Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slow, windows crashing, mysearch, etc


  • This topic is locked This topic is locked
31 replies to this topic

#1 barracudacool

barracudacool

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 18 November 2014 - 08:04 AM

My computer has become very unstable over the last two weeks. Crashing regularly. I can restart in safe mode with networking. and sometimes can restart normally.  The system crashes overnight or when I am away from it. I have run virus software and nothing is coming up. Mysearch is loading on startup. Have tried restore but the system will not allow it. It fails. malwarebytes, superantispywarefree not finding anything.  Last night it crashed and when I got back in it wouldnt let me load any of the office2010 programs. Kept asking for licences and then wouldnt allow me to put in the keys. Back up now but I know it wont stay up.

 

Thanks



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,729 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:56 AM

Posted 23 November 2014 - 09:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/556639 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 23 November 2014 - 02:22 PM

Hi...Yes still need help. The computer was crashing every other day. blue screen of death and then a great deal of difficulty in rebooting it. I could get it to reboot in safe mode with networking and then ran virus detection on it. Mysearch is also now loading again as well. Can't get rid of it.  I cleaned out the cache, etc and I am now up and running with a regular boot and login except that the system is running very slowly. Tried to reset the computer to an earlier restore. It wouldn't let me do it.

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.67.2
Run by melissa at 14:21:25 on 2014-11-23
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3582.1836 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
C:\Program Files\Panopto\Recorder\Recorder.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Juniper Networks\JamUI\Pulse.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\melissa\AppData\Local\Amazon Music\Amazon Music Helper.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\ProgramData\Boxtools\Toolbox.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Users\melissa\AppData\Local\Apps\2.0\LCT0Y6J3.X2L\483HPNOC.6WP\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Norton 360\Engine\21.6.0.32\coNatHst.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
C:\Program Files\TechSmith\Snagit 11\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 11\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 11\snagiteditor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
mStart Page = hxxp://www.google.com
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\21.6.0.32\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\21.6.0.32\coieplg.dll
uRun: [Boxoft Tools] "c:\programdata\boxtools\Boxofttoolbox.exe" -autorun
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [DellSystemDetect] c:\users\melissa\appdata\roaming\microsoft\windows\start menu\programs\dell\Dell System Detect.appref-ms
uRun: [Amazon Music] "c:\users\melissa\appdata\local\amazon music\Amazon Music Helper.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [JunosPulse] c:\program files\common files\juniper networks\jamui\Pulse.exe -tray
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
Trusted Zone: dell.com
DPF: {77D7D41D-B005-44D9-AF2A-DE1C02DF34D7} - hxxps://prod.isis.jhu.edu/controls/MaskedNumEdit.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://sslconnect.johnshopkins.edu/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9AD00D2D-8430-411A-9151-51B8268CDF48} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D99AE1E0-2D93-4380-B349-2EED26FB8B8C} : NameServer = 10.200.1.1,10.200.2.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - 
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.65\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\melissa\appdata\roaming\mozilla\firefox\profiles\olztzvtx.default\
FF - prefs.js: browser.search.selectedEngine - Bing 
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\skypewebplugin\npSkypeWebPlugin.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\melissa\appdata\local\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\users\melissa\appdata\local\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\users\melissa\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\melissa\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\melissa\appdata\roaming\mozilla\plugins\npo1d.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_223.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2014-1-27 44240]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1506000.020\symds.sys [2014-9-27 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1506000.020\symefa.sys [2014-9-27 936152]
R1 BHDrvx86;BHDrvx86;c:\program files\norton 360\nortondata\21.1.1.7\definitions\bashdefs\20141118.001\BHDrvx86.sys [2014-11-19 1138392]
R1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\n360\1506000.020\ccsetx86.sys [2014-9-27 127064]
R1 IDSVix86;IDSVix86;c:\program files\norton 360\nortondata\21.1.1.7\definitions\ipsdefs\20141121.001\IDSvix86.sys [2014-11-22 479448]
R1 jnprns;Juniper Network Service;c:\windows\system32\drivers\jnprns.sys [2014-5-1 412464]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1506000.020\ironx86.sys [2014-9-27 209624]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\1506000.020\symnets.sys [2014-9-27 447704]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-8-30 176128]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 Carbonite-Mirror-Image-Svc;Carbonite Mirror Image Service;c:\program files\carbonite\carbonite mirror image\CarboniteMirrorImage.exe [2013-4-18 4143168]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2009-7-16 382752]
R2 JuniperAccessService;Juniper Unified Network Service;c:\program files\common files\juniper networks\juns\dsAccessService.exe [2014-4-8 159280]
R2 N360;Norton 360;c:\program files\norton 360\engine\21.6.0.32\n360.exe [2014-9-27 265040]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\netgear genie\bin\NETGEARGenieDaemon.exe [2012-9-25 195400]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup 3.0\SymcPCCULaunchSvc.exe [2012-9-25 132504]
R2 PanoptoRecorderService;Panopto Recorder Upload Service;c:\program files\panopto\recorder\Recorder.exe [2014-5-30 827712]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\engine\2.0.12.27\ccSvcHst.exe [2012-2-2 126392]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2011-6-24 2071064]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-10-14 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2011-8-29 224424]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2014-11-19 111408]
R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;c:\windows\system32\drivers\jnprvamgr.sys [2013-8-14 36776]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-10-17 114904]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-5-20 30576]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-11-11 102912]
S3 jnprva;Juniper Networks Virtual Adapter Service;c:\windows\system32\drivers\jnprva.sys [2013-8-14 24952]
S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2011-12-13 21744]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-25 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S4 jnprTdi_803_44983;Juniper Networks TDI Filter Driver (jnprTdi_803_44983);c:\windows\system32\drivers\jnprTdi_803_44983.sys [2014-5-1 92984]
.
=============== Created Last 30 ================
.
2014-11-21 03:14:51 -------- d-----w- c:\users\melissa\appdata\local\{1BE86C84-7286-4EBA-A542-17C4D04413B1}
2014-11-20 21:32:34 3231832 ----a-w- c:\program files\mozilla firefox\d3dcompiler_46.dll
2014-11-20 21:32:30 220784 ----a-w- c:\program files\mozilla firefox\sandboxbroker.dll
2014-11-19 01:41:16 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 01:41:16 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-12 20:59:05 -------- d-sh--w- c:\users\melissa\appdata\local\EmieBrowserModeList
2014-11-11 23:49:58 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-06 16:04:14 -------- d-----w- c:\users\melissa\appdata\local\{9A845C78-96A6-46DE-B426-F5EC5D61BC21}
2014-11-06 15:04:36 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-11-06 15:04:36 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-11-06 15:01:45 -------- d-----w- c:\program files\iPod
2014-11-06 15:01:44 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-06 15:01:44 -------- d-----w- c:\program files\iTunes
2014-11-01 02:40:52 -------- d-----w- c:\users\melissa\appdata\local\{155EFED8-15AA-45DE-B8B0-142972123E7B}
2014-11-01 01:43:50 -------- d-----w- c:\users\melissa\appdata\local\{9A2B64B3-4DAA-43CF-B7AB-B264585617C7}
2014-10-29 03:23:11 -------- d-----w- c:\users\melissa\appdata\local\{07AE88C4-16D1-43FC-84A1-ABE11505431B}
2014-10-29 03:00:01 -------- d-----w- c:\users\melissa\appdata\local\{805FFDDD-2C7D-4516-BB48-D48E53D278C0}
.
==================== Find3M  ====================
.
2014-11-22 21:15:02 114904 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-11-12 06:52:19 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-12 06:52:19 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-06 03:28:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-06 03:28:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-06 03:13:43 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-06 02:59:36 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-06 02:59:34 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-06 02:58:38 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-06 02:51:33 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-06 02:42:36 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-06 02:21:49 4298240 ----a-w- c:\windows\system32\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-06 01:52:35 1892864 ----a-w- c:\windows\system32\wininet.dll
2014-11-05 17:50:47 254464 ----a-w- c:\windows\system32\generaltel.dll
2014-11-05 17:50:28 203776 ----a-w- c:\windows\system32\aepdu.dll
2014-11-05 17:47:40 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33:18 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:41 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-02 19:23:20 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2014-10-02 19:23:20 69632 ----a-w- c:\windows\system32\QuickTime.qts
2014-10-01 16:11:24 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 16:11:14 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 16:11:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 01:40:50 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 09:23:55 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-09-19 09:23:49 248832 ----a-w- c:\windows\system32\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- c:\windows\system32\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- c:\windows\system32\credssp.dll
2014-09-09 21:47:10 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04:15 372736 ----a-w- c:\windows\system32\rastls.dll
2014-08-26 02:20:22 664792 ----a-w- c:\windows\system32\drivers\n360\1506000.020\srtsp.sys
2014-08-26 02:20:22 32984 ----a-w- c:\windows\system32\drivers\n360\1506000.020\srtspx.sys
.
============= FINISH: 14:21:34.37 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 6/23/2011 3:27:32 PM
System Uptime: 11/21/2014 4:57:50 PM (46 hours ago)
.
Motherboard: Dell Inc. |  | 0Y958C
Processor: Intel® Core™2 Duo CPU     E8500  @ 3.16GHz | CPU | 3158/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 17.426 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: USB Cable Modem
Device ID: USB\VID_07B2&PID_5100\000CE5058C41
Manufacturer: 
Name: USB Cable Modem
PNP Device ID: USB\VID_07B2&PID_5100\000CE5058C41
Service: 
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl5af12555
Device ID: ROOT\LEGACY_MPKSL5AF12555\0000
Manufacturer: 
Name: MpKsl5af12555
PNP Device ID: ROOT\LEGACY_MPKSL5AF12555\0000
Service: MpKsl5af12555
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl8a534c45
Device ID: ROOT\LEGACY_MPKSL8A534C45\0000
Manufacturer: 
Name: MpKsl8a534c45
PNP Device ID: ROOT\LEGACY_MPKSL8A534C45\0000
Service: MpKsl8a534c45
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsla2c03bb3
Device ID: ROOT\LEGACY_MPKSLA2C03BB3\0000
Manufacturer: 
Name: MpKsla2c03bb3
PNP Device ID: ROOT\LEGACY_MPKSLA2C03BB3\0000
Service: MpKsla2c03bb3
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslb291d7a4
Device ID: ROOT\LEGACY_MPKSLB291D7A4\0000
Manufacturer: 
Name: MpKslb291d7a4
PNP Device ID: ROOT\LEGACY_MPKSLB291D7A4\0000
Service: MpKslb291d7a4
.
==== System Restore Points ===================
.
RP345: 11/19/2014 3:00:31 AM - Windows Update
RP346: 11/23/2014 2:14:58 PM - Removed Sophos Virus Removal Tool.
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.06)
Amazon Kindle
Amazon Music
Amazon Unbox Video
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
Avidemux 2.6 (32-bit)
BioAPI Framework
Bonjour
Camtasia Studio 7
Camtasia Studio 8
Carbonite
Carbonite Mirror Image (32-bit)
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Citrix Online Launcher
CutePDF Writer 2.8
D3DX10
Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition
Dell ControlPoint System Manager
Dell Driver Download Manager
Dell Security Device Driver Pack
Dell Support Center
Dell System Detect
DivX Setup
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
GoToMeeting 5.5.0.1132
HiJackThis
iCloud
Intel® Management Engine Interface
Intel® Network Connections Drivers
Intel® Active Management Technology
Intel® Matrix Storage Manager
iTunes
Java 7 Update 67
Java Auto Updater
JavaFX 2.1.0
Juniper Networks Network Connect 7.0.0
Juniper Networks Network Connect 7.1.0
Juniper Networks Setup Client
Junos Pulse 5.0
Junos Pulse Core Components
Junos Pulse Drivers Add-On
Junos Pulse Host Checker Plugin Add-On
Junos Pulse Tunnel Manager Add-On
Junos Pulse UAC/NC Components
Malwarebytes Anti-Malware version 2.0.3.1025
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft Easy Assist v2
Microsoft LifeCam
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 33.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MUSHclient (remove only)
Netflix in Windows Media Center
NETGEAR Genie
Norton 360
Norton PC Checkup
Panopto Recorder
PhotoFiltre
Pidgin
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Safari
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype Web Plugin
Skype™ 6.21
Snagit 10.0.1
Snagit 11
SoundMAX
Terraria
Unity Web Player
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
UPEK TouchChip Fingerprint Reader
VC8 CRT
VC80CRTRedist - 8.0.50727.6195
WD SmartWare
Winamp
Winamp Detector Plug-in
WinDirStat 1.1.2
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
11/22/2014 4:14:54 PM, Error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
11/22/2014 4:14:23 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
11/22/2014 4:08:16 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/22/2014 10:24:48 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
11/21/2014 8:57:31 AM, Error: volsnap [67]  - The shadow copy of volume C: being created failed to install.
11/20/2014 4:30:15 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
11/19/2014 3:24:43 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}  and APPID  {B292921D-AF50-400C-9B75-0C57A7F29BA1}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/19/2014 3:24:35 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  IFP700 TfFsMon TfSysMon
11/18/2014 2:48:36 PM, Error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/17/2014 9:04:24 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000009f (0x00000003, 0x86328030, 0x83546ae0, 0xcba71008). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111714-65707-01.
11/17/2014 2:08:01 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR5.
11/17/2014 11:29:57 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/17/2014 11:29:57 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
11/17/2014 11:28:41 PM, Error: Service Control Manager [7022]  - The Juniper Unified Network Service service hung on starting.
11/17/2014 11:21:48 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
11/17/2014 11:21:32 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
11/17/2014 11:18:28 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
11/17/2014 11:18:28 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/17/2014 11:18:27 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/17/2014 11:18:19 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}
11/17/2014 11:18:17 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/17/2014 11:18:09 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/17/2014 11:17:58 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  BHDrvx86 ccSet_N360 discache eeCtrl IDSVix86 IFP700 SASDIFSV SASKUTIL SCT_SKMScan spldr SRTSP SRTSPX SymIRON SymNetS TfFsMon TfSysMon Wanarpv6
11/17/2014 11:11:51 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
11/17/2014 10:58:30 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
.
==== End Of File ===========================
 


