Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown issue with my computer


  • This topic is locked This topic is locked
13 replies to this topic

#1 Frank_Noto

Frank_Noto

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 04 October 2014 - 06:43 PM

So i don't know what this virus is, i have been trying to do research and find a solution but i cant. What this does is when i open google chrome i was always sent to a page called search.net and i took that out via chromes settings but it always made its way back. Now when i try to use the internet i am connected to the internet but it says "cannot connect to proxy server" and i cannot use the web browsers at all. I have norton360 Anti virus but it says theres nothing there. Another thing that happens is randomly a black box will come up with a taskeng.exe and then close. Ive tried to system restore but nothing seems to work.. please help, thanks. 


- In the screenshot below is how i cannot connect to the internet when i really am, the website it sends me to when i open any browser, and the .exe that pops up.

 

Attached File  Untitled.png   73.32KB   0 downloads



BC AdBot (Login to Remove)

 


#2 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 07 October 2014 - 02:42 PM


Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)


Before we move on I need you to tell me some more things:


1. Is this machine able to connect to the internet at all?

2. Is this machine able to connect to the internet in Safe Mode? Instructions to enter the safe mode below:

  • Please reboot your computer and start tapping F8 repeatedly.
  • You should see a couple of options there, but the main three will be:
    • Safe Mode
    • Safe Mode with networking
    • Safe Mode with command prompt
  • Using your arrow keys enter the Safe Mode with networking option.

Try to access the internet from there.

3. Do you have the access to another clean machine and a USB stick (pendrive, thumb drive)?


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#3 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 09 October 2014 - 04:09 PM

Hi,

still with me?

Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#4 Frank_Noto

Frank_Noto
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 09 October 2014 - 07:52 PM

 

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)


Before we move on I need you to tell me some more things:


1. Is this machine able to connect to the internet at all?

2. Is this machine able to connect to the internet in Safe Mode? Instructions to enter the safe mode below:

  • Please reboot your computer and start tapping F8 repeatedly.
  • You should see a couple of options there, but the main three will be:
    • Safe Mode
    • Safe Mode with networking
    • Safe Mode with command prompt
  • Using your arrow keys enter the Safe Mode with networking option.

Try to access the internet from there.

3. Do you have the access to another clean machine and a USB stick (pendrive, thumb drive)?

 

Hi, Sorry that it took me so long to reply. But to answer your questions, 

1. Yes it connects to the internet but the malware got so bad that the web browser always says unable to connect to proxy server no matter what i try.

2. Yes the internet still works in safe mode with networking but once again the web browser still does not work.

3. Yes i have access to another clean machine that i am using right now and i have a USB stick.

 

Note: To make it clear, the infected machine connects to the internet because i can still listen to music from spotify which uses the internet and it also says in the bottom right that i am connected to my wifi, its just the infected web browser that does not let me do anything.



#5 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 10 October 2014 - 01:03 AM

Hi :)

Thanks for claryfing that. However we need to do some part using your clean machine nad USB stick.


On the corrupted machine
Check what is Windows architecture and rewrite this info for me.


WindowsKey.png Check Windows architecture

Please check your windows architecture:

  • Click the Start button.
  • Right-click on Computer and select Properties.
  • A window should appear - in the middle part of it there should be a note if your system has 32- or 64-bit architecture.

Please rewrite this information for me - it will help me choose better tools to assist you.


On your clean machine
Download & install this program. It should stop any infections that would like to spread with the USB drive we will be using.


logoMcShield.png Scan with McSield

Please download McShield by dr_bora and save it to your desktop.

  • Install it on your machine.
  • It will initially run a scan and show the result as a toaster by the system clock.
  • Start the Control Centre by clicking on the logoMcShield.png icon in your system tray.
  • Go to the Scanner tab and tick unhide items on flash drives.
  • Each time you will plug in the drive McShield will start a scan.
  • A logfile of this scan may be found in the Logs tab of the main screen.

This will secure your clear machine for the next steps.


When you will come back with Windows 32/64 bit info, we will start the cleaning :)


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#6 Frank_Noto

Frank_Noto
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 11 October 2014 - 01:49 PM

Hi :)

Thanks for claryfing that. However we need to do some part using your clean machine nad USB stick.


On the corrupted machine
Check what is Windows architecture and rewrite this info for me.


WindowsKey.png Check Windows architecture

Please check your windows architecture:

  • Click the Start button.
  • Right-click on Computer and select Properties.
  • A window should appear - in the middle part of it there should be a note if your system has 32- or 64-bit architecture.

Please rewrite this information for me - it will help me choose better tools to assist you.


On your clean machine
Download & install this program. It should stop any infections that would like to spread with the USB drive we will be using.


logoMcShield.png Scan with McSield

Please download McShield by dr_bora and save it to your desktop.

  • Install it on your machine.
  • It will initially run a scan and show the result as a toaster by the system clock.
  • Start the Control Centre by clicking on the logoMcShield.png icon in your system tray.
  • Go to the Scanner tab and tick unhide items on flash drives.
  • Each time you will plug in the drive McShield will start a scan.
  • A logfile of this scan may be found in the Logs tab of the main screen.

This will secure your clear machine for the next steps.


When you will come back with Windows 32/64 bit info, we will start the cleaning :)

It is a 64-Bit architecture, and i have ran the program on the infected computer.



#7 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 11 October 2014 - 01:51 PM

McShield needs to be installed on the clean machine to protect it from spreading the infection with the USB stick that we will be using.

Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#8 Frank_Noto

Frank_Noto
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 11 October 2014 - 01:58 PM

McShield needs to be installed on the clean machine to protect it from spreading the infection with the USB stick that we will be using.

Okay sorry, i have downloaded McShield and it is installed on my clean computer now.


Edited by Frank_Noto, 11 October 2014 - 02:03 PM.


#9 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 11 October 2014 - 10:11 PM

Fine. Now let's get to work. Download the scanner mentioned below on your clean machine, transfer it using USB to the infected one and perform the scan as outlined below. When the logfiles will be generated, transfer again to your clean one and post from there.


FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please copy and paste their content into your next reply.

Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#10 Frank_Noto

Frank_Noto
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 13 October 2014 - 12:31 AM

Fine. Now let's get to work. Download the scanner mentioned below on your clean machine, transfer it using USB to the infected one and perform the scan as outlined below. When the logfiles will be generated, transfer again to your clean one and post from there.


FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please copy and paste their content into your next reply.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Frank (administrator) on FRANK-PC on 12-10-2014 22:27:07
Running from C:\Users\Frank\Desktop
Loaded Profile: Frank (Available profiles: Frank)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(NDS Technologies) C:\Users\Frank\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
(Spotify Ltd) C:\Users\Frank\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Frank\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [GENIE] => C:\Program Files (x86)\NETGEAR\A6200\A6200.exe [7831840 2012-08-07] (NETGEAR,Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-07-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ospd_us_103] => [X]
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [ares] => "C:\Program Files (x86)\Ares\Ares.exe" -h
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [PCShowServer] => C:\Users\Frank\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1765744 2013-06-25] (NDS Technologies)
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [Spotify] => C:\Users\Frank\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-11] (Spotify Ltd)
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {0aff14cd-5e83-11e2-a246-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {582bbb5e-69b8-11e2-b4b1-bc5ff46b013b} - E:\VZAccess_Manager.exe /z detect
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} ->  No File
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: SaveSense -> {71e129ff-6c2a-4984-818c-7e2c998b8d99} -> C:\Users\Frank\AppData\Local\SaveSense\SaveSenseIE.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @nds.com/PlayerPlugin -> C:\Users\Frank\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF Plugin HKCU: NDS.com/PlayerPlugin -> C:\Users\Frank\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-14]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha188\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta267\ff [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-17]
CHR Extension: (AdBlock) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]
CHR Extension: (Norton Security Toolbar) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-09-17]
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-02-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-06]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [370072 2012-10-03] (Hauppauge Computer Works, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1854056 2012-12-07] (Microsoft Corporation)
S3 RoxMediaDBGame1X; C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [1095824 2012-08-02] (Corel Corporation)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2708328 2014-09-05] (Search Module Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)
R2 WNDA6200; C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe [25888 2012-07-27] ()
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [2263144 2012-07-31] (Broadcom Corporation)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-26] (Symantec Corporation)
S3 H5xUSB; C:\Windows\System32\Drivers\uth5x64.sys [101632 2012-08-02] (UT)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [709168 2012-11-02] (Hauppauge Computer Work, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-12-02] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141010.001\IDSvia64.sys [633560 2014-10-03] (Symantec Corporation)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141010.009\ENG64.SYS [129752 2014-10-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141010.009\EX64.SYS [2137304 2014-10-05] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-07-10] (Corel Corporation)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [42856 2014-09-05] ()
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2009-07-30] (Creative Technology Ltd.)
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 ZTEusbgps; C:\Windows\System32\DRIVERS\ZTEusbgps.sys [121344 2008-04-15] (ZTE Incorporated)
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [121344 2008-04-15] (ZTE Incorporated)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 e1cexpress; system32\DRIVERS\e1c62x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 22:27 - 2014-10-12 22:27 - 00025326 _____ () C:\Users\Frank\Desktop\FRST.txt
2014-10-12 22:26 - 2014-10-12 22:27 - 00000000 ____D () C:\FRST
2014-10-12 22:26 - 2014-10-12 22:25 - 02110464 _____ (Farbar) C:\Users\Frank\Desktop\FRST64.exe
2014-10-12 22:25 - 2014-10-12 22:25 - 00003538 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0 Fallback-Frank-PC-Frank
2014-10-11 11:45 - 2014-10-12 22:25 - 00000000 ____D () C:\ProgramData\MCShield
2014-10-11 11:45 - 2014-10-11 11:56 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-10-11 11:45 - 2014-10-11 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-10-05 12:49 - 2014-10-05 12:49 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-10-04 13:06 - 2014-10-04 13:06 - 00000000 __SHD () C:\Users\Frank\AppData\Local\EmieUserList
2014-10-04 13:06 - 2014-10-04 13:06 - 00000000 __SHD () C:\Users\Frank\AppData\Local\EmieSiteList
2014-10-04 12:37 - 2014-10-12 22:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-04 12:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-04 12:37 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-04 12:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-27 11:29 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-27 11:29 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-27 11:29 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-27 11:29 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-27 11:29 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-27 11:29 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-27 11:29 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-27 11:29 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-27 11:29 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-27 11:29 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-27 11:29 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-27 11:29 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-27 11:29 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-27 11:29 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-27 11:29 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-27 11:29 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-27 11:29 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-27 11:29 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-27 11:29 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-27 11:29 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-27 11:29 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-27 11:29 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-27 11:29 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-27 11:29 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-27 11:29 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-27 11:29 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-27 11:29 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-27 11:29 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-27 11:29 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-27 11:29 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-27 11:29 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-27 11:29 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-27 11:29 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-27 11:29 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-27 11:29 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-27 11:29 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-27 11:29 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-27 11:29 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-27 11:29 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-27 11:29 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-27 11:29 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-27 11:29 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-27 11:29 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-27 11:29 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-27 11:29 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-27 11:29 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-27 11:29 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-27 11:29 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-27 11:29 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-27 11:29 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-27 11:29 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-27 11:29 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-27 11:29 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-27 11:28 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-27 11:28 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-27 11:28 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-27 11:18 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-27 11:18 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-27 11:18 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-27 11:18 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-27 11:18 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-27 11:18 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-27 11:18 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-27 11:18 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-27 11:18 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-27 11:18 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-27 11:18 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-27 11:18 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-27 11:18 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-27 11:18 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-27 11:18 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-27 11:18 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-27 11:18 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-27 11:18 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-27 11:18 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-27 11:18 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-27 11:17 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-27 11:17 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-27 11:17 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-27 11:17 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-27 11:17 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-27 11:17 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-27 11:17 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-27 11:17 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-27 11:17 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-27 11:17 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-27 11:17 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-27 11:17 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-27 11:17 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-27 11:17 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-27 11:17 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-27 11:17 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-27 11:17 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-27 11:17 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-27 11:17 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-27 11:17 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-27 11:17 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-27 11:17 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-27 11:17 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-27 11:16 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-27 11:16 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-27 11:09 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-27 11:09 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-27 11:09 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-27 11:09 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-27 11:08 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-27 11:08 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-27 11:08 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-27 11:08 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-20 12:19 - 2014-09-20 12:19 - 00000000 ____D () C:\Users\Frank\Documents\Symantec
2014-09-18 00:10 - 2014-10-04 12:07 - 00000000 ____D () C:\ProgramData\SearchModule
2014-09-17 23:53 - 2014-10-04 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-17 23:53 - 2014-09-17 23:53 - 10619688 _____ (VS Revo Group ) C:\Users\Frank\Downloads\RevoUninProSetup.exe
2014-09-17 23:53 - 2014-09-17 23:53 - 00000000 ____D () C:\Users\Frank\AppData\Local\VS Revo Group
2014-09-17 23:53 - 2014-09-17 23:53 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-17 23:53 - 2014-09-17 23:53 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-17 23:53 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-09-14 22:59 - 2014-09-14 22:59 - 00000000 ____D () C:\Program Files (x86)\predm
2014-09-14 22:49 - 2014-09-14 22:49 - 00578752 _____ () C:\Users\Frank\Downloads\StarWars+BattleFront+II{Project+Antix}__9273_il2314896.exe
2014-09-14 22:31 - 2014-09-14 22:31 - 00004240 _____ () C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3431313735393436342d3237575a236c6c3255342a41
2014-09-14 22:31 - 2014-09-14 22:31 - 00003830 _____ () C:\Windows\System32\Tasks\Smp
2014-09-14 22:31 - 2014-09-14 22:31 - 00003722 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-09-14 22:31 - 2014-09-14 22:31 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\ProgramData\COMODO
2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\Program Files (x86)\COMODO
2014-09-14 22:30 - 2014-09-14 22:30 - 00003402 _____ () C:\Windows\System32\Tasks\PastaQuotes
2014-09-14 22:29 - 2014-10-04 12:10 - 00000000 ____D () C:\Users\Frank\AppData\Local\Idle-#-Crawler
2014-09-14 22:29 - 2014-09-14 22:36 - 00000000 ____D () C:\ProgramData\pastaleads
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 22:27 - 2014-01-10 18:34 - 01917433 _____ () C:\Windows\WindowsUpdate.log
2014-10-12 22:26 - 2014-05-24 13:30 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Spotify
2014-10-12 22:25 - 2013-02-01 16:24 - 00000000 ____D () C:\Users\Frank\AppData\Local\Adobe
2014-10-12 22:25 - 2013-01-28 19:31 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-12 22:23 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 22:22 - 2014-01-10 19:48 - 00183288 _____ () C:\Windows\PFRO.log
2014-10-12 22:22 - 2014-01-10 19:48 - 00024886 _____ () C:\Windows\setupact.log
2014-10-11 12:43 - 2013-02-07 18:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-11 11:58 - 2013-01-28 19:31 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 11:51 - 2014-01-28 20:26 - 00000000 ____D () C:\Users\Frank\AppData\Local\SaveSense
2014-10-11 11:49 - 2009-07-13 21:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 11:49 - 2009-07-13 21:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 11:44 - 2014-05-24 13:30 - 00000000 ____D () C:\Users\Frank\AppData\Local\Spotify
2014-10-11 11:43 - 2014-02-26 18:38 - 00000000 ____D () C:\Users\Frank\AppData\Local\LogMeIn Hamachi
2014-10-04 14:45 - 2013-01-29 16:39 - 00000000 ____D () C:\Users\Frank\AppData\Local\PMB Files
2014-10-04 14:45 - 2013-01-29 16:39 - 00000000 ____D () C:\ProgramData\PMB Files
2014-10-04 14:04 - 2014-08-13 20:26 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-04 13:55 - 2013-04-04 23:11 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\TeamViewer
2014-10-04 13:34 - 2013-12-14 00:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-10-04 13:34 - 2013-02-17 23:16 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-10-04 13:34 - 2013-02-17 23:15 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-10-04 13:06 - 2013-02-17 01:15 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Skype
2014-10-04 12:46 - 2013-01-28 19:08 - 00001575 _____ () C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-04 12:45 - 2013-12-01 13:35 - 00000000 ____D () C:\Users\Frank\AppData\Local\genienext
2014-10-04 12:45 - 2013-12-01 13:22 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-10-04 12:45 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\Performance
2014-10-04 12:14 - 2013-01-28 19:08 - 00000000 ____D () C:\Users\Frank
2014-10-04 12:10 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-04 12:10 - 2010-11-21 00:16 - 00000000 ____D () C:\Windows\ShellNew
2014-10-04 12:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-10-04 12:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-04 12:07 - 2014-08-20 01:55 - 00000000 ____D () C:\Program Files (x86)\Toontown Rewritten
2014-10-04 12:07 - 2013-03-12 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-04 12:07 - 2013-03-12 22:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-04 12:07 - 2013-03-12 22:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-04 12:07 - 2013-02-17 23:15 - 00000000 ____D () C:\ProgramData\Norton
2014-10-04 12:07 - 2013-02-13 22:35 - 00000000 ____D () C:\Users\Frank\AppData\Local\Apple
2014-10-04 12:07 - 2013-01-28 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-04 12:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-04 12:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-04 12:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2014-10-04 11:27 - 2013-04-04 23:26 - 00000000 ____D () C:\Users\Frank\Desktop\My Stuff
2014-10-04 11:26 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-04 11:03 - 2009-07-13 21:45 - 05169416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-27 11:27 - 2013-06-18 16:47 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-27 11:24 - 2013-07-22 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-25 00:02 - 2013-01-28 21:55 - 00002341 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-23 23:43 - 2013-02-07 18:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 23:43 - 2013-02-07 18:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 23:43 - 2013-02-07 18:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-17 23:37 - 2013-12-31 23:07 - 00000000 ____D () C:\Windows\Minidump
2014-09-17 23:36 - 2013-06-25 19:47 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\BitTorrent
2014-09-17 23:24 - 2013-02-21 19:02 - 00000000 ____D () C:\Users\Frank\AppData\Local\CrashDumps
2014-09-17 23:24 - 2011-03-01 15:27 - 00000000 ____D () C:\Windows\Panther
2014-09-14 22:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-27 01:31
 
