgardBS

AsgardBS
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina USA
  • Local time:02:37 AM

Posted 25 September 2014 - 11:21 AM

Update:

 

After running the Norton removal tool and completely uninstalled Norton 360, Eset finally ran and removed some items.  Firefox and Chrome seem to be working fine! However even after reinstall IE it still will not go to some pages.



#3 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:37 AM

Posted 28 September 2014 - 05:44 PM

Hi,

 

Sorry for the delay. Your post is a few days old. If you still need help simply reply back.


How Can I Reduce My Risk to Malware?


#4 AsgardBS

AsgardBS
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina USA
  • Local time:02:37 AM

Posted 17 October 2014 - 09:25 AM

Thanks for your reply, I managed to get things working again. It seems that uninstalling network drivers and reinstalling greatly helped. It's possible that malware is affecting network drivers, because this solutions has helped serveral computers.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users