#4 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:56 AM

Posted 28 November 2014 - 01:05 AM

Hi, barracudacool! I'm going to try to help you out. :)

Before we get started, here are some things I need you to remember:

  • Please don't make any changes to your computer, or run programs, without asking me first! This will make it practically impossible for me to assist you.
  • Always read my posts completely before doing anything, and follow the instructions in the order I give them to you, unless stated otherwise.
  • If you're getting help elsewhere, or have already resolved the problem, please let me know so I can close this thread.
  • Please respond to me within five days of me replying to you. If you need more time, please let me know. I will close topics that I have not received a response from within five days.
  • Please be patient with me. I need some time to analyze your logs and responses so I can correctly help you. I should respond to you within two days, but if I haven't, please send me a PM! I may have missed your response. Bribing me with candy for faster replies is not advised.
  • If something goes wrong, you don't understand something, or you don't know what to do, please stop and ask me before proceeding with any further steps!

First, let's run a scan with FRST to get some more information.

Farbar Recovery Scan Tool
 
I need you to run a scan with FRST.

  • Download the version of FRST that is designed for your system from here, and save it to your desktop. If you don't know which one is designed for your system, download both and try running both. Only one will work correctly, and that's the one you need to use.
  • Double click the program to run it. Accept the disclaimer and click the Scan button.
  • Once it's done scanning, FRST will create two logs on your desktop, FRST.txt and Addition.txt. Please copy and paste both into your reply, one at a time.

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#5 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:56 AM

Posted 30 November 2014 - 11:42 PM

Hi,

It's been three days since my last post, so I am bumping the topic just in case you missed my previous reply. If you need more time to get back to me, please let me know, because I'll assume you're inactive otherwise.

If I still haven't heard from you in two days, this topic will be locked, so please get back to me by then.

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#6 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 01 December 2014 - 10:29 AM

Hi sorry. was up in the mountains afk for the weekend.  I am having trouble downloading frst. Norton keeps blocking it. I tried to turn off firewall but it is still blocking it. What should I do?



#7 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 01 December 2014 - 10:50 AM

Hi... Never mind. figured it out. Here are the scans

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2014
Ran by melissa (administrator) on MELISSA-PC on 01-12-2014 10:46:23
Running from C:\Users\melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHMTJ3E0
Loaded Profile: melissa (Available profiles: melissa & Barracudacool)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(Panopto, Inc) C:\Program Files\Panopto\Recorder\Recorder.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Amazon.com) C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JamUI\Pulse.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\melissa\AppData\Local\Amazon Music\Amazon Music Helper.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Western Digital) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
() C:\ProgramData\Boxtools\Toolbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Dell) C:\Users\melissa\AppData\Local\Apps\2.0\LCT0Y6J3.X2L\483HPNOC.6WP\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.320_none_79d7b1ac99325eca\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\TscHelp.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\SnagPriv.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\coNatHst.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE
(TechSmith Corporation) C:\Program Files\TechSmith\Camtasia Studio 8\TscHelp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(The Pidgin developer community) C:\Program Files\Pidgin\pidgin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Windows\ERUNT.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-04-23] (Analog Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-29] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-13] (RealNetworks, Inc.)
HKLM\...\Run: [JunosPulse] => C:\Program Files\Common Files\Juniper Networks\JamUI\Pulse.exe [2522672 2014-04-09] (Juniper Networks, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Carbonite Backup] => C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [DellSystemDetect] => C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [Amazon Music] => C:\Users\melissa\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-05] ()
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6697752 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe [855216 2014-11-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: {77D7D41D-B005-44D9-AF2A-DE1C02DF34D7} https://prod.isis.jhu.edu/controls/MaskedNumEdit.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://sslconnect.johnshopkins.edu/dana-cached/sc/JuniperSetupClient.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D99AE1E0-2D93-4380-B349-2EED26FB8B8C}: [NameServer] 10.200.1.1,10.200.2.2

FireFox:
========
FF ProfilePath: C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\olztzvtx.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @citrixonline.com/appdetectorplugin -> C:\Users\melissa\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\melissa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @talk.google.com/O1DPlugin -> C:\Users\melissa\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @tools.google.com/Google Update;version=3 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @tools.google.com/Google Update;version=9 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\melissa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\melissa\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\melissa\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\olztzvtx.default\searchplugins\bingp.xml
FF Extension: iCloud Bookmarks - C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\olztzvtx.default\Extensions\firefoxdav@icloud.com [2014-11-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-28]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.1.7\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.1.7\coFFPlgn [2014-11-19]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-13]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0B0CtAtDyD0B0DtB0EtDyBtAyD0E0CyEtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1940262911&ir=", "hxxp://www.google.com"
CHR Profile: C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (Adblock Plus) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-14]
CHR Extension: (Norton Identity Safe) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-15]
CHR Extension: (Skype Click to Call) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-02]
CHR Extension: (Norton Security Toolbar) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-09-16]
CHR Extension: (Google Wallet) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-27]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 ADVService; C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2010-09-13] (Amazon.com) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Carbonite-Mirror-Image-Svc; C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe [4143168 2013-04-18] (Carbonite, Inc.)
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [5058256 2014-06-27] (Carbonite, Inc. (www.carbonite.com))
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [382752 2009-07-16] (Dell Inc.)
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [670792 2011-11-14] (Juniper Networks)
R2 JuniperAccessService; C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe [159280 2014-04-08] (Juniper Networks, Inc.)
R2 N360; C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR)
R2 Norton PC Checkup Application Launcher; C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-24] (Symantec Corporation)
R2 PanoptoRecorderService; C:\Program Files\Panopto\Recorder\Recorder.exe [827712 2014-05-30] (Panopto, Inc)
R2 PCCUJobMgr; C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe [126392 2011-05-03] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2071064 2010-05-21] (Intel Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.1.1.7\Definitions\BASHDefs\20141118.001\BHDrvx86.sys [1138392 2014-10-03] (Symantec Corporation)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2010-06-06] (Avanquest Software) [File not signed]
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1506000.020\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [26624 2011-11-14] (Juniper Networks)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-10-07] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-10-07] (Symantec Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2014-01-27] ()
R1 IDSVix86; C:\Program Files\Norton 360\NortonData\21.1.1.7\Definitions\IPSDefs\20141128.001\IDSvix86.sys [479448 2014-11-17] (Symantec Corporation)
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [412464 2014-03-13] (Juniper Networks)
S4 jnprTdi_803_44983; C:\Windows\system32\Drivers\jnprTdi_803_44983.sys [92984 2014-04-09] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [24952 2013-08-14] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [36776 2013-08-14] (Juniper Networks, Inc.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-22] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.1.1.7\Definitions\VirusDefs\20141130.022\NAVENG.SYS [95704 2014-10-07] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.1.1.7\Definitions\VirusDefs\20141130.022\NAVEX15.SYS [1636696 2014-10-07] (Symantec Corporation)
S3 netrcacm; C:\Windows\System32\DRIVERS\netrcacm.sys [20648 2003-01-20] (Thomson Inc.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2013-05-23] (CACE Technologies, Inc.)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SRTSP; C:\Windows\System32\Drivers\N360\1506000.020\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1506000.020\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1506000.020\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1506000.020\SYMEFA.SYS [936152 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-03-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1506000.020\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360\1506000.020\SYMNETS.SYS [447704 2014-02-17] (Symantec Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\Users\melissa\AppData\Local\Temp\catchme.sys [X]
S0 IFP700; system32\drivers\ifp700.sys [X]
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S1 MpKsl5af12555; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsl5af12555.sys [X]
S1 MpKsl8a534c45; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsl8a534c45.sys [X]
S1 MpKsla2c03bb3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsla2c03bb3.sys [X]
S1 MpKslb291d7a4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKslb291d7a4.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
U3 mbr; \??\C:\Users\melissa\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-01 10:45 - 2014-12-01 10:46 - 00000000 ____D () C:\FRST
2014-12-01 10:31 - 2014-12-01 10:31 - 01109504 _____ (Farbar) C:\Users\melissa\Downloads\frst.exe
2014-11-26 10:04 - 2014-11-26 10:04 - 00001967 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-11-26 10:04 - 2014-11-26 10:04 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-11-26 10:04 - 2014-11-26 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-26 10:02 - 2014-11-26 10:02 - 20498024 _____ (SUPERAntiSpyware) C:\Users\melissa\Downloads\SUPERAntiSpyware.exe
2014-11-23 14:13 - 2014-11-23 14:21 - 00025085 _____ () C:\Users\melissa\Desktop\dds.txt
2014-11-23 14:13 - 2014-11-23 14:21 - 00014752 _____ () C:\Users\melissa\Desktop\attach.txt
2014-11-23 14:11 - 2014-11-23 14:11 - 00688992 ____R (Swearware) C:\Users\melissa\Downloads\dds.com
2014-11-20 22:14 - 2014-11-20 22:15 - 00000000 ____D () C:\Users\melissa\AppData\Local\{1BE86C84-7286-4EBA-A542-17C4D04413B1}
2014-11-20 15:25 - 2014-11-20 15:25 - 01436797 _____ () C:\Users\melissa\Downloads\memory_revised_2014.docx.pptx
2014-11-18 20:41 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 20:41 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-17 23:20 - 2014-11-17 23:21 - 105630736 _____ (Sophos Limited) C:\Users\melissa\Downloads\Sophos Virus Removal Tool.exe
2014-11-17 23:03 - 2014-11-17 23:03 - 31562952 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\Windows-KB890830-V5.18 (1).exe
2014-11-17 22:28 - 2014-11-17 22:39 - 987942848 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\MicrosoftInstaller.exe
2014-11-17 21:37 - 2014-11-17 21:38 - 31562952 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\Windows-KB890830-V5.18.exe
2014-11-17 21:04 - 2014-11-17 21:04 - 00483712 _____ () C:\Windows\Minidump\111714-65707-01.dmp
2014-11-14 13:29 - 2014-12-01 10:27 - 00000378 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_melissa.job
2014-11-14 13:29 - 2014-12-01 09:47 - 00000374 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_melissa.job
2014-11-14 13:29 - 2014-11-19 11:39 - 00000384 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_melissa.job
2014-11-12 15:59 - 2014-11-12 15:59 - 00000000 __SHD () C:\Users\melissa\AppData\Local\EmieBrowserModeList
2014-11-11 18:50 - 2014-11-05 12:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 18:50 - 2014-11-05 12:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 18:50 - 2014-11-05 12:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 18:50 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 18:50 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 18:50 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 18:50 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 18:50 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 18:49 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 18:49 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 18:49 - 2014-11-05 22:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 18:49 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 18:49 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 18:49 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 18:49 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 18:49 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 18:49 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 18:49 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 18:49 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 18:49 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 18:49 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 18:49 - 2014-11-05 21:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 18:49 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 18:49 - 2014-11-05 21:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 18:49 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 18:49 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 18:49 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 18:49 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 18:49 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 18:49 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 18:49 - 2014-11-05 21:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 18:49 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 18:49 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 18:49 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 18:49 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 18:49 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 18:49 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 18:49 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 18:49 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 18:49 - 2014-10-13 20:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 18:49 - 2014-10-13 20:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 18:49 - 2014-10-13 20:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 18:49 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 18:49 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 18:49 - 2014-10-09 19:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 18:49 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 09:05 - 2014-11-11 09:05 - 00511778 _____ () C:\Users\melissa\Downloads\PastedGraphic-3 (1).tiff
2014-11-11 09:02 - 2014-11-11 09:02 - 00511778 _____ () C:\Users\melissa\Downloads\PastedGraphic-3.tiff
2014-11-09 09:59 - 2014-11-09 09:59 - 00000034 _____ () C:\Users\melissa\Downloads\wypr.m3u
2014-11-09 09:10 - 2014-11-09 09:10 - 02031992 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\MGADiag (1).exe
2014-11-09 09:09 - 2014-11-09 09:09 - 02031992 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\MGADiag.exe
2014-11-08 22:10 - 2014-11-08 22:10 - 04976456 _____ (Piriform Ltd) C:\Users\melissa\Downloads\ccsetup419.exe
2014-11-06 20:47 - 2014-11-06 20:47 - 00014176 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15_edit_11_6_14 (1).xlsx
2014-11-06 20:44 - 2014-11-06 20:45 - 00000165 ____H () C:\Users\melissa\Downloads\~$OsherJHU_FY15_edit_11_6_14.xlsx
2014-11-06 20:44 - 2014-11-06 20:44 - 00014176 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15_edit_11_6_14.xlsx
2014-11-06 20:04 - 2014-11-06 20:04 - 00014114 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15 (2).xlsx
2014-11-06 20:02 - 2014-11-06 20:02 - 00014114 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15 (1).xlsx
2014-11-06 11:04 - 2014-11-06 11:04 - 00000000 ____D () C:\Users\melissa\AppData\Local\{9A845C78-96A6-46DE-B426-F5EC5D61BC21}
2014-11-06 10:05 - 2014-11-06 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-06 10:04 - 2014-11-06 10:04 - 00001817 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-11-06 10:04 - 2014-11-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-06 10:02 - 2014-11-06 10:02 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-06 10:02 - 2014-11-06 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-06 10:01 - 2014-11-06 10:02 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-06 10:01 - 2014-11-06 10:02 - 00000000 ____D () C:\Program Files\iTunes
2014-11-06 10:01 - 2014-11-06 10:01 - 00000000 ____D () C:\Program Files\iPod
2014-11-03 21:51 - 2014-11-03 21:51 - 00347816 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.133849555798264.1.1.Run.exe
2014-11-03 08:36 - 2014-11-03 08:36 - 00024146 _____ () C:\Users\melissa\Downloads\Andersonville Blog.docm