==================== End Of Log ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by Frank at 2014-10-12 22:27:55
Running from C:\Users\Frank\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29677 - BitTorrent Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.0.2.189 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{81D00339-968D-15D1-3499-8431658E896F}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70727.2220 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft ShowBiz (HKLM-x32\...\{4653DA78-3DB2-4F38-A35D-675CA0AF49CA}) (Version: 3.5.41.83 - ArcSoft)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.1.29813 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Combat Arms (HKLM-x32\...\Combat Arms) (Version:  - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
DC Universe Online (HKLM-x32\...\Steam App 24200) (Version:  - Sony Online Entertainment)
DIRECTV Player (HKLM-x32\...\{69b8745b-65c2-4a2d-b5db-00e0cd841f1e}) (Version: 9.0 - DIRECTV)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.0.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.0.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.0.30277 - Hauppauge Computer Works, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Horizon v2.7.1.3 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.1.3 - Daring Development Inc.)
InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version:  - Turbine, Inc)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Jurassic Park - The Game (HKLM-x32\...\Jurassic Park - The Game_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
Magic Bullet Suite 32-bit (HKLM-x32\...\InstallShield_{A93C9142-A903-4038-884C-F4F34D44ACB6}) (Version: 11.1.1 - Red Giant Software)
Magic Bullet Suite 32-bit (x32 Version: 11.1.1 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software) Hidden
Magicite (HKLM-x32\...\Steam App 268750) (Version:  - SmashGames)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4454.1511 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Windows Journal Viewer (HKLM-x32\...\{43DCF766-6838-4F9A-8C91-D92DA586DFA8}) (Version: 1.5.2316.0 - Microsoft)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-a53fffdc-02ab-47fd-89a6-d4579e5d979c) (Version:  - Epic Games, Inc.)
NETGEAR A6200 Genie (HKLM-x32\...\{48E61F3E-61D4-42A3-9D29-D0CF40838779}) (Version: 18.0.0.0 - NETGEAR)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9052 - ooVoo LLC.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
Play withSIX (HKLM-x32\...\{D7F3EEAD-183C-47DE-BDC5-593539573F97}) (Version: 1.30.0464 - SIX Networks)
Pokemon Showdown (HKLM-x32\...\Pokemon Showdown) (Version:  - "Pokemon Showdown")
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden
Roxio Game Capture HD PRO (HKLM-x32\...\{2DD84AB2-8BF4-49FA-9D62-E3F93D4F56FB}) (Version: 1.0 - Roxio)
Roxio Game Capture HD PRO (x32 Version: 1.0.135 - Roxio) Hidden
Roxio GameCAP HD PRO (x32 Version: 1.00.0000 - Roxio) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13307 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slender - The Arrival (HKLM-x32\...\Slender - The Arrival_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Spotify (HKCU\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toontown Rewritten (HKLM-x32\...\Toontown Rewritten) (Version: 00.00.00.00 - The TTR Team)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZTE USB Drivers (HKLM-x32\...\{93F78676-9219-4C9D-9E24-FAA187C4DF1E}) (Version: 1.0.010 - ZTE)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-4129183113-2748456395-3009366077-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
 