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-01 10:47 - 2014-02-28 12:02 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Skype
2014-12-01 10:40 - 2011-06-23 14:32 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\.purple
2014-12-01 10:36 - 2011-10-09 12:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-01 10:22 - 2011-07-09 19:20 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000UA.job
2014-12-01 10:04 - 2011-06-23 12:27 - 01746886 _____ () C:\Windows\WindowsUpdate.log
2014-12-01 09:56 - 2011-10-09 12:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-01 09:56 - 2011-07-09 19:20 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000Core.job
2014-12-01 09:52 - 2012-04-12 08:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-01 09:47 - 2013-10-19 12:40 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-28 11:07 - 2009-07-13 23:39 - 00076815 _____ () C:\Windows\setupact.log
2014-11-27 14:52 - 2014-10-23 10:55 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 12:53 - 2012-04-12 08:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 12:53 - 2011-06-24 10:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-25 10:24 - 2010-11-20 16:01 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-25 09:03 - 2009-07-13 23:34 - 00028144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-25 09:03 - 2009-07-13 23:34 - 00028144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-23 14:18 - 2011-08-22 15:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-23 14:18 - 2011-08-22 15:26 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-11-23 14:15 - 2012-05-23 11:49 - 00000000 ____D () C:\ProgramData\Sophos
2014-11-23 14:14 - 2014-02-23 10:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-22 16:15 - 2014-10-17 13:26 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-11-20 22:14 - 2012-02-12 14:24 - 00000000 ____D () C:\Users\melissa\Tracing
2014-11-20 17:40 - 2014-02-28 11:28 - 00000000 ____D () C:\Program Files\Microsoft LifeCam
2014-11-20 16:32 - 2014-04-28 12:31 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-20 16:32 - 2012-05-20 07:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-20 16:08 - 2014-10-22 20:26 - 00000000 ____D () C:\PanoptoRecorder
2014-11-20 16:06 - 2011-06-29 14:52 - 00030208 _____ () C:\Users\melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-19 09:48 - 2011-08-23 09:20 - 00000000 ____D () C:\Users\melissa\AppData\Local\Deployment
2014-11-19 03:23 - 2010-11-20 16:48 - 01098044 _____ () C:\Windows\PFRO.log
2014-11-19 03:23 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-18 18:57 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-11-18 10:38 - 2012-02-19 18:10 - 00000000 ____D () C:\Users\melissa\Documents\center
2014-11-17 21:04 - 2011-10-04 15:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-17 21:03 - 2011-10-04 15:47 - 418789321 _____ () C:\Windows\MEMORY.DMP
2014-11-12 16:56 - 2011-06-27 23:23 - 00000000 ____D () C:\Users\melissa\Documents\Camtasia Studio
2014-11-12 03:42 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 03:35 - 2009-07-13 23:33 - 00333976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 03:32 - 2014-05-07 02:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 03:13 - 2011-06-24 07:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 03:10 - 2013-08-16 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-09 10:06 - 2011-12-12 10:39 - 00000000 ____D () C:\Users\melissa\Documents\Snagit
2014-11-09 08:59 - 2013-01-15 11:06 - 00000000 ____D () C:\Users\melissa\Desktop\virus software
2014-11-07 19:09 - 2014-10-17 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-07 19:09 - 2014-10-17 13:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-07 19:09 - 2014-10-17 13:25 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-06 10:04 - 2011-06-27 21:10 - 00000000 ____D () C:\Program Files\QuickTime
2014-11-06 10:01 - 2014-09-10 13:22 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-11-06 10:01 - 2011-07-08 16:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-06 09:43 - 2011-09-20 10:31 - 00002076 ____H () C:\Users\melissa\Documents\Default.rdp
2014-11-06 08:56 - 2009-07-13 23:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-03 20:25 - 2011-06-23 14:30 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Mozilla
2014-11-01 09:17 - 2012-05-21 12:31 - 00000000 ____D () C:\Users\melissa\AppData\Local\CutePDF Writer

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-18 18:50

==================== End Of Log ============================



#8 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 01 December 2014 - 10:51 AM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2014
Ran by melissa at 2014-12-01 10:50:14
Running from C:\Users\melissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHMTJ3E0
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Amazon Unbox Video (HKLM\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.1.0.126 - Amazon.com)
Amazon Unbox Video (Version: 2.1.0.126 - Amazon.com) Hidden
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{18981B42-4A58-CD2F-DDBB-E44C0D46B2EE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.1.8321 - )
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 7 (HKLM\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM\...\{0B341FFF-66F9-4B82-A73A-C2317514A30F}) (Version: 8.4.3.1793 - TechSmith Corporation)
Carbonite (HKLM\...\Carbonite Backup) (Version: 5.5.5 build 4151  (Jun-27-2014) - Carbonite)
Carbonite Mirror Image (32-bit) (Version: 5.1.13813.2115 - x86) Hidden
ccc-core-static (Version: 2010.1116.2152.39231 - ATI) Hidden
Citrix Online Launcher (HKLM\...\{75B8A55E-0762-4676-AAC0-6FDF025B034B}) (Version: 1.0.220 - Citrix)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell ControlPoint System Manager (HKLM\...\{9143F2FA-BF20-4311-8618-4CCF51B1B80C}) (Version: 1.3.00000 - Dell Inc.)
Dell Driver Download Manager (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Security Device Driver Pack (HKLM\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.055 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.5.0.1132 (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\GoToMeeting) (Version: 5.5.0.1132 - CitrixOnline)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
iCloud (HKLM\...\{AC6EE263-E4DD-4150-9014-689B1D4A3315}) (Version: 4.0.5.20 - Apple Inc.)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.2 - Intel)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Juniper Networks Network Connect 7.0.0 (HKLM\...\Juniper Network Connect 7.0.0) (Version: 7.0.0.18107 - Juniper Networks)
Juniper Networks Network Connect 7.1.0 (HKLM\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.19757 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Juniper_Setup_Client) (Version: 8.0.3.44983 - Juniper Networks)
Junos Pulse 5.0 (HKLM\...\Junos Pulse 5.0) (Version: 5.0.44983 - Juniper Networks, Inc.)
Junos Pulse Core Components (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Drivers Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Host Checker Plugin Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Tunnel Manager Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse UAC/NC Components (Version: 5.0.44983 - Juniper Networks) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Easy Assist v2 (HKLM\...\{326957C7-83FD-4550-A59A-849B7B4297DE}) (Version: 8.1.6416.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MUSHclient (remove only) (HKLM\...\MUSHclient) (Version:  - )
Netflix in Windows Media Center (HKLM\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.2.27.1  - NETGEAR Inc.)
Norton 360 (HKLM\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Norton PC Checkup (HKLM\...\Norton PC Checkup_is1) (Version: 3.0.2.122.0 - NortonLive Services)
Norton PC Checkup (HKLM\...\NortonPCCheckup) (Version: 2.0.12.27 - Symantec Corporation)
Panopto Recorder (HKLM\...\{3E2934B6-81F0-4389-994F-7DD2026D371C}) (Version: 4.6.1.14979 - Panopto)
PhotoFiltre (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\PhotoFiltre) (Version:  - )
Pidgin (HKLM\...\Pidgin) (Version: 2.8.0 - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Web Plugin (HKLM\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Snagit 10.0.1 (HKLM\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)
Snagit 11 (HKLM\...\{5EAF9FAA-C4B6-4741-81B4-74CD81759EAA}) (Version: 11.4.0 - TechSmith Corporation)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7250 - Analog Devices)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Terraria (HKLM\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
Unity Web Player (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden
VC8 CRT (Version: 8.0.50727.762 - Juniper Networks) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
WD SmartWare (HKLM\...\{CD0DC280-2489-4464-A2FC-16104676394A}) (Version: 1.1.1.6 - Western Digital)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\WinDirStat) (Version:  - )
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{11CD84A3-A5E0-43CB-B3DF-92C623C0E0E0}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{638B203F-8FB6-49ec-A139-AB8C530F0CAB}\MSPowerPoint.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{293600C7-E7B6-4f06-9329-D8522A33C7E8}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{B9E98D7E-F599-469d-95A7-0B6F86D082A0}\CamtasiaOutput.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\melissa\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{18AA4E21-D540-4a3a-9F9F-E6DE33D6F253}\MSExcel.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{56C94D6A-7370-4885-A04E-7097FE4E0BAF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{841BFDCA-6A9A-4EBC-BC7E-194AA5DCE428}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1132\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{94330D48-EB33-49BB-87F1-AD8C0352C010}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{B9E98D7E-F599-469d-95A7-0B6F86D082A0}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{B9E98D7E-F599-469d-95A7-0B6F86D082A0}\CamtasiaOutput.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

23-11-2014 19:14:58 Removed Sophos Virus Removal Tool.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2014-11-06 16:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03B7AA81-5A94-4E03-996A-08467BE4E7BB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000Core => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {07907E95-5B15-42EA-9656-63BFE7915188} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17CEEF2E-DB61-4F7E-9F17-F3A923810B78} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2B2B774E-C063-4636-8463-733B78398E1F} - \VisualBeeRecovery No Task File <==== ATTENTION
Task: {3DDC2E71-9342-4B9E-8057-ABFF7EFBEDD5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4929A922-46D8-4B20-BB25-5196D95EFE9B} - System32\Tasks\RNUpgradeHelperLogonPrompt_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {4C914393-FA7B-49B7-AC9F-CE319AC719AB} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe <==== ATTENTION
Task: {4E2FD162-2360-4C03-94ED-6337F7EB515F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {51BCD673-271D-4111-8A5B-749ABAE705C5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {568D1D1F-C133-4417-AE3F-A50E432167AB} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {5AD918D7-085A-4EFA-A3AE-5F028B7022D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {5E7ABE95-937A-4AEB-9FE9-9DDA1D014B25} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-13] (PC-Doctor, Inc.)
Task: {68A42B6F-55B6-42D5-BFAE-384FF690E36A} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {821F1F8C-C9AF-4BD2-9326-B47C3F54698A} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {88013348-0443-4C93-967F-8AA0AF033708} - System32\Tasks\{BD63C39B-5785-4B44-A13B-DF89A3573BD4} => C:\Windows.old\Program Files\simplemu\SimpleMU.exe
Task: {A561337E-2B14-4790-B706-E8B3AB0E7BD7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A953599E-398F-4631-A924-9391B4044069} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {B14C0D69-0FE5-4AEE-BCB9-4DEB2F6CA2FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {B30EA5EE-48A7-4324-BAD8-C26979A8F277} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2014-10-17] (Apple Inc.)
Task: {BB018226-35A2-48CD-8FE4-FD27584ECE5E} - System32\Tasks\RNUpgradeHelperResumePrompt_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {C7BE69A6-B2F6-403C-B5D5-AF1EAE3C23C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000UA => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {CAE52941-C923-4AF5-9CC6-1414920E4D22} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {CE5831C3-9D80-4DF1-9487-3DE6EDE1624C} - System32\Tasks\TechSmith Updater => C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {D0288158-18D5-43F9-8CE9-D8377F6D3E48} - System32\Tasks\{9E965F4D-A0C0-42F6-8D95-AB51532AAE46} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {D974D8E7-510F-4CC3-A124-DB014CAB8AB6} - System32\Tasks\ReclaimerUpdateFiles_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {E0926B6E-57B2-41EE-9DAC-4730236B2C0D} - System32\Tasks\ReclaimerUpdateXML_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {E25AC75D-DDD6-43EC-8DE8-61523EDEC5B7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EC80C659-0B0A-42C3-BC5A-B6BB1AD8C003} - System32\Tasks\{F9EC9D0D-A938-46C9-93D7-3BB764D93FDB} => C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000Core.job => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000UA.job => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_melissa.job => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_melissa.job => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_melissa.job => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2012-04-17 10:27 - 2012-03-11 13:55 - 00088656 _____ () C:\Windows\System32\cpwmon2k.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-14 12:45 - 2011-02-14 12:45 - 02248704 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\QtCore4.dll
2011-02-14 12:45 - 2011-02-14 12:45 - 00969728 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\QtNetwork4.dll
2011-02-14 12:45 - 2011-02-14 12:45 - 00611328 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\QtSql4.dll
2009-11-14 20:12 - 2009-11-14 20:12 - 00062464 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\ZLIB1.dll
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-09-13 10:48 - 2010-09-13 10:48 - 00097384 ____R () C:\Program Files\Amazon\Amazon Unbox Video\LimelightDownloadManager.dll
2011-06-24 10:23 - 2010-05-21 12:14 - 00077824 _____ () C:\Program Files\Common Files\Intel\Privacy Icon\UNS\DTMessageLib.dll
2012-11-29 21:06 - 2012-11-29 21:06 - 01263512 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2012-11-29 21:07 - 2012-11-29 21:07 - 00100248 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-21 12:47 - 2014-09-05 19:54 - 06281536 _____ () C:\Users\melissa\AppData\Local\Amazon Music\Amazon Music Helper.exe
2009-08-19 15:49 - 2009-08-19 15:49 - 00049152 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
2009-07-29 15:24 - 2009-07-29 15:24 - 00504293 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL
2012-09-18 15:27 - 2011-02-11 14:19 - 02760192 _____ () C:\ProgramData\Boxtools\Toolbox.exe
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-12-18 10:48 - 2013-12-18 10:48 - 01298432 ____R () C:\Program Files\TechSmith\Snagit 11\PDFLib.dll
2013-12-18 10:50 - 2013-12-18 10:50 - 00128512 _____ () C:\Program Files\TechSmith\Snagit 11\VideoRecording.dll
2013-12-18 10:50 - 2013-12-18 10:50 - 00110592 _____ () C:\Program Files\TechSmith\Snagit 11\SDKRecorder.dll
2014-11-18 20:40 - 2014-11-14 16:15 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.65\pdf.dll
2014-11-18 20:40 - 2014-11-14 16:15 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
2014-10-22 21:55 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\melissa\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-10-22 21:55 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\melissa\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00582656 _____ () C:\Program Files\Pidgin\exchndl.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00904525 _____ () C:\Program Files\Pidgin\Gtk\bin\libcairo-2.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00279059 _____ () C:\Program Files\Pidgin\Gtk\bin\libfontconfig-1.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00143096 _____ () C:\Program Files\Pidgin\Gtk\bin\libexpat-1.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00535264 _____ () C:\Program Files\Pidgin\Gtk\bin\freetype6.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00219305 _____ () C:\Program Files\Pidgin\Gtk\bin\libpng14-14.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00055808 _____ () C:\Program Files\Pidgin\Gtk\bin\zlib1.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00482872 _____ () C:\Program Files\Pidgin\Gtk\bin\libgio-2.0-0.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00095189 _____ () C:\Program Files\Pidgin\Gtk\bin\libpangocairo-1.0-0.dll
2011-06-07 19:09 - 2011-06-07 19:09 - 01213633 _____ () C:\Program Files\Pidgin\libxml2-2.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00475580 _____ () C:\Program Files\Pidgin\spellcheck\libgtkspell-0.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00013426 _____ () C:\Program Files\Pidgin\plugins\autoaccept.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00006751 _____ () C:\Program Files\Pidgin\plugins\buddynote.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00017910 _____ () C:\Program Files\Pidgin\plugins\convcolors.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00009712 _____ () C:\Program Files\Pidgin\plugins\extplacement.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00007645 _____ () C:\Program Files\Pidgin\plugins\gtkbuddynote.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00012380 _____ () C:\Program Files\Pidgin\plugins\history.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00006875 _____ () C:\Program Files\Pidgin\plugins\iconaway.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00011517 _____ () C:\Program Files\Pidgin\plugins\idle.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00011029 _____ () C:\Program Files\Pidgin\plugins\joinpart.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00009084 _____ () C:\Program Files\Pidgin\plugins\libaim.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00250805 _____ () C:\Program Files\Pidgin\liboscar.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00070345 _____ () C:\Program Files\Pidgin\plugins\libbonjour.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00181106 _____ () C:\Program Files\Pidgin\plugins\libgg.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00010015 _____ () C:\Program Files\Pidgin\plugins\libicq.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00074522 _____ () C:\Program Files\Pidgin\plugins\libirc.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00288341 _____ () C:\Program Files\Pidgin\plugins\libmsn.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00118301 _____ () C:\Program Files\Pidgin\plugins\libmxit.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00086376 _____ () C:\Program Files\Pidgin\plugins\libmyspace.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00087918 _____ () C:\Program Files\Pidgin\plugins\libnovell.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00212145 _____ () C:\Program Files\Pidgin\plugins\libqq.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00093250 _____ () C:\Program Files\Pidgin\plugins\libsametime.dll
2011-06-07 19:09 - 2011-06-07 19:09 - 00173805 _____ () C:\Program Files\Pidgin\libmeanwhile-1.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00147158 _____ () C:\Program Files\Pidgin\plugins\libsilc.dll
2011-06-07 19:09 - 2011-06-07 19:09 - 02719062 _____ () C:\Program Files\Pidgin\libsilc-1-1-2.dll
2011-06-07 19:09 - 2011-06-07 19:09 - 01206642 _____ () C:\Program Files\Pidgin\libsilcclient-1-1-2.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00043176 _____ () C:\Program Files\Pidgin\plugins\libsimple.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00016371 _____ () C:\Program Files\Pidgin\plugins\libxmpp.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00325110 _____ () C:\Program Files\Pidgin\libjabber.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00016330 _____ () C:\Program Files\Pidgin\plugins\libyahoo.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00190214 _____ () C:\Program Files\Pidgin\libymsg.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00013291 _____ () C:\Program Files\Pidgin\plugins\libyahoojp.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00038873 _____ () C:\Program Files\Pidgin\plugins\log_reader.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00014269 _____ () C:\Program Files\Pidgin\plugins\markerline.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00006954 _____ () C:\Program Files\Pidgin\plugins\newline.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00021699 _____ () C:\Program Files\Pidgin\plugins\notify.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00010521 _____ () C:\Program Files\Pidgin\plugins\offlinemsg.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00022242 _____ () C:\Program Files\Pidgin\plugins\pidginrc.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00008878 _____ () C:\Program Files\Pidgin\plugins\psychic.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00008927 _____ () C:\Program Files\Pidgin\plugins\relnot.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00009055 _____ () C:\Program Files\Pidgin\plugins\sendbutton.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00061569 _____ () C:\Program Files\Pidgin\plugins\spellchk.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00018706 _____ () C:\Program Files\Pidgin\plugins\ssl-nss.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00006526 _____ () C:\Program Files\Pidgin\plugins\ssl.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00009476 _____ () C:\Program Files\Pidgin\plugins\statenotify.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00023339 _____ () C:\Program Files\Pidgin\plugins\themeedit.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00022446 _____ () C:\Program Files\Pidgin\plugins\ticker.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00012953 _____ () C:\Program Files\Pidgin\plugins\timestamp.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00016291 _____ () C:\Program Files\Pidgin\plugins\timestamp_format.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00021753 _____ () C:\Program Files\Pidgin\plugins\win2ktrans.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00021709 _____ () C:\Program Files\Pidgin\plugins\winprefs.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00029185 _____ () C:\Program Files\Pidgin\plugins\xmppconsole.dll
2011-06-07 19:10 - 2011-06-07 19:10 - 00033896 _____ () C:\Program Files\Pidgin\plugins\xmppdisco.dll
2011-06-07 19:09 - 2011-06-07 19:09 - 00417501 _____ () C:\Program Files\Pidgin\sqlite3.dll
2011-06-23 14:32 - 2011-06-23 14:32 - 00090496 _____ () C:\Program Files\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:5D3085D0

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2271823407-3231534759-3299175636-500 - Administrator - Disabled)
Barracudacool (S-1-5-21-2271823407-3231534759-3299175636-1004 - Administrator - Enabled) => C:\Users\Barracudacool
Guest (S-1-5-21-2271823407-3231534759-3299175636-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2271823407-3231534759-3299175636-1002 - Limited - Enabled)
melissa (S-1-5-21-2271823407-3231534759-3299175636-1000 - Administrator - Enabled) => C:\Users\melissa

==================== Faulty Device Manager Devices =============

Name: USB Cable Modem
Description: USB Cable Modem
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: MpKsl5af12555
Description: MpKsl5af12555
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl5af12555
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: MpKsl8a534c45
Description: MpKsl8a534c45
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl8a534c45
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: MpKsla2c03bb3
Description: MpKsla2c03bb3
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsla2c03bb3
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: MpKslb291d7a4
Description: MpKslb291d7a4
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKslb291d7a4
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2014 00:52:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7863

Error: (11/29/2014 00:52:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7863

Error: (11/29/2014 00:52:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 00:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6864

Error: (11/29/2014 00:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6864

Error: (11/29/2014 00:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 00:52:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5850

Error: (11/29/2014 00:52:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5850

Error: (11/29/2014 00:52:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 00:52:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1061

System errors:
=============
Error: (11/26/2014 09:48:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (11/25/2014 05:41:28 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.

Error: (11/25/2014 05:41:27 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.

Error: (11/25/2014 05:41:27 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.

Error: (11/25/2014 05:41:26 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.

Error: (11/25/2014 10:13:48 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/25/2014 10:13:47 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/25/2014 10:13:47 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/25/2014 10:13:46 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/25/2014 10:13:46 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Microsoft Office Sessions:
=========================
Error: (11/29/2014 00:52:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7863

Error: (11/29/2014 00:52:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7863

Error: (11/29/2014 00:52:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 00:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6864

Error: (11/29/2014 00:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6864

Error: (11/29/2014 00:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 00:52:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5850

Error: (11/29/2014 00:52:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5850

Error: (11/29/2014 00:52:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2014 00:52:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1061

CodeIntegrity Errors:
===================================
  Date: 2011-10-07 21:38:24.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 19:17:28.187
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 19:04:13.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 15:23:14.973
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 15:16:55.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 15:01:37.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 14:40:54.358
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 12:07:25.196
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 11:57:08.015
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-10-07 10:58:09.499
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E8500 @ 3.16GHz
Percentage of memory in use: 71%
Total physical RAM: 3581.59 MB
Available physical RAM: 1017.54 MB
Total Pagefile: 7177.48 MB
Available Pagefile: 2143.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.64 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:148.89 GB) (Free:19.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: A42D04A3)
Partition 1: (Not Active) - (Size=110 MB) - (Type=DE)
Partition 2: (Active) - (Size=148.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#9 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:56 AM

Posted 02 December 2014 - 06:03 AM

Hi,

 

Excellent. Now let's get to work!

 

First of all, regarding Norton, I have worked with people where it has caused more problems than even some malware has. Since it's already giving you trouble, I'm going to have you remove it entirely and use avast! as your antivirus program instead.

 

Download the Norton removal tool from here, and save it to your desktop. Double click the file to run it, and follow the instructions to remove Norton.

 

Next, download avast! from here, and save it to your desktop. Double click the installer to run it, and follow the prompts to install avast! However, feel free to decline any offers for third-party programs.