==================== Restore Points  =========================
 
18-09-2014 06:56:45 Revo Uninstaller Pro's restore point - RocketTab:
18-09-2014 06:57:55 Revo Uninstaller Pro's restore point - Idle-#-Crawler
18-09-2014 07:00:44 Revo Uninstaller Pro's restore point - YTDownloader
18-09-2014 07:06:32 Restore Operation
20-09-2014 17:53:16 Revo Uninstaller Pro's restore point - YTDownloader
20-09-2014 17:54:26 Revo Uninstaller Pro's restore point - YTDownloader
20-09-2014 17:55:31 Revo Uninstaller Pro's restore point - RocketTab:
20-09-2014 17:56:27 Revo Uninstaller Pro's restore point - Idle-#-Crawler
20-09-2014 17:57:29 Revo Uninstaller Pro's restore point - Blitz Media Player
20-09-2014 17:58:20 Revo Uninstaller Pro's restore point - ControlMK 0.232
20-09-2014 18:00:53 Revo Uninstaller Pro's restore point - My Journal v. 2.0
20-09-2014 18:22:20 Revo Uninstaller Pro's restore point - VideoSaver
20-09-2014 18:24:02 Revo Uninstaller Pro's restore point - WinPcap 4.1.3
20-09-2014 18:29:40 Restore Operation
27-09-2014 18:08:30 Windows Update
27-09-2014 18:08:30 Norton 360 Registry Clean
27-09-2014 18:18:21 Windows Update
04-10-2014 18:39:15 Restore Operation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {2640460B-562A-4A40-A686-4BC0492BFB4A} - \YTDownloaderUpd No Task File <==== ATTENTION
Task: {361AAD44-E5DD-4766-8B38-F8B5D4FB6CE3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3AC1553E-754C-48F8-B03E-9E43E84C67A8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {4E4DB354-EE20-46FD-AEB5-BD0836B31A5B} - System32\Tasks\AdobeAAMUpdater-1.0-Frank-PC-Frank => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {547F8B5B-7546-4DD4-9AB2-F26B78FD0696} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {6ADC0912-5EB5-4C8A-8414-3AF1960E004C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {7C50DBC6-F9E2-4F10-A0B1-1890CE829954} - \YTDownloader No Task File <==== ATTENTION
Task: {827E9C0A-A723-41EA-9950-1ED8BD633E1B} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe
Task: {84294C15-BC36-4929-98B3-14EE924AE11F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: {84DB6FE1-E1D4-4942-BEFE-E4F86240391F} - System32\Tasks\AdobeAAMUpdater-1.0 Fallback-Frank-PC-Frank => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {855D55D0-DDCC-4CF1-B91A-63210149E186} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8A730A2F-7C9D-4FD6-BD1F-5E86BDDFD0A6} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {A360C1BA-249A-4D3B-9B3D-2B24995CFAA5} - System32\Tasks\SMW_UpdateTask_Time_3431313735393436342d3237575a236c6c3255342a41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {A929EAB3-DF8E-457C-9A1C-C0C6F38551FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B5E440E8-853E-48FC-B467-13B205A7885E} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {D9F38447-0C90-4DEF-8AFD-49025E8DD298} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {DC4FFA13-EAD7-409E-8E7F-BC92A5EBDA8C} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {E2ACF7B3-6891-4D5D-A2A4-219D7FCA7553} - System32\Tasks\SaveSense => C:\Users\Frank\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E4D26962-6473-4E43-9763-34825C8D3ECD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: {E93A17D5-BCC7-4DAF-B33A-81BD7A1E43A1} - System32\Tasks\{156EA46C-BD29-4FB3-BD12-0073D4E9801B} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?page=tsProgressBar
Task: {FA06695F-FF29-417F-B065-8917ACF362CA} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {FC7B07B0-055A-4D9B-8538-27B45DC1CC4D} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Frank\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-06 13:24 - 2012-08-06 13:24 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 17:03 - 2012-03-05 17:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 15:53 - 2012-02-16 15:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-08-06 13:24 - 2012-08-06 13:24 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-02-26 23:10 - 2012-11-24 18:13 - 00373312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-02-26 23:10 - 2012-12-07 08:04 - 00513616 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-02-26 23:10 - 2012-12-07 08:05 - 00607312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-02-07 18:01 - 2012-07-27 14:27 - 00025888 _____ () C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
2013-06-20 00:45 - 2013-06-20 00:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 07956328 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
2013-01-14 12:31 - 2011-06-20 01:28 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-01-14 12:31 - 2011-06-20 01:28 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-01-14 12:31 - 2011-06-20 01:28 - 00621168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2012-08-06 13:24 - 2012-08-06 13:24 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-06-20 00:45 - 2013-06-20 00:45 - 04519280 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-05-24 13:30 - 2014-10-11 11:44 - 00613944 _____ () C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 00332128 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\ndsLogStore.dll
2014-05-24 13:30 - 2014-10-11 11:44 - 36966968 _____ () C:\Users\Frank\AppData\Roaming\Spotify\Data\libcef.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 03175264 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\DrmSingleton.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 02237288 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\DiscoveryManager.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 07554400 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\gsttspplugin.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 00689000 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 01403224 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\libxml2-2.dll
2013-06-25 15:12 - 2013-06-25 15:12 - 00091976 _____ () C:\Users\Frank\AppData\Local\DIRECTV Player\z.dll
2013-07-12 14:37 - 2013-07-12 14:37 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 13:42 - 2013-06-05 14:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-06-20 00:45 - 2013-06-20 00:45 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2014-06-27 15:19 - 2014-10-11 11:44 - 00867896 _____ () C:\Users\Frank\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-05-24 13:30 - 2014-10-11 11:44 - 00886840 _____ () C:\Users\Frank\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-05-24 13:30 - 2014-10-11 11:44 - 00108600 _____ () C:\Users\Frank\AppData\Roaming\Spotify\Data\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Frank\Desktop\Production 1.mp4:Roxio EMC Stream
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Frank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Hauppauge Device Central Tray Tool.lnk => C:\Windows\pss\Hauppauge Device Central Tray Tool.lnk.Startup
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LanuchApp => C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SkypeVoiceChanger => C:\Program Files (x86)\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Frank\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-4129183113-2748456395-3009366077-500 - Administrator - Disabled)
Frank (S-1-5-21-4129183113-2748456395-3009366077-1002 - Administrator - Enabled) => C:\Users\Frank
Guest (S-1-5-21-4129183113-2748456395-3009366077-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4129183113-2748456395-3009366077-1004 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/12/2014 10:24:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/11/2014 00:52:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x501fefb5
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x66c
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
 