 

Farbar Recovery Scan Tool

Next, I need you to run a fix with FRST. I see you ran it from your browser instead of downloading it to get the logs; this will not work with fixing. With Norton gone, you should have no trouble downloading it now. As such, please download and save FRST to your desktop before proceeding with these steps. :)

  • Open up Notepad, and copy and paste the text in the following box into the Notepad text field:
    C:\Windows\ERUNT.exe
    HKLM\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
    HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 0
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKLM -> DefaultScope value is missing.
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0B0CtAtDyD0B0DtB0EtDyBtAyD0E0CyEtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1940262911&ir=", "hxxp://www.google.com"
    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2014-01-27] ()
    S3 catchme; \??\C:\Users\melissa\AppData\Local\Temp\catchme.sys [X]
    S0 IFP700; system32\drivers\ifp700.sys [X]
    S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
    S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
    S1 MpKsl5af12555; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsl5af12555.sys [X]
    S1 MpKsl8a534c45; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsl8a534c45.sys [X]
    S1 MpKsla2c03bb3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsla2c03bb3.sys [X]
    S1 MpKslb291d7a4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKslb291d7a4.sys [X]
    S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
    S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
    S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
    S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
    U3 mbr; \??\C:\Users\melissa\AppData\Local\Temp\mbr.sys [X]
    C:\Users\melissa\AppData\Local\{1BE86C84-7286-4EBA-A542-17C4D04413B1}
    C:\Users\melissa\Downloads\Sophos Virus Removal Tool.exe
    C:\Users\melissa\Downloads\Windows-KB890830-V5.18 (1).exe
    C:\Users\melissa\Downloads\MicrosoftInstaller.exe
    C:\Users\melissa\Downloads\Windows-KB890830-V5.18.exe
    C:\Users\melissa\Downloads\MGADiag (1).exe
    C:\Users\melissa\Downloads\MGADiag.exe
    C:\Users\melissa\Downloads\ccsetup419.exe
    C:\Users\melissa\AppData\Local\{9A845C78-96A6-46DE-B426-F5EC5D61BC21}
    C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
    C:\Users\melissa\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.133849555798264.1.1.Run.exe
    C:\Users\melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
    Task: {2B2B774E-C063-4636-8463-733B78398E1F} - \VisualBeeRecovery No Task File <==== ATTENTION
    Task: {4C914393-FA7B-49B7-AC9F-CE319AC719AB} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe <==== ATTENTION
    Task: {568D1D1F-C133-4417-AE3F-A50E432167AB} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    C:\ProgramData\Boxtools
    C:\ProgramData\TEMP
    C:\Windows\System32\Drivers\fsbts.sys
    C:\Program Files\pcreg
    C:\Program Files\Lavasoft
    C:\ProgramData\Spybot - Search & Destroy
    C:\Program Files\Spybot - Search & Destroy
    C:\ProgramData\Sophos
  • Save it to the same location as FRST as fixlist.txt.
  • Open up FRST, and click the Fix button. If it asks you to reboot in order to complete the fix, please do so.
  • Once it's done fixing things, it will create Fixlog.txt in the same folder. Please copy and paste it into your reply.

Uninstall Programs

I need you to uninstall some programs using either Programs and Features or Revo Uninstaller.

 

Before that, though, I must ask if you use any of the following programs. They are all legitimate, but unless you need them, you should get rid of them:

 

Adobe AIR

Adobe Download Assistant

Adobe Reader XI (11.0.06)

Avidemux 2.6 (32-bit)

Java 7 Update 67 (even if you do use this, please uninstall it anyway; I will have you install the updated version later)

JavaFX 2.1.0

Windows Live Messenger (Microsoft stopped supporting this awhile ago; since you have Skype and Pidgin, there's no reason for you to have it)

If you want to use Programs and Features:

  • Go to Start > Control Panel > Programs and Features.
  • Once it loads all the programs, uninstall the following, if present, one at a time:
    Adobe AIR

    Adobe Download Assistant

    Adobe Reader XI (11.0.06)

    Avidemux 2.6 (32-bit)

    HiJackThis

    Java 7 Update 67

    JavaFX 2.1.0

    Windows Live Messenger
    by clicking Change/Remove, and following the prompts in the uninstaller.

If you have any problems uninstalling a program using Programs and Features, proceed to the below method.

If you want to use Revo Uninstaller (which cleans up a bit better):

  • Download Revo from here, and save it to your desktop.
  • Double click the installer on your desktop, and let the program install.
  • Once it's done, double click the Revo Uninstaller shortcut on your desktop to run it. Once it loads all the programs, uninstall the following, if present, one at a time:
    Adobe AIR

    Adobe Download Assistant

    Adobe Reader XI (11.0.06)

    Avidemux 2.6 (32-bit)

    HiJackThis

    Java 7 Update 67

    JavaFX 2.1.0

    Windows Live Messenger

  • Double click the program, and say Yes on the prompt. Ensure the Moderate option is ticked, and click Next.
  • Follow the prompts in the built-in uninstaller, and then click Next in Revo.
  • If any registry remnants are found, check the bold items only. If there is a closed folder visible, click the + to expand it until you find the bold item. Then Delete the remnants.
  • Proceed again, and if any files/folders were found, delete those, too.

CHKDSK

 

Now then, there are errors in your logs that suggest your file system might be damaged. With that in mind, I need you to run a scan with CHKDSK to find any possible issues.

  • Go to Start > All Programs > Accessories, and right click Command Prompt, and select Run as administrator.
  • In the Command Prompt that opens, type chkdsk c: /r and hit enter. When CHKDSK prompts you whether to run at the next reboot or not, type in y and hit enter.
  • Reboot your computer, and allow CHKDSK to run. Once it's finished, your PC will reboot normally.
  • Once you're logged in, hold down the Windows key and hit R. Type in eventvwr and hit enter.
  • In the Event Viewer, expand Windows Logs and click Application. Click Source above the list to sort the entries by name.
  • Scroll through the list until you find any entry with a source of Wininit. Click on any present until you find the one that contains the CHKDSK information (it will be the text you saw on the screen while CHKDSK was running).
  • Right click the CHKDSK event in the list of events, hover over Copy and click Copy Details as Text. Then paste it into your reply.

Lastly, please rerun a scan with FRST so that I can get a fresh look. This time, only one log will be made; please copy and paste it into your reply. :)

 

Also, let me know how your PC's running.

 

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#10 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 02 December 2014 - 09:44 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-12-2014
Ran by melissa at 2014-12-02 09:39:44 Run:1
Running from C:\Users\melissa\Desktop
Loaded Profile: melissa (Available profiles: melissa & Barracudacool)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
C:\Windows\ERUNT.exe
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0B0CtAtDyD0B0DtB0EtDyBtAyD0E0CyEtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1940262911&ir=", "hxxp://www.google.com"
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2014-01-27] ()
S3 catchme; \??\C:\Users\melissa\AppData\Local\Temp\catchme.sys [X]
S0 IFP700; system32\drivers\ifp700.sys [X]
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S1 MpKsl5af12555; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsl5af12555.sys [X]
S1 MpKsl8a534c45; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsl8a534c45.sys [X]
S1 MpKsla2c03bb3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKsla2c03bb3.sys [X]
S1 MpKslb291d7a4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03CA4FA3-5657-4DC4-9033-18F6A6C9C972}\MpKslb291d7a4.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
U3 mbr; \??\C:\Users\melissa\AppData\Local\Temp\mbr.sys [X]
C:\Users\melissa\AppData\Local\{1BE86C84-7286-4EBA-A542-17C4D04413B1}
C:\Users\melissa\Downloads\Sophos Virus Removal Tool.exe
C:\Users\melissa\Downloads\Windows-KB890830-V5.18 (1).exe
C:\Users\melissa\Downloads\MicrosoftInstaller.exe
C:\Users\melissa\Downloads\Windows-KB890830-V5.18.exe
C:\Users\melissa\Downloads\MGADiag (1).exe
C:\Users\melissa\Downloads\MGADiag.exe
C:\Users\melissa\Downloads\ccsetup419.exe
C:\Users\melissa\AppData\Local\{9A845C78-96A6-46DE-B426-F5EC5D61BC21}
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
C:\Users\melissa\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.133849555798264.1.1.Run.exe
C:\Users\melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {2B2B774E-C063-4636-8463-733B78398E1F} - \VisualBeeRecovery No Task File <==== ATTENTION
Task: {4C914393-FA7B-49B7-AC9F-CE319AC719AB} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe <==== ATTENTION
Task: {568D1D1F-C133-4417-AE3F-A50E432167AB} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
C:\ProgramData\Boxtools
C:\ProgramData\TEMP
C:\Windows\System32\Drivers\fsbts.sys
C:\Program Files\pcreg
C:\Program Files\Lavasoft
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files\Spybot - Search & Destroy
C:\ProgramData\Sophos
*****************
 
"C:\Windows\ERUNT.exe" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Boxoft Tools => value deleted successfully.
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found.
"HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
fsbts => Service stopped successfully.
fsbts => Service deleted successfully.
catchme => Service deleted successfully.
IFP700 => Service deleted successfully.
JNPRNA => Service deleted successfully.
Lavasoft Kernexplorer => Service deleted successfully.
MpKsl5af12555 => Service deleted successfully.
MpKsl8a534c45 => Service deleted successfully.
MpKsla2c03bb3 => Service deleted successfully.
MpKslb291d7a4 => Service deleted successfully.
PCDSRVC{E9D79540-57D5953E-06020101}_0 => Service deleted successfully.
TfFsMon => Service deleted successfully.
TfNetMon => Service deleted successfully.
TfSysMon => Service deleted successfully.
mbr => Service not found.
C:\Users\melissa\AppData\Local\{1BE86C84-7286-4EBA-A542-17C4D04413B1} => Moved successfully.
C:\Users\melissa\Downloads\Sophos Virus Removal Tool.exe => Moved successfully.
C:\Users\melissa\Downloads\Windows-KB890830-V5.18 (1).exe => Moved successfully.
C:\Users\melissa\Downloads\MicrosoftInstaller.exe => Moved successfully.
C:\Users\melissa\Downloads\Windows-KB890830-V5.18.exe => Moved successfully.
C:\Users\melissa\Downloads\MGADiag (1).exe => Moved successfully.
C:\Users\melissa\Downloads\MGADiag.exe => Moved successfully.
C:\Users\melissa\Downloads\ccsetup419.exe => Moved successfully.
C:\Users\melissa\AppData\Local\{9A845C78-96A6-46DE-B426-F5EC5D61BC21} => Moved successfully.
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB => Moved successfully.
C:\Users\melissa\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.133849555798264.1.1.Run.exe => Moved successfully.
C:\Users\melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 => Moved successfully.
"HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => Key deleted successfully.
"HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2B2B774E-C063-4636-8463-733B78398E1F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B2B774E-C063-4636-8463-733B78398E1F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VisualBeeRecovery" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C914393-FA7B-49B7-AC9F-CE319AC719AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C914393-FA7B-49B7-AC9F-CE319AC719AB}" => Key deleted successfully.
C:\Windows\System32\Tasks\pcreg => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pcreg" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{568D1D1F-C133-4417-AE3F-A50E432167AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568D1D1F-C133-4417-AE3F-A50E432167AB}" => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)" => Key deleted successfully.
 
"C:\ProgramData\Boxtools" directory move:
 
C:\ProgramData\Boxtools\apdfproduction.dat => Moved successfully.
C:\ProgramData\Boxtools\autorun.txt => Moved successfully.
C:\ProgramData\Boxtools\Boxofttoolbox.exe => Moved successfully.
C:\ProgramData\Boxtools\config.txt => Moved successfully.
C:\ProgramData\Boxtools\midas.dll => Moved successfully.
C:\ProgramData\Boxtools\News.txt => Moved successfully.
C:\ProgramData\Boxtools\PCTools.exe => Moved successfully.
C:\ProgramData\Boxtools\pctoolsversion.txt => Moved successfully.
C:\ProgramData\Boxtools\Progress.gif => Moved successfully.
C:\ProgramData\Boxtools\Serverupdate.txt => Moved successfully.
C:\ProgramData\Boxtools\ServerWeb.txt => Moved successfully.
C:\ProgramData\Boxtools\Toolbox.exe => Moved successfully.
C:\ProgramData\Boxtools\Uninstall.exe => Moved successfully.
C:\ProgramData\Boxtools\Update.txt => Moved successfully.
C:\ProgramData\Boxtools\Version.txt => Moved successfully.
Could not move "C:\ProgramData\Boxtools" directory. => Scheduled to move on reboot.
 
C:\ProgramData\TEMP => Moved successfully.
C:\Windows\System32\Drivers\fsbts.sys => Moved successfully.
"C:\Program Files\pcreg" => File/Directory not found.
"C:\Program Files\Lavasoft" => File/Directory not found.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files\Spybot - Search & Destroy => Moved successfully.
C:\ProgramData\Sophos => Moved successfully.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-02 09:41:59)<=
 
C:\ProgramData\Boxtools => Is moved successfully.
 