Error: (10/11/2014 11:43:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/05/2014 01:51:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x501fefb5
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x638
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
 
Error: (10/05/2014 00:44:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/04/2014 01:37:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/04/2014 01:34:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x501fefb5
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x63c
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
 
Error: (10/04/2014 01:32:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x501fefb5
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x62c
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
 
Error: (10/04/2014 01:30:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/04/2014 01:08:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x501fefb5
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x644
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
 
 
System errors:
=============
Error: (10/12/2014 10:25:49 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (10/12/2014 10:25:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (10/12/2014 10:24:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (10/12/2014 10:23:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BCM42RLY service failed to start due to the following error: 
%%2
 
Error: (10/12/2014 10:23:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3
 
Error: (10/11/2014 00:52:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/11/2014 11:44:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (10/11/2014 11:43:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BCM42RLY service failed to start due to the following error: 
%%2
 
Error: (10/11/2014 11:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 9 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.
 
Error: (10/11/2014 11:42:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3
 
 
Microsoft Office Sessions:
=========================
Error: (10/12/2014 10:24:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/11/2014 00:52:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c166c01cfe583275c27a9C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll19a29706-5180-11e4-835b-bc5ff46b013b
 
Error: (10/11/2014 11:43:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/05/2014 01:51:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c163801cfe0d4b0451d8dC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll71fbc3e2-4cd1-11e4-a28b-bc5ff46b013b
 
Error: (10/05/2014 00:44:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/04/2014 01:37:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/04/2014 01:34:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c163c01cfe0128019da62C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dlld4eb5cf3-4c05-11e4-8ff0-bc5ff46b013b
 
Error: (10/04/2014 01:32:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c162c01cfe011e722102cC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll81cdee70-4c05-11e4-a025-bc5ff46b013b
 
Error: (10/04/2014 01:30:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/04/2014 01:08:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c164401cfe00e5a1718b5C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll23f896a1-4c02-11e4-9a79-bc5ff46b013b
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-3870 APU with Radeon™ HD Graphics
Percentage of memory in use: 29%
Total physical RAM: 7915.76 MB
Available physical RAM: 5606.77 MB
Total Pagefile: 15829.7 MB
Available Pagefile: 13322.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1614.65 GB) NTFS
Drive e: (Lexar) (Removable) (Total:14.9 GB) (Free:11.75 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 963E3B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)
 
==================== End Of Log ============================


#11 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 13 October 2014 - 01:25 AM

Hi :)

You will have to prepare the fixlist file on your clean machine and transfer it to your corrupted one using your USB. Same for JRT.



warning.gif Pando Media Booster warning!

Pando Media Booster, which is installed (intentially or not) with some gaming tools, has been known to download/send some uncontrollable data. You can never be sure what it really downloads/uploads.

My advice is to uninstall this program. To do so:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for Pando Media Booster, right-click the entry and click Uninstall.

This is optional, but please consider it.


FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif


Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

  • Copy the entire content of the codebox below and paste into the Notepad document:
    start
    CloseProcesses:
    HKLM-x32\...\Run: [ospd_us_103] => [X]
    HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {0aff14cd-5e83-11e2-a246-806e6f6e6963} - D:\Setup.exe
    HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {582bbb5e-69b8-11e2-b4b1-bc5ff46b013b} - E:\VZAccess_Manager.exe /z detect
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT3328386&octid=EB_ORIGINAL_CTID&ISID=M919BA372-4384-4A98-8D79-B286A35A06B2&SearchSource=55&CUI=&UM=6&UP=SP78EA6ADC-B689-435B-9BEC-672FD5EAB4A2&SSPV=SP21715TA_sp_ie
    SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=US&userid=1560abb6-c77e-4aa7-a774-46bcbdc4f697&searchtype=ds&q={searchTerms}&installDate=26/05/2013
    SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=US&userid=1560abb6-c77e-4aa7-a774-46bcbdc4f697&searchtype=ds&q={searchTerms}&installDate=26/05/2013
    SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3328386&octid=EB_ORIGINAL_CTID&ISID=M919BA372-4384-4A98-8D79-B286A35A06B2&SearchSource=58&CUI=&UM=6&UP=SP78EA6ADC-B689-435B-9BEC-672FD5EAB4A2&q={searchTerms}&SSPV=SP21715TA_sp_ie
    SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=US&userid=1560abb6-c77e-4aa7-a774-46bcbdc4f697&searchtype=ds&q={searchTerms}&installDate=26/05/2013
    SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3328386&octid=EB_ORIGINAL_CTID&ISID=M919BA372-4384-4A98-8D79-B286A35A06B2&SearchSource=58&CUI=&UM=6&UP=SP78EA6ADC-B689-435B-9BEC-672FD5EAB4A2&q={searchTerms}&SSPV=SP21715TA_sp_ie
    SearchScopes: HKCU - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.net/search.aspx?s=E9Fzamodu1,0228f7dd-78ca-4d9a-9235-6e8616a54264,&q={searchTerms}
    BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
    BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} ->  No File
    BHO-x32: SaveSense -> {71e129ff-6c2a-4984-818c-7e2c998b8d99} -> C:\Users\Frank\AppData\Local\SaveSense\SaveSenseIE.dll No File
    C:\Users\Frank\AppData\Local\SaveSense
    Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha188\ff [Not Found]
    FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta267\ff [Not Found]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
    R3 WinHttpAutoProxySvc; winhttp.dll [X]
    S4 LMIRfsClientNP; No ImagePath
    S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
    S3 e1cexpress; system32\DRIVERS\e1c62x64.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    2014-09-14 22:31 - 2014-09-14 22:31 - 00004240 _____ () C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3431313735393436342d3237575a236c6c3255342a41
    2014-09-14 22:31 - 2014-09-14 22:31 - 00003830 _____ () C:\Windows\System32\Tasks\Smp
    2014-09-14 22:31 - 2014-09-14 22:31 - 00003722 _____ () C:\Windows\System32\Tasks\SMupdate1
    2014-09-14 22:31 - 2014-09-14 22:31 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
    2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\ProgramData\COMODO
    2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\Program Files (x86)\COMODO
    2014-09-14 22:30 - 2014-09-14 22:30 - 00003402 _____ () C:\Windows\System32\Tasks\PastaQuotes
    2014-09-14 22:29 - 2014-10-04 12:10 - 00000000 ____D () C:\Users\Frank\AppData\Local\Idle-#-Crawler
    2014-09-14 22:29 - 2014-09-14 22:36 - 00000000 ____D () C:\ProgramData\pastaleads
    2014-10-04 12:45 - 2013-12-01 13:35 - 00000000 ____D () C:\Users\Frank\AppData\Local\genienext
    Task: {2640460B-562A-4A40-A686-4BC0492BFB4A} - \YTDownloaderUpd No Task File <==== ATTENTION
    Task: {7C50DBC6-F9E2-4F10-A0B1-1890CE829954} - \YTDownloader No Task File <==== ATTENTION
    Task: {8A730A2F-7C9D-4FD6-BD1F-5E86BDDFD0A6} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
    Task: {DC4FFA13-EAD7-409E-8E7F-BC92A5EBDA8C} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
    Task: {E2ACF7B3-6891-4D5D-A2A4-219D7FCA7553} - System32\Tasks\SaveSense => C:\Users\Frank\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {B5E440E8-853E-48FC-B467-13B205A7885E} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
    Task: {FC7B07B0-055A-4D9B-8538-27B45DC1CC4D} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe <==== ATTENTION
    Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Frank\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    C:\Program Files\Common Files\Goobzo
    EmptyTemp:
    end
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please include it in your reply.


JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#12 Frank_Noto

Frank_Noto
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 14 October 2014 - 02:53 AM

Hi :)

You will have to prepare the fixlist file on your clean machine and transfer it to your corrupted one using your USB. Same for JRT.



warning.gif Pando Media Booster warning!

Pando Media Booster, which is installed (intentially or not) with some gaming tools, has been known to download/send some uncontrollable data. You can never be sure what it really downloads/uploads.

My advice is to uninstall this program. To do so:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for Pando Media Booster, right-click the entry and click Uninstall.

This is optional, but please consider it.


FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif


Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

  • Copy the entire content of the codebox below and paste into the Notepad document:
    start
    CloseProcesses:
    HKLM-x32\...\Run: [ospd_us_103] => [X]
    HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {0aff14cd-5e83-11e2-a246-806e6f6e6963} - D:\Setup.exe
    HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {582bbb5e-69b8-11e2-b4b1-bc5ff46b013b} - E:\VZAccess_Manager.exe /z detect
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT3328386&octid=EB_ORIGINAL_CTID&ISID=M919BA372-4384-4A98-8D79-B286A35A06B2&SearchSource=55&CUI=&UM=6&UP=SP78EA6ADC-B689-435B-9BEC-672FD5EAB4A2&SSPV=SP21715TA_sp_ie
    SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=US&userid=1560abb6-c77e-4aa7-a774-46bcbdc4f697&searchtype=ds&q={searchTerms}&installDate=26/05/2013
    SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=US&userid=1560abb6-c77e-4aa7-a774-46bcbdc4f697&searchtype=ds&q={searchTerms}&installDate=26/05/2013
    SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3328386&octid=EB_ORIGINAL_CTID&ISID=M919BA372-4384-4A98-8D79-B286A35A06B2&SearchSource=58&CUI=&UM=6&UP=SP78EA6ADC-B689-435B-9BEC-672FD5EAB4A2&q={searchTerms}&SSPV=SP21715TA_sp_ie
    SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=US&userid=1560abb6-c77e-4aa7-a774-46bcbdc4f697&searchtype=ds&q={searchTerms}&installDate=26/05/2013
    SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3328386&octid=EB_ORIGINAL_CTID&ISID=M919BA372-4384-4A98-8D79-B286A35A06B2&SearchSource=58&CUI=&UM=6&UP=SP78EA6ADC-B689-435B-9BEC-672FD5EAB4A2&q={searchTerms}&SSPV=SP21715TA_sp_ie
    SearchScopes: HKCU - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.net/search.aspx?s=E9Fzamodu1,0228f7dd-78ca-4d9a-9235-6e8616a54264,&q={searchTerms}
    BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
    BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} ->  No File
    BHO-x32: SaveSense -> {71e129ff-6c2a-4984-818c-7e2c998b8d99} -> C:\Users\Frank\AppData\Local\SaveSense\SaveSenseIE.dll No File
    C:\Users\Frank\AppData\Local\SaveSense
    Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha188\ff [Not Found]
    FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta267\ff [Not Found]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
    R3 WinHttpAutoProxySvc; winhttp.dll [X]
    S4 LMIRfsClientNP; No ImagePath
    S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
    S3 e1cexpress; system32\DRIVERS\e1c62x64.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    2014-09-14 22:31 - 2014-09-14 22:31 - 00004240 _____ () C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3431313735393436342d3237575a236c6c3255342a41
    2014-09-14 22:31 - 2014-09-14 22:31 - 00003830 _____ () C:\Windows\System32\Tasks\Smp
    2014-09-14 22:31 - 2014-09-14 22:31 - 00003722 _____ () C:\Windows\System32\Tasks\SMupdate1
    2014-09-14 22:31 - 2014-09-14 22:31 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
    2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\ProgramData\COMODO
    2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\Program Files (x86)\COMODO
    2014-09-14 22:30 - 2014-09-14 22:30 - 00003402 _____ () C:\Windows\System32\Tasks\PastaQuotes
    2014-09-14 22:29 - 2014-10-04 12:10 - 00000000 ____D () C:\Users\Frank\AppData\Local\Idle-#-Crawler
    2014-09-14 22:29 - 2014-09-14 22:36 - 00000000 ____D () C:\ProgramData\pastaleads
    2014-10-04 12:45 - 2013-12-01 13:35 - 00000000 ____D () C:\Users\Frank\AppData\Local\genienext
    Task: {2640460B-562A-4A40-A686-4BC0492BFB4A} - \YTDownloaderUpd No Task File <==== ATTENTION
    Task: {7C50DBC6-F9E2-4F10-A0B1-1890CE829954} - \YTDownloader No Task File <==== ATTENTION
    Task: {8A730A2F-7C9D-4FD6-BD1F-5E86BDDFD0A6} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
    Task: {DC4FFA13-EAD7-409E-8E7F-BC92A5EBDA8C} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
    Task: {E2ACF7B3-6891-4D5D-A2A4-219D7FCA7553} - System32\Tasks\SaveSense => C:\Users\Frank\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {B5E440E8-853E-48FC-B467-13B205A7885E} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
    Task: {FC7B07B0-055A-4D9B-8538-27B45DC1CC4D} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe <==== ATTENTION
    Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Frank\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    C:\Program Files\Common Files\Goobzo
    EmptyTemp:
    end
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please include it in your reply.


JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.

Hi so i ran the first program and this is the file : 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Frank (administrator) on FRANK-PC on 12-10-2014 22:27:07
Running from C:\Users\Frank\Desktop
Loaded Profile: Frank (Available profiles: Frank)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(NDS Technologies) C:\Users\Frank\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
(Spotify Ltd) C:\Users\Frank\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Frank\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [GENIE] => C:\Program Files (x86)\NETGEAR\A6200\A6200.exe [7831840 2012-08-07] (NETGEAR,Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-07-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ospd_us_103] => [X]
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [ares] => "C:\Program Files (x86)\Ares\Ares.exe" -h
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [PCShowServer] => C:\Users\Frank\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1765744 2013-06-25] (NDS Technologies)
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [Spotify] => C:\Users\Frank\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-11] (Spotify Ltd)
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {0aff14cd-5e83-11e2-a246-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-4129183113-2748456395-3009366077-1002\...\MountPoints2: {582bbb5e-69b8-11e2-b4b1-bc5ff46b013b} - E:\VZAccess_Manager.exe /z detect
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} ->  No File
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: SaveSense -> {71e129ff-6c2a-4984-818c-7e2c998b8d99} -> C:\Users\Frank\AppData\Local\SaveSense\SaveSenseIE.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @nds.com/PlayerPlugin -> C:\Users\Frank\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF Plugin HKCU: NDS.com/PlayerPlugin -> C:\Users\Frank\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-14]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha188\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta267\ff [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-17]
CHR Extension: (AdBlock) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]
CHR Extension: (Norton Security Toolbar) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-09-17]
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-02-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-06]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [370072 2012-10-03] (Hauppauge Computer Works, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1854056 2012-12-07] (Microsoft Corporation)
S3 RoxMediaDBGame1X; C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [1095824 2012-08-02] (Corel Corporation)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2708328 2014-09-05] (Search Module Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)
R2 WNDA6200; C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe [25888 2012-07-27] ()
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [2263144 2012-07-31] (Broadcom Corporation)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-26] (Symantec Corporation)
S3 H5xUSB; C:\Windows\System32\Drivers\uth5x64.sys [101632 2012-08-02] (UT)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [709168 2012-11-02] (Hauppauge Computer Work, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-12-02] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141010.001\IDSvia64.sys [633560 2014-10-03] (Symantec Corporation)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141010.009\ENG64.SYS [129752 2014-10-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141010.009\EX64.SYS [2137304 2014-10-05] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-07-10] (Corel Corporation)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [42856 2014-09-05] ()
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2009-07-30] (Creative Technology Ltd.)
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 ZTEusbgps; C:\Windows\System32\DRIVERS\ZTEusbgps.sys [121344 2008-04-15] (ZTE Incorporated)
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [121344 2008-04-15] (ZTE Incorporated)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 e1cexpress; system32\DRIVERS\e1c62x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 22:27 - 2014-10-12 22:27 - 00025326 _____ () C:\Users\Frank\Desktop\FRST.txt
2014-10-12 22:26 - 2014-10-12 22:27 - 00000000 ____D () C:\FRST
2014-10-12 22:26 - 2014-10-12 22:25 - 02110464 _____ (Farbar) C:\Users\Frank\Desktop\FRST64.exe
2014-10-12 22:25 - 2014-10-12 22:25 - 00003538 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0 Fallback-Frank-PC-Frank
2014-10-11 11:45 - 2014-10-12 22:25 - 00000000 ____D () C:\ProgramData\MCShield
2014-10-11 11:45 - 2014-10-11 11:56 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-10-11 11:45 - 2014-10-11 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-10-05 12:49 - 2014-10-05 12:49 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-10-04 13:06 - 2014-10-04 13:06 - 00000000 __SHD () C:\Users\Frank\AppData\Local\EmieUserList
2014-10-04 13:06 - 2014-10-04 13:06 - 00000000 __SHD () C:\Users\Frank\AppData\Local\EmieSiteList
2014-10-04 12:37 - 2014-10-12 22:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-04 12:37 - 2014-10-04 12:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-04 12:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-04 12:37 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-04 12:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-27 11:29 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-27 11:29 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-27 11:29 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-27 11:29 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-27 11:29 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-27 11:29 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-27 11:29 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-27 11:29 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-27 11:29 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-27 11:29 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-27 11:29 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-27 11:29 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-27 11:29 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-27 11:29 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-27 11:29 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-27 11:29 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-27 11:29 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-27 11:29 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-27 11:29 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-27 11:29 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-27 11:29 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-27 11:29 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-27 11:29 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-27 11:29 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-27 11:29 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-27 11:29 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-27 11:29 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-27 11:29 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-27 11:29 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-27 11:29 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-27 11:29 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-27 11:29 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-27 11:29 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-27 11:29 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-27 11:29 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-27 11:29 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-27 11:29 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-27 11:29 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-27 11:29 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-27 11:29 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-27 11:29 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-27 11:29 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-27 11:29 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-27 11:29 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-27 11:29 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-27 11:29 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-27 11:29 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-27 11:29 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-27 11:29 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-27 11:29 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-27 11:29 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-27 11:29 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-27 11:29 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-27 11:28 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-27 11:28 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-27 11:28 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-27 11:18 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-27 11:18 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-27 11:18 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-27 11:18 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-27 11:18 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-27 11:18 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-27 11:18 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-27 11:18 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-27 11:18 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-27 11:18 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-27 11:18 