==== End of Fixlog ====


#11 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 02 December 2014 - 12:23 PM

All programs deleted in your list except for Adobe Reader which I do use.
 
Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          12/2/2014 11:26:09 AM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      melissa-PC
Description:
 
 
Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.
 
A disk check has been scheduled.
Windows will now check the disk.                         
 
CHKDSK is verifying files (stage 1 of 5)...
  203776 file records processed.                                         
 
File verification completed.
  1582 large file records processed.                                   
 
  0 bad file records processed.                                     
 
  0 EA records processed.                                           
 
  61 reparse records processed.                                      
 
CHKDSK is verifying indexes (stage 2 of 5)...
  247726 index entries processed.                                        
 
Index verification completed.
  0 unindexed files scanned.                                        
 
  0 unindexed files recovered.                                      
 
CHKDSK is verifying security descriptors (stage 3 of 5)...
  203776 file SDs/SIDs processed.                                        
 
Cleaning up 1650 unused index entries from index $SII of file 0x9.
Cleaning up 1650 unused index entries from index $SDH of file 0x9.
Cleaning up 1650 unused security descriptors.
Security descriptor verification completed.
  21976 data files processed.                                           
 
CHKDSK is verifying Usn Journal...
  33845432 USN bytes processed.                                            
 
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  203760 files processed.                                                
 
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  5418942 free clusters processed.                                        
 
Free space verification is complete.
Windows has checked the file system and found no problems.
 
 156127702 KB total disk space.
 134060384 KB in 118745 files.
     77592 KB in 21977 indexes.
         0 KB in bad sectors.
    313958 KB in use by the system.
     65536 KB occupied by the log file.
  21675768 KB available on disk.
 
      4096 bytes in each allocation unit.
  39031925 total allocation units on disk.
   5418942 allocation units available on disk.
 
Internal Info:
00 1c 03 00 bd 25 02 00 4b be 03 00 00 00 00 00  .....%..K.......
5d 41 00 00 3d 00 00 00 00 00 00 00 00 00 00 00  ]A..=...........
70 8e 38 00 50 01 37 00 68 1c 37 00 00 00 37 00  p.8.P.7.h.7...7.
 
Windows has finished checking your disk.
Please wait while your computer restarts.
 
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-12-02T16:26:09.000000000Z" />
    <EventRecordID>92991</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>melissa-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>
 
Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.
 
A disk check has been scheduled.
Windows will now check the disk.                         
 
CHKDSK is verifying files (stage 1 of 5)...
  203776 file records processed.                                         
 
File verification completed.
  1582 large file records processed.                                   
 
  0 bad file records processed.                                     
 
  0 EA records processed.                                           
 
  61 reparse records processed.                                      
 
CHKDSK is verifying indexes (stage 2 of 5)...
  247726 index entries processed.                                        
 
Index verification completed.
  0 unindexed files scanned.                                        
 
  0 unindexed files recovered.                                      
 
CHKDSK is verifying security descriptors (stage 3 of 5)...
  203776 file SDs/SIDs processed.                                        
 
Cleaning up 1650 unused index entries from index $SII of file 0x9.
Cleaning up 1650 unused index entries from index $SDH of file 0x9.
Cleaning up 1650 unused security descriptors.
Security descriptor verification completed.
  21976 data files processed.                                           
 
CHKDSK is verifying Usn Journal...
  33845432 USN bytes processed.                                            
 
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  203760 files processed.                                                
 
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  5418942 free clusters processed.                                        
 
Free space verification is complete.
Windows has checked the file system and found no problems.
 
 156127702 KB total disk space.
 134060384 KB in 118745 files.
     77592 KB in 21977 indexes.
         0 KB in bad sectors.
    313958 KB in use by the system.
     65536 KB occupied by the log file.
  21675768 KB available on disk.
 
      4096 bytes in each allocation unit.
  39031925 total allocation units on disk.
   5418942 allocation units available on disk.
 
Internal Info:
00 1c 03 00 bd 25 02 00 4b be 03 00 00 00 00 00  .....%..K.......
5d 41 00 00 3d 00 00 00 00 00 00 00 00 00 00 00  ]A..=...........
70 8e 38 00 50 01 37 00 68 1c 37 00 00 00 37 00  p.8.P.7.h.7...7.
 
Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>

Edited by barracudacool, 02 December 2014 - 12:24 PM.


#12 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 02 December 2014 - 12:29 PM

Computer is running a bit faster. Mysearch is still loading on reboot. frst ran two logs again. Here they are.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2014
Ran by melissa (administrator) on MELISSA-PC on 02-12-2014 12:25:47
Running from C:\Users\melissa\Desktop
Loaded Profile: melissa (Available profiles: melissa & Barracudacool)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(Panopto, Inc) C:\Program Files\Panopto\Recorder\Recorder.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Amazon.com) C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JamUI\Pulse.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\melissa\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dell) C:\Users\melissa\AppData\Local\Apps\2.0\LCT0Y6J3.X2L\483HPNOC.6WP\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Western Digital) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\melissa\Desktop\FRST (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-04-23] (Analog Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-29] ()
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-13] (RealNetworks, Inc.)
HKLM\...\Run: [JunosPulse] => C:\Program Files\Common Files\Juniper Networks\JamUI\Pulse.exe [2522672 2014-04-09] (Juniper Networks, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Carbonite Backup] => C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-02] (AVAST Software)
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [DellSystemDetect] => C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [Amazon Music] => C:\Users\melissa\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-05] ()
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6697752 2014-11-13] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {77D7D41D-B005-44D9-AF2A-DE1C02DF34D7} https://prod.isis.jhu.edu/controls/MaskedNumEdit.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D99AE1E0-2D93-4380-B349-2EED26FB8B8C}: [NameServer] 10.200.1.1,10.200.2.2
 
FireFox:
========
FF ProfilePath: C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\olztzvtx.default
FF DefaultSearchEngine: Bing 
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.4.1 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @citrixonline.com/appdetectorplugin -> C:\Users\melissa\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\melissa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @talk.google.com/O1DPlugin -> C:\Users\melissa\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @tools.google.com/Google Update;version=3 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @tools.google.com/Google Update;version=9 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2271823407-3231534759-3299175636-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\melissa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\melissa\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\melissa\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\olztzvtx.default\searchplugins\bingp.xml
FF Extension: iCloud Bookmarks - C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\olztzvtx.default\Extensions\firefoxdav@icloud.com [2014-11-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-28]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-13]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-02]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0B0CtAtDyD0B0DtB0EtDyBtAyD0E0CyEtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1940262911&ir=", "hxxp://www.google.com"
CHR Profile: C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (Adblock Plus) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-14]
CHR Extension: (Avast Online Security) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-02]
CHR Extension: (Norton Identity Safe) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-15]
CHR Extension: (Skype Click to Call) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-02]
CHR Extension: (Google Wallet) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 ADVService; C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2010-09-13] (Amazon.com) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Carbonite-Mirror-Image-Svc; C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe [4143168 2013-04-18] (Carbonite, Inc.)
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [5058256 2014-06-27] (Carbonite, Inc. (www.carbonite.com))
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [382752 2009-07-16] (Dell Inc.)
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [670792 2011-11-14] (Juniper Networks)
R2 JuniperAccessService; C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe [159280 2014-04-08] (Juniper Networks, Inc.)
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR)
R2 Norton PC Checkup Application Launcher; C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-24] (Symantec Corporation)
R2 PanoptoRecorderService; C:\Program Files\Panopto\Recorder\Recorder.exe [827712 2014-05-30] (Panopto, Inc)
R2 PCCUJobMgr; C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe [126392 2011-05-03] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2071064 2010-05-21] (Intel Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-02] ()
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2010-06-06] (Avanquest Software) [File not signed]
R3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [26624 2011-11-14] (Juniper Networks)
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [412464 2014-03-13] (Juniper Networks)
S4 jnprTdi_803_44983; C:\Windows\system32\Drivers\jnprTdi_803_44983.sys [92984 2014-04-09] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [24952 2013-08-14] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [36776 2013-08-14] (Juniper Networks, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-22] (Malwarebytes Corporation)
S3 netrcacm; C:\Windows\System32\DRIVERS\netrcacm.sys [20648 2003-01-20] (Thomson Inc.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2013-05-23] (CACE Technologies, Inc.)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-02 12:25 - 2014-12-02 12:26 - 00025000 _____ () C:\Users\melissa\Desktop\FRST.txt
2014-12-02 12:18 - 2014-12-02 12:18 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Dropbox
2014-12-02 10:01 - 2014-12-02 09:24 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-02 09:58 - 2012-04-04 17:47 - 00772504 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2014-12-02 09:58 - 2012-04-04 17:47 - 00687504 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2014-12-02 09:28 - 2014-12-02 09:28 - 00045076 _____ () C:\Users\melissa\Downloads\Addition.txt
2014-12-02 09:27 - 2014-12-02 09:28 - 00048027 _____ () C:\Users\melissa\Downloads\FRST.txt
2014-12-02 09:26 - 2014-12-02 09:26 - 01109504 _____ (Farbar) C:\Users\melissa\Desktop\FRST (1).exe
2014-12-02 09:25 - 2014-12-02 10:01 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-02 09:25 - 2014-12-02 10:01 - 00002123 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-02 09:25 - 2014-12-02 09:25 - 05006864 _____ (AVAST Software) C:\Users\melissa\Downloads\avast_free_antivirus_setup_online (1).exe
2014-12-02 09:25 - 2014-12-02 09:25 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\AVAST Software
2014-12-02 09:25 - 2014-12-02 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-02 09:25 - 2014-12-02 09:25 - 00000000 ____D () C:\ProgramData\Google
2014-12-02 09:25 - 2014-12-02 09:24 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-02 09:25 - 2014-12-02 09:24 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-02 09:25 - 2014-12-02 09:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-02 09:25 - 2014-12-02 09:24 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-02 09:25 - 2014-12-02 09:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-02 09:25 - 2014-12-02 09:24 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-02 09:24 - 2014-12-02 10:01 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-02 09:24 - 2014-12-02 09:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-02 09:24 - 2014-12-02 09:24 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-02 09:23 - 2014-12-02 09:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-02 09:22 - 2014-12-02 09:22 - 05006864 _____ (AVAST Software) C:\Users\melissa\Downloads\avast_free_antivirus_setup_online.exe
2014-12-02 09:22 - 2014-12-02 09:22 - 00001698 _____ () C:\Users\melissa\Desktop\avast_free_antivirus_setup_online.exe - Shortcut.lnk
2014-12-02 09:01 - 2014-12-02 09:01 - 00896048 _____ () C:\Users\melissa\Downloads\Norton_Removal_Tool.exe
2014-12-01 10:45 - 2014-12-02 12:25 - 00000000 ____D () C:\FRST
2014-12-01 10:31 - 2014-12-01 10:31 - 01109504 _____ (Farbar) C:\Users\melissa\Downloads\frst.exe
2014-11-26 10:04 - 2014-11-26 10:04 - 00001967 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-11-26 10:04 - 2014-11-26 10:04 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-11-26 10:04 - 2014-11-26 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-26 10:02 - 2014-11-26 10:02 - 20498024 _____ (SUPERAntiSpyware) C:\Users\melissa\Downloads\SUPERAntiSpyware.exe
2014-11-23 14:13 - 2014-11-23 14:21 - 00025085 _____ () C:\Users\melissa\Desktop\dds.txt
2014-11-23 14:13 - 2014-11-23 14:21 - 00014752 _____ () C:\Users\melissa\Desktop\attach.txt
2014-11-23 14:11 - 2014-11-23 14:11 - 00688992 ____R (Swearware) C:\Users\melissa\Downloads\dds.com
2014-11-20 15:25 - 2014-11-20 15:25 - 01436797 _____ () C:\Users\melissa\Downloads\memory_revised_2014.docx.pptx
2014-11-18 20:41 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 20:41 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-17 21:04 - 2014-11-17 21:04 - 00483712 _____ () C:\Windows\Minidump\111714-65707-01.dmp
2014-11-14 13:29 - 2014-12-02 12:08 - 00000384 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_melissa.job
2014-11-14 13:29 - 2014-12-02 09:48 - 00000374 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_melissa.job
2014-11-14 13:29 - 2014-12-01 10:27 - 00000378 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_melissa.job
2014-11-12 15:59 - 2014-11-12 15:59 - 00000000 __SHD () C:\Users\melissa\AppData\Local\EmieBrowserModeList
2014-11-11 18:50 - 2014-11-05 12:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 18:50 - 2014-11-05 12:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 18:50 - 2014-11-05 12:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 18:50 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 18:50 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 18:50 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 18:50 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 18:50 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 18:50 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 18:49 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 18:49 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 18:49 - 2014-11-05 22:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 18:49 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 18:49 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 18:49 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 18:49 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 18:49 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 18:49 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 18:49 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 18:49 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 18:49 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 18:49 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 18:49 - 2014-11-05 21:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 18:49 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 18:49 - 2014-11-05 21:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 18:49 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 18:49 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 18:49 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 18:49 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 18:49 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 18:49 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 18:49 - 2014-11-05 21:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 18:49 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 18:49 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 18:49 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 18:49 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 18:49 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 18:49 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 18:49 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 18:49 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 18:49 - 2014-10-13 20:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 18:49 - 2014-10-13 20:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 18:49 - 2014-10-13 20:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 18:49 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 18:49 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 18:49 - 2014-10-09 19:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 18:49 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 18:49 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 09:05 - 2014-11-11 09:05 - 00511778 _____ () C:\Users\melissa\Downloads\PastedGraphic-3 (1).tiff
2014-11-11 09:02 - 2014-11-11 09:02 - 00511778 _____ () C:\Users\melissa\Downloads\PastedGraphic-3.tiff
2014-11-09 09:59 - 2014-11-09 09:59 - 00000034 _____ () C:\Users\melissa\Downloads\wypr.m3u
2014-11-06 20:47 - 2014-11-06 20:47 - 00014176 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15_edit_11_6_14 (1).xlsx
2014-11-06 20:44 - 2014-11-06 20:45 - 00000165 ____H () C:\Users\melissa\Downloads\~$OsherJHU_FY15_edit_11_6_14.xlsx
2014-11-06 20:44 - 2014-11-06 20:44 - 00014176 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15_edit_11_6_14.xlsx
2014-11-06 20:04 - 2014-11-06 20:04 - 00014114 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15 (2).xlsx
2014-11-06 20:02 - 2014-11-06 20:02 - 00014114 _____ () C:\Users\melissa\Downloads\OsherJHU_FY15 (1).xlsx
2014-11-06 10:05 - 2014-11-06 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-06 10:04 - 2014-11-06 10:04 - 00001817 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-11-06 10:04 - 2014-11-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-06 10:02 - 2014-11-06 10:02 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-06 10:02 - 2014-11-06 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-06 10:01 - 2014-11-06 10:02 - 00000000 ____D () C:\Program Files\iTunes
2014-11-06 10:01 - 2014-11-06 10:01 - 00000000 ____D () C:\Program Files\iPod
2014-11-03 08:36 - 2014-11-03 08:36 - 00024146 _____ () C:\Users\melissa\Downloads\Andersonville Blog.docm
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-02 12:22 - 2011-07-09 19:20 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000UA.job
2014-12-02 12:08 - 2013-10-19 12:40 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-02 12:08 - 2011-10-09 12:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-02 12:08 - 2011-08-23 09:20 - 00000000 ____D () C:\Users\melissa\AppData\Local\Deployment
2014-12-02 12:08 - 2011-06-23 12:27 - 01796112 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 11:56 - 2011-07-07 09:19 - 00000000 ____D () C:\Program Files\PhotoFiltre
2014-12-02 11:52 - 2012-04-12 08:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 11:36 - 2011-10-09 12:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-02 11:33 - 2009-07-13 23:34 - 00028144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 11:33 - 2009-07-13 23:34 - 00028144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 11:25 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-02 11:25 - 2009-07-13 23:39 - 00077095 _____ () C:\Windows\setupact.log
2014-12-02 10:02 - 2010-11-20 16:48 - 01262716 _____ () C:\Windows\PFRO.log
2014-12-02 09:51 - 2011-06-23 14:32 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\.purple
2014-12-02 09:49 - 2012-01-18 08:27 - 00000000 ____D () C:\Program Files\Adobe
2014-12-02 09:41 - 2014-01-15 08:43 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-02 09:39 - 2009-07-13 21:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-02 09:36 - 2013-01-15 11:06 - 00000000 ____D () C:\Users\melissa\Desktop\virus software
2014-12-02 09:25 - 2011-10-09 12:15 - 00000000 ____D () C:\Program Files\Google
2014-12-02 09:18 - 2012-05-20 07:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-02 09:10 - 2011-07-09 19:20 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000Core.job
2014-12-02 09:10 - 2011-06-23 15:17 - 00000000 ____D () C:\ProgramData\Norton
2014-12-02 09:03 - 2014-02-28 12:02 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Skype
2014-11-27 14:52 - 2014-10-23 10:55 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 12:53 - 2012-04-12 08:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 12:53 - 2011-06-24 10:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-25 10:24 - 2010-11-20 16:01 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-23 14:14 - 2014-02-23 10:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-22 16:15 - 2014-10-17 13:26 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-11-20 22:14 - 2012-02-12 14:24 - 00000000 ____D () C:\Users\melissa\Tracing
2014-11-20 17:40 - 2014-02-28 11:28 - 00000000 ____D () C:\Program Files\Microsoft LifeCam
2014-11-20 16:32 - 2014-04-28 12:31 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-20 16:08 - 2014-10-22 20:26 - 00000000 ____D () C:\PanoptoRecorder
2014-11-18 18:57 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-11-18 10:38 - 2012-02-19 18:10 - 00000000 ____D () C:\Users\melissa\Documents\center
2014-11-17 21:04 - 2011-10-04 15:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-17 21:03 - 2011-10-04 15:47 - 418789321 _____ () C:\Windows\MEMORY.DMP
2014-11-12 16:56 - 2011-06-27 23:23 - 00000000 ____D () C:\Users\melissa\Documents\Camtasia Studio
2014-11-12 03:42 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 03:35 - 2009-07-13 23:33 - 00333976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 03:32 - 2014-05-07 02:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 03:13 - 2011-06-24 07:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 03:10 - 2013-08-16 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-09 10:06 - 2011-12-12 10:39 - 00000000 ____D () C:\Users\melissa\Documents\Snagit
2014-11-07 19:09 - 2014-10-17 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-07 19:09 - 2014-10-17 13:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-07 19:09 - 2014-10-17 13:25 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-06 10:04 - 2011-06-27 21:10 - 00000000 ____D () C:\Program Files\QuickTime
2014-11-06 10:01 - 2011-07-08 16:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-06 09:43 - 2011-09-20 10:31 - 00002076 ____H () C:\Users\melissa\Documents\Default.rdp
2014-11-06 08:56 - 2009-07-13 23:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-03 20:25 - 2011-06-23 14:30 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Mozilla
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-02 11:55
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2014
Ran by melissa at 2014-12-02 12:26:36
Running from C:\Users\melissa\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Amazon Unbox Video (HKLM\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.1.0.126 - Amazon.com)
Amazon Unbox Video (Version: 2.1.0.126 - Amazon.com) Hidden
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{18981B42-4A58-CD2F-DDBB-E44C0D46B2EE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 7 (HKLM\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM\...\{0B341FFF-66F9-4B82-A73A-C2317514A30F}) (Version: 8.4.3.1793 - TechSmith Corporation)
Carbonite (HKLM\...\Carbonite Backup) (Version: 5.5.5 build 4151  (Jun-27-2014) - Carbonite)
Carbonite Mirror Image (32-bit) (Version: 5.1.13813.2115 - x86) Hidden
ccc-core-static (Version: 2010.1116.2152.39231 - ATI) Hidden
Citrix Online Launcher (HKLM\...\{75B8A55E-0762-4676-AAC0-6FDF025B034B}) (Version: 1.0.220 - Citrix)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell ControlPoint System Manager (HKLM\...\{9143F2FA-BF20-4311-8618-4CCF51B1B80C}) (Version: 1.3.00000 - Dell Inc.)
Dell Driver Download Manager (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Security Device Driver Pack (HKLM\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.055 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.5.0.1132 (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\GoToMeeting) (Version: 5.5.0.1132 - CitrixOnline)
iCloud (HKLM\...\{AC6EE263-E4DD-4150-9014-689B1D4A3315}) (Version: 4.0.5.20 - Apple Inc.)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.2 - Intel)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Juniper Networks Network Connect 7.0.0 (HKLM\...\Juniper Network Connect 7.0.0) (Version: 7.0.0.18107 - Juniper Networks)
Juniper Networks Network Connect 7.1.0 (HKLM\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.19757 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Juniper_Setup_Client) (Version: 8.0.3.44983 - Juniper Networks)
Junos Pulse 5.0 (HKLM\...\Junos Pulse 5.0) (Version: 5.0.44983 - Juniper Networks, Inc.)
Junos Pulse Core Components (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Drivers Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Host Checker Plugin Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Tunnel Manager Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse UAC/NC Components (Version: 5.0.44983 - Juniper Networks) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Easy Assist v2 (HKLM\...\{326957C7-83FD-4550-A59A-849B7B4297DE}) (Version: 8.1.6416.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MUSHclient (remove only) (HKLM\...\MUSHclient) (Version:  - )
Netflix in Windows Media Center (HKLM\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.2.27.1  - NETGEAR Inc.)
Norton PC Checkup (HKLM\...\Norton PC Checkup_is1) (Version: 3.0.2.122.0 - NortonLive Services)
Norton PC Checkup (HKLM\...\NortonPCCheckup) (Version: 2.0.12.27 - Symantec Corporation)
Panopto Recorder (HKLM\...\{3E2934B6-81F0-4389-994F-7DD2026D371C}) (Version: 4.6.1.14979 - Panopto)
PhotoFiltre (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\PhotoFiltre) (Version:  - )
Pidgin (HKLM\...\Pidgin) (Version: 2.8.0 - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Web Plugin (HKLM\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Snagit 10.0.1 (HKLM\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)
Snagit 11 (HKLM\...\{5EAF9FAA-C4B6-4741-81B4-74CD81759EAA}) (Version: 11.4.0 - TechSmith Corporation)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7250 - Analog Devices)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Terraria (HKLM\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
Unity Web Player (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden
VC8 CRT (Version: 8.0.50727.762 - Juniper Networks) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
WD SmartWare (HKLM\...\{CD0DC280-2489-4464-A2FC-16104676394A}) (Version: 1.1.1.6 - Western Digital)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-2271823407-3231534759-3299175636-1000\...\WinDirStat) (Version:  - )
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{11CD84A3-A5E0-43CB-B3DF-92C623C0E0E0}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{638B203F-8FB6-49ec-A139-AB8C530F0CAB}\MSPowerPoint.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{293600C7-E7B6-4f06-9329-D8522A33C7E8}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{B9E98D7E-F599-469d-95A7-0B6F86D082A0}\CamtasiaOutput.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\melissa\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{18AA4E21-D540-4a3a-9F9F-E6DE33D6F253}\MSExcel.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{56C94D6A-7370-4885-A04E-7097FE4E0BAF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{841BFDCA-6A9A-4EBC-BC7E-194AA5DCE428}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1132\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{94330D48-EB33-49BB-87F1-AD8C0352C010}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{B9E98D7E-F599-469d-95A7-0B6F86D082A0}\InprocServer32 -> C:\Users\melissa\AppData\Local\TechSmith\SnagIt\Accessories\{B9E98D7E-F599-469d-95A7-0B6F86D082A0}\CamtasiaOutput.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2271823407-3231534759-3299175636-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\melissa\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
 