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-27 11:18 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-27 11:18 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-27 11:18 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-27 11:18 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-27 11:18 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-27 11:18 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-27 11:18 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-27 11:18 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-27 11:18 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-27 11:17 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-27 11:17 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-27 11:17 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-27 11:17 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-27 11:17 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-27 11:17 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-27 11:17 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-27 11:17 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-27 11:17 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-27 11:17 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-27 11:17 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-27 11:17 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-27 11:17 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-27 11:17 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-27 11:17 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-27 11:17 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-27 11:17 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-27 11:17 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-27 11:17 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-27 11:17 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-27 11:17 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-27 11:17 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-27 11:17 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-27 11:16 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-27 11:16 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-27 11:09 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-27 11:09 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-27 11:09 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-27 11:09 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-27 11:09 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-27 11:08 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-27 11:08 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-27 11:08 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-27 11:08 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-20 12:19 - 2014-09-20 12:19 - 00000000 ____D () C:\Users\Frank\Documents\Symantec
2014-09-18 00:10 - 2014-10-04 12:07 - 00000000 ____D () C:\ProgramData\SearchModule
2014-09-17 23:53 - 2014-10-04 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-17 23:53 - 2014-09-17 23:53 - 10619688 _____ (VS Revo Group ) C:\Users\Frank\Downloads\RevoUninProSetup.exe
2014-09-17 23:53 - 2014-09-17 23:53 - 00000000 ____D () C:\Users\Frank\AppData\Local\VS Revo Group
2014-09-17 23:53 - 2014-09-17 23:53 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-17 23:53 - 2014-09-17 23:53 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-17 23:53 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-09-14 22:59 - 2014-09-14 22:59 - 00000000 ____D () C:\Program Files (x86)\predm
2014-09-14 22:49 - 2014-09-14 22:49 - 00578752 _____ () C:\Users\Frank\Downloads\StarWars+BattleFront+II{Project+Antix}__9273_il2314896.exe
2014-09-14 22:31 - 2014-09-14 22:31 - 00004240 _____ () C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3431313735393436342d3237575a236c6c3255342a41
2014-09-14 22:31 - 2014-09-14 22:31 - 00003830 _____ () C:\Windows\System32\Tasks\Smp
2014-09-14 22:31 - 2014-09-14 22:31 - 00003722 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-09-14 22:31 - 2014-09-14 22:31 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\ProgramData\COMODO
2014-09-14 22:30 - 2014-09-17 23:35 - 00000000 ____D () C:\Program Files (x86)\COMODO
2014-09-14 22:30 - 2014-09-14 22:30 - 00003402 _____ () C:\Windows\System32\Tasks\PastaQuotes
2014-09-14 22:29 - 2014-10-04 12:10 - 00000000 ____D () C:\Users\Frank\AppData\Local\Idle-#-Crawler
2014-09-14 22:29 - 2014-09-14 22:36 - 00000000 ____D () C:\ProgramData\pastaleads
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 22:27 - 2014-01-10 18:34 - 01917433 _____ () C:\Windows\WindowsUpdate.log
2014-10-12 22:26 - 2014-05-24 13:30 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Spotify
2014-10-12 22:25 - 2013-02-01 16:24 - 00000000 ____D () C:\Users\Frank\AppData\Local\Adobe
2014-10-12 22:25 - 2013-01-28 19:31 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-12 22:23 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 22:22 - 2014-01-10 19:48 - 00183288 _____ () C:\Windows\PFRO.log
2014-10-12 22:22 - 2014-01-10 19:48 - 00024886 _____ () C:\Windows\setupact.log
2014-10-11 12:43 - 2013-02-07 18:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-11 11:58 - 2013-01-28 19:31 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 11:51 - 2014-01-28 20:26 - 00000000 ____D () C:\Users\Frank\AppData\Local\SaveSense
2014-10-11 11:49 - 2009-07-13 21:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 11:49 - 2009-07-13 21:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 11:44 - 2014-05-24 13:30 - 00000000 ____D () C:\Users\Frank\AppData\Local\Spotify
2014-10-11 11:43 - 2014-02-26 18:38 - 00000000 ____D () C:\Users\Frank\AppData\Local\LogMeIn Hamachi
2014-10-04 14:45 - 2013-01-29 16:39 - 00000000 ____D () C:\Users\Frank\AppData\Local\PMB Files
2014-10-04 14:45 - 2013-01-29 16:39 - 00000000 ____D () C:\ProgramData\PMB Files
2014-10-04 14:04 - 2014-08-13 20:26 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-04 13:55 - 2013-04-04 23:11 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\TeamViewer
2014-10-04 13:34 - 2013-12-14 00:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-10-04 13:34 - 2013-02-17 23:16 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-10-04 13:34 - 2013-02-17 23:15 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-10-04 13:06 - 2013-02-17 01:15 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Skype
2014-10-04 12:46 - 2013-01-28 19:08 - 00001575 _____ () C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-04 12:45 - 2013-12-01 13:35 - 00000000 ____D () C:\Users\Frank\AppData\Local\genienext
2014-10-04 12:45 - 2013-12-01 13:22 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-10-04 12:45 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\Performance
2014-10-04 12:14 - 2013-01-28 19:08 - 00000000 ____D () C:\Users\Frank
2014-10-04 12:10 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-04 12:10 - 2010-11-21 00:16 - 00000000 ____D () C:\Windows\ShellNew
2014-10-04 12:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-10-04 12:08 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-04 12:07 - 2014-08-20 01:55 - 00000000 ____D () C:\Program Files (x86)\Toontown Rewritten
2014-10-04 12:07 - 2013-03-12 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-04 12:07 - 2013-03-12 22:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-04 12:07 - 2013-03-12 22:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-04 12:07 - 2013-02-17 23:15 - 00000000 ____D () C:\ProgramData\Norton
2014-10-04 12:07 - 2013-02-13 22:35 - 00000000 ____D () C:\Users\Frank\AppData\Local\Apple
2014-10-04 12:07 - 2013-01-28 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-04 12:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-04 12:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-04 12:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2014-10-04 11:27 - 2013-04-04 23:26 - 00000000 ____D () C:\Users\Frank\Desktop\My Stuff
2014-10-04 11:26 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-04 11:03 - 2009-07-13 21:45 - 05169416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-27 11:27 - 2013-06-18 16:47 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-27 11:24 - 2013-07-22 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-25 00:02 - 2013-01-28 21:55 - 00002341 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-23 23:43 - 2013-02-07 18:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 23:43 - 2013-02-07 18:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 23:43 - 2013-02-07 18:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-17 23:37 - 2013-12-31 23:07 - 00000000 ____D () C:\Windows\Minidump
2014-09-17 23:36 - 2013-06-25 19:47 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\BitTorrent
2014-09-17 23:24 - 2013-02-21 19:02 - 00000000 ____D () C:\Users\Frank\AppData\Local\CrashDumps
2014-09-17 23:24 - 2011-03-01 15:27 - 00000000 ____D () C:\Windows\Panther
2014-09-14 22:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-27 01:31
 
==================== End Of Log ============================
 
 
But there was a problem with the JRT program and it would open up when i ran it as admin and then i would press a key to start the process but it would finish instantly and give no text document on my desktop.


#13 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 14 October 2014 - 03:04 AM

You have made a mistake. It is FRST logfile, but with Scan option used. I need you to run it this time with the Fix option.
 
Please, be more thorough when following my instructions :)


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#14 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:04:02 PM

Posted 18 October 2014 - 05:13 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users