==================== Restore Points  =========================
 
23-11-2014 19:14:58 Removed Sophos Virus Removal Tool.
02-12-2014 14:23:53 avast! antivirus system restore point
02-12-2014 14:47:03 Removed HiJackThis
02-12-2014 14:49:26 Removed Adobe Download Assistant
02-12-2014 14:50:54 Removed Java 7 Update 67
02-12-2014 14:54:27 Removed JavaFX 2.1.0
02-12-2014 14:59:59 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:04 - 2014-11-06 16:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {03B7AA81-5A94-4E03-996A-08467BE4E7BB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000Core => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {07907E95-5B15-42EA-9656-63BFE7915188} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17CEEF2E-DB61-4F7E-9F17-F3A923810B78} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3DDC2E71-9342-4B9E-8057-ABFF7EFBEDD5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4929A922-46D8-4B20-BB25-5196D95EFE9B} - System32\Tasks\RNUpgradeHelperLogonPrompt_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {4E2FD162-2360-4C03-94ED-6337F7EB515F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {51BCD673-271D-4111-8A5B-749ABAE705C5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5AD918D7-085A-4EFA-A3AE-5F028B7022D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {5E7ABE95-937A-4AEB-9FE9-9DDA1D014B25} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-13] (PC-Doctor, Inc.)
Task: {68A42B6F-55B6-42D5-BFAE-384FF690E36A} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe
Task: {821F1F8C-C9AF-4BD2-9326-B47C3F54698A} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {88013348-0443-4C93-967F-8AA0AF033708} - System32\Tasks\{BD63C39B-5785-4B44-A13B-DF89A3573BD4} => C:\Windows.old\Program Files\simplemu\SimpleMU.exe
Task: {A561337E-2B14-4790-B706-E8B3AB0E7BD7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A953599E-398F-4631-A924-9391B4044069} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\21.6.0.32\WSCStub.exe
Task: {B14C0D69-0FE5-4AEE-BCB9-4DEB2F6CA2FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {B30EA5EE-48A7-4324-BAD8-C26979A8F277} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2014-10-17] (Apple Inc.)
Task: {BB018226-35A2-48CD-8FE4-FD27584ECE5E} - System32\Tasks\RNUpgradeHelperResumePrompt_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {C1A78932-C6FE-43EA-9836-F81ABDEDB825} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
Task: {C7BE69A6-B2F6-403C-B5D5-AF1EAE3C23C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000UA => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {CAE52941-C923-4AF5-9CC6-1414920E4D22} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe
Task: {CE5831C3-9D80-4DF1-9487-3DE6EDE1624C} - System32\Tasks\TechSmith Updater => C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {D0288158-18D5-43F9-8CE9-D8377F6D3E48} - System32\Tasks\{9E965F4D-A0C0-42F6-8D95-AB51532AAE46} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {D974D8E7-510F-4CC3-A124-DB014CAB8AB6} - System32\Tasks\ReclaimerUpdateFiles_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {E0926B6E-57B2-41EE-9DAC-4730236B2C0D} - System32\Tasks\ReclaimerUpdateXML_melissa => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-14] (RealNetworks, Inc.)
Task: {E25AC75D-DDD6-43EC-8DE8-61523EDEC5B7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2271823407-3231534759-3299175636-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EC80C659-0B0A-42C3-BC5A-B6BB1AD8C003} - System32\Tasks\{F9EC9D0D-A938-46C9-93D7-3BB764D93FDB} => C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000Core.job => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2271823407-3231534759-3299175636-1000UA.job => C:\Users\melissa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_melissa.job => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_melissa.job => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_melissa.job => C:\Users\melissa\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-12-02 09:25 - 2014-12-02 09:25 - 02904576 _____ () C:\Program Files\AVAST Software\Avast\defs\14120201\algo.dll
2012-04-17 10:27 - 2012-03-11 13:55 - 00088656 _____ () C:\Windows\System32\cpwmon2k.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-14 12:45 - 2011-02-14 12:45 - 02248704 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\QtCore4.dll
2011-02-14 12:45 - 2011-02-14 12:45 - 00969728 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\QtNetwork4.dll
2011-02-14 12:45 - 2011-02-14 12:45 - 00611328 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\QtSql4.dll
2009-11-14 20:12 - 2009-11-14 20:12 - 00062464 _____ () C:\Program Files\Carbonite\Carbonite Mirror Image\ZLIB1.dll
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-09-13 10:48 - 2010-09-13 10:48 - 00097384 ____R () C:\Program Files\Amazon\Amazon Unbox Video\LimelightDownloadManager.dll
2011-06-24 10:23 - 2010-05-21 12:14 - 00077824 _____ () C:\Program Files\Common Files\Intel\Privacy Icon\UNS\DTMessageLib.dll
2012-11-29 21:06 - 2012-11-29 21:06 - 01263512 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2012-11-29 21:07 - 2012-11-29 21:07 - 00100248 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-12-02 09:24 - 2014-12-02 09:24 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-21 12:47 - 2014-09-05 19:54 - 06281536 _____ () C:\Users\melissa\AppData\Local\Amazon Music\Amazon Music Helper.exe
2009-08-19 15:49 - 2009-08-19 15:49 - 00049152 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
2009-07-29 15:24 - 2009-07-29 15:24 - 00504293 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL
2014-11-27 14:52 - 2014-11-25 01:39 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-27 14:52 - 2014-11-25 01:39 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-27 14:52 - 2014-11-25 01:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-27 14:52 - 2014-11-25 01:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2271823407-3231534759-3299175636-500 - Administrator - Disabled)
Barracudacool (S-1-5-21-2271823407-3231534759-3299175636-1004 - Administrator - Enabled) => C:\Users\Barracudacool
Guest (S-1-5-21-2271823407-3231534759-3299175636-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2271823407-3231534759-3299175636-1002 - Limited - Enabled)
melissa (S-1-5-21-2271823407-3231534759-3299175636-1000 - Administrator - Enabled) => C:\Users\melissa
 
==================== Faulty Device Manager Devices =============
 
Name: USB Cable Modem
Description: USB Cable Modem
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: WAMPA
Description: MIMOBOT         
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer:         
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/02/2014 00:09:05 PM) (Source: MsiInstaller) (EventID: 1023) (User: melissa-PC)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\melissa\AppData\Local\Temp\MSI8224f.LOG.
 
Error: (12/02/2014 11:25:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/02/2014 10:11:10 AM) (Source: MsiInstaller) (EventID: 1023) (User: melissa-PC)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\melissa\AppData\Local\Temp\MSI1e6a6.LOG.
 
Error: (12/02/2014 10:09:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/02/2014 10:05:39 AM) (Source: MsiInstaller) (EventID: 1023) (User: melissa-PC)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\melissa\AppData\Local\Temp\MSI2dc1b.LOG.
 
Error: (12/02/2014 10:04:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/02/2014 09:59:59 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
Error: (12/02/2014 09:59:59 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
Error: (12/02/2014 09:55:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
Error: (12/02/2014 09:50:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
 
System errors:
=============
Error: (12/02/2014 11:25:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (12/02/2014 10:09:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (12/02/2014 10:03:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (12/02/2014 09:41:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (12/02/2014 09:19:59 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
IFP700
TfFsMon
TfSysMon
 
Error: (12/02/2014 09:19:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (12/02/2014 09:13:04 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (12/02/2014 09:02:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Common Client Job Manager Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (12/02/2014 09:02:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Norton 360 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (11/26/2014 09:48:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
 
Microsoft Office Sessions:
=========================
Error: (12/02/2014 00:09:05 PM) (Source: MsiInstaller) (EventID: 1023) (User: melissa-PC)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011009}1625C:\Users\melissa\AppData\Local\Temp\MSI8224f.LOG(NULL)(NULL)
 
Error: (12/02/2014 11:25:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/02/2014 10:11:10 AM) (Source: MsiInstaller) (EventID: 1023) (User: melissa-PC)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011009}1625C:\Users\melissa\AppData\Local\Temp\MSI1e6a6.LOG(NULL)(NULL)
 
Error: (12/02/2014 10:09:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/02/2014 10:05:39 AM) (Source: MsiInstaller) (EventID: 1023) (User: melissa-PC)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011009}1625C:\Users\melissa\AppData\Local\Temp\MSI2dc1b.LOG(NULL)(NULL)
 
Error: (12/02/2014 10:04:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/02/2014 09:59:59 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(.DEFAULT)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
Error: (12/02/2014 09:59:59 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(.DEFAULT)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
Error: (12/02/2014 09:55:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(.DEFAULT)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
Error: (12/02/2014 09:50:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(.DEFAULT)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {877a0d68-1bc5-4711-ac7e-da845eef696a}
 
 
CodeIntegrity Errors:
===================================
  Date: 2011-10-07 21:38:24.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 19:17:28.187
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 19:04:13.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 15:23:14.973
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 15:16:55.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 15:01:37.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 14:40:54.358
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 12:07:25.196
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 11:57:08.015
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-07 10:58:09.499
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spyware Doctor\TFEngine\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E8500 @ 3.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3581.59 MB
Available physical RAM: 1687.54 MB
Total Pagefile: 7161.48 MB
Available Pagefile: 5090.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.67 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:148.89 GB) (Free:18.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (WAMPA) (Removable) (Total:15.04 GB) (Free:8.3 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: A42D04A3)
Partition 1: (Not Active) - (Size=110 MB) - (Type=DE)
Partition 2: (Active) - (Size=148.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 15.1 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=15.1 GB) - (Type=0C)
 
==================== End Of Log ============================


#13 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:56 AM

Posted 02 December 2014 - 01:48 PM

Hi,

 

Good to hear things are running just a little bit better. :) Thankfully, CHKDSK didn't find any serious problems.

 

MySearch is certainly being stubborn, but I have an idea on how to get rid of it.

 

AdwCleaner

I need you to run AdwCleaner to see what it will remove.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Scan button. Once it's done scanning, hit the Clean button. Accept any prompts you receive from the program, including prompts to reboot. Once it's finished, a text file will be made. Please copy and paste it into your reply.

Farbar Recovery Scan Tool

I see a few more things in your FRST log I'd like you to remove, some simply for cleanliness.

  • Open up Notepad, and copy and paste the text in the following box into the Notepad text field:
    C:\Users\melissa\AppData\Local\Apps\2.0\LCT0Y6J3.X2L\483HPNOC.6WP\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
    C:\Users\melissa\Downloads\avast_free_antivirus_setup_online (1).exe
    C:\Users\melissa\Downloads\avast_free_antivirus_setup_online.exe
    C:\Users\melissa\Desktop\avast_free_antivirus_setup_online.exe - Shortcut.lnk
    C:\Users\melissa\Downloads\Norton_Removal_Tool.exe
    Task: {D0288158-18D5-43F9-8CE9-D8377F6D3E48} - System32\Tasks\{9E965F4D-A0C0-42F6-8D95-AB51532AAE46} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?source=lightinstaller&amp;page=tsMain
    Save it to the same location as FRST as fixlist.txt.
  • Open up FRST, and click the Fix button. If it asks you to reboot in order to complete the fix, please do so.
  • Once it's done fixing things, it will create Fixlog.txt in the same folder. Please copy and paste it into your reply.

Final Notes

 

After a little searching, I found that Amazon programs (especially Amazon Music) are known to slow your PC down. As such, if you don't need them, I advise getting rid of them. If you do want to keep them, I can also simply prevent them from auto-starting. In addition, the Norton removal tool didn't take care of Norton PC Checkup, so I'd also like you to remove that. :)

 

Let me know how the PC is running.

 

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#14 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 03 December 2014 - 09:16 AM

 # AdwCleaner v4.103 - Report created 03/12/2014 at 09:10:44

# Updated 01/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : melissa - MELISSA-PC
# Running from : C:\Users\melissa\Desktop\adwcleaner_4.103.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\ProgramData\PC Drivers HeadQuarters
Folder Deleted : C:\ProgramData\pcdr
Folder Deleted : C:\Users\melissa\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\melissa\AppData\Roaming\pcdr
Folder Deleted : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\olztzvtx.default\searchplugins\bingp.xml
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\VBMZ
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
 
-\\ Mozilla Firefox v33.1 (x86 en-US)
 
[olztzvtx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.aflt", "dsites0101");
[olztzvtx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0B0CtAtDyD0B0DtB0EtDyBtAyD0E0CyEtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");
[olztzvtx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cr", "1940262911");
[olztzvtx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.instlRef", "");
 
-\\ Google Chrome v39.0.2171.71
 
 
*************************
 
AdwCleaner[R1].txt - [1978 octets] - [03/12/2014 09:08:38]
AdwCleaner[S1].txt - [1965 octets] - [03/12/2014 09:10:44]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2025 octets] ##########


#15 barracudacool

barracudacool
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:56 AM

Posted 03 December 2014 - 09:28 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-12-2014 01
Ran by melissa at 2014-12-03 09:26:40 Run:2
Running from C:\Users\melissa\Desktop
Loaded Profile: melissa (Available profiles: melissa & Barracudacool)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
C:\Users\melissa\AppData\Local\Apps\2.0\LCT0Y6J3.X2L\483HPNOC.6WP\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
C:\Users\melissa\Downloads\avast_free_antivirus_setup_online (1).exe
C:\Users\melissa\Downloads\avast_free_antivirus_setup_online.exe
C:\Users\melissa\Desktop\avast_free_antivirus_setup_online.exe - Shortcut.lnk
C:\Users\melissa\Downloads\Norton_Removal_Tool.exe
Task: {D0288158-18D5-43F9-8CE9-D8377F6D3E48} - System32\Tasks\{9E965F4D-A0C0-42F6-8D95-AB51532AAE46} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?source=lightinstaller&amp;page=tsMain
*****************
 
C:\Users\melissa\AppData\Local\Apps\2.0\LCT0Y6J3.X2L\483HPNOC.6WP\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe => Moved successfully.
C:\Users\melissa\Downloads\avast_free_antivirus_setup_online (1).exe => Moved successfully.
C:\Users\melissa\Downloads\avast_free_antivirus_setup_online.exe => Moved successfully.
C:\Users\melissa\Desktop\avast_free_antivirus_setup_online.exe - Shortcut.lnk => Moved successfully.
C:\Users\melissa\Downloads\Norton_Removal_Tool.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0288158-18D5-43F9-8CE9-D8377F6D3E48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0288158-18D5-43F9-8CE9-D8377F6D3E48}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9E965F4D-A0C0-42F6-8D95-AB51532AAE46} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9E965F4D-A0C0-42F6-8D95-AB51532AAE46}" => Key deleted successfully.
 
==== End of Fixlog ====





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users