Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC is getting slower each day, Windows 8


  • Please log in to reply
17 replies to this topic

#1 Brandonyoung34372

Brandonyoung34372

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 01 January 2015 - 09:51 PM

I own a Toshiba Satelite laptop. I have not had a problem with it getting slow until a couple days ago ad it will just start freezing everything. The Task Options wont come up whe I press CTRL+ALT+DELETE because it gets so slow.....I swear its a trojan or something because my computer has never been this slow. I once had Skype, Pandora.com which runs on the web browser Chrome, and a Steam game up. Its always able to run all three with no problems but now its starting to not be able to. As I was playinga steam game it started freezing, Exited out of my steam game my Pandora and skype and came up with a window saying that the programs have became unresponsive. Please help because it is continually getting worse and I dont know what else to do as I have already started getting rid of junk files...Thanks



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:49 AM

Posted 06 January 2015 - 09:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/561783 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:02:49 PM

Posted 08 January 2015 - 05:43 AM

Hello, Brandonyoung34372
Welcome to the Bleeping Computer Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.



Please take note of some guidelines for this fix:

Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
Please reply using the t_reply.gif button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.




Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#4 Brandonyoung34372

Brandonyoung34372
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 08 January 2015 - 10:57 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by -Brandon Young- (administrator) on BRANDONYOUNG on 09-01-2015 00:48:20
Running from C:\Users\Brandon Young\Downloads
Loaded Profile: -Brandon Young- (Available profiles: -Brandon Young-)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ROBLOX Corporation) C:\Users\Brandon Young\AppData\Local\Roblox\Versions\version-d2af929835a34f18\RobloxPlayerBeta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Brandon Young\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-10] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2717176 2013-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [770728 2014-12-13] (Webroot)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [SkypeVoiceChanger] => C:\Program Files (x86)\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [LightShot] => C:\Users\Brandon Young\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [AVG-Secure-Search-Update_1014av] => C:\Users\Brandon Young\AppData\Roaming\Avg_Update_1014av\AVG-Secure-Search-Update_1014av.exe /PROMPT /mid=d2b056fd5f3a47d29d364911cce7e94a-78f932fb227216aeafeeb50fab57534a8d4ab72f /CMPID=1014av
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.toshiba.com?cid=J13
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://home.toshiba.com?cid=J13
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.toshiba.com?cid=J13
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.toshiba.com?cid=J13
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba13.msn.com/?pc=TNJB
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Brandon Young\AppData\Roaming\Mozilla\Firefox\Profiles\3py3e3dy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2422473469-3821547915-1951462274-1001: @nsroblox.roblox.com/launcher -> C:\Users\Brandon Young\AppData\Local\Roblox\Versions\version-d2af929835a34f18\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2422473469-3821547915-1951462274-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Brandon Young\AppData\Local\Roblox\Versions\version-d2af929835a34f18\\NPRobloxProxy64.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2422473469-3821547915-1951462274-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brandon Young\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-11]
CHR Extension: (Theme Creator) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2015-01-08]
CHR Extension: (Facebook Video Downloader) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2014-12-19]
CHR Extension: (Google Docs) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Adblock Plus) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-07]
CHR Extension: (Google Search) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Google Play Music) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-01-08]
CHR Extension: (Google Sheets) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-11]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-10-11]
CHR Extension: (Bing Rewards Helper) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\neodenankcjdlhndmpcffjmcealafaig [2015-01-04]
CHR Extension: (Google Wallet) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-11]
CHR Extension: (Webroot Password Manager) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.40.crx [2014-10-11]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-10-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-06-26] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-04-10] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2014-12-21] (WildTangent)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165488 2012-12-18] (Intel Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [770728 2014-12-13] (Webroot)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-06-26] (Broadcom Corporation.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2014-12-13] (Webroot)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-09 00:47 - 2015-01-09 00:48 - 02124288 _____ (Farbar) C:\Users\Brandon Young\Downloads\FRST64 (1).exe
2015-01-02 23:41 - 2015-01-02 23:48 - 00000000 ___RD () C:\Users\Brandon Young\Downloads\DeviceDoctor.Opener_mkdtfchztkfbm!App
2015-01-02 20:23 - 2015-01-02 20:23 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Brandon Young\Downloads\SpyHunter-Installer (1).exe
2015-01-02 01:06 - 2015-01-02 01:06 - 01649936 _____ () C:\Users\Brandon Young\Downloads\PANDAAP15 (1).exe
2015-01-02 00:56 - 2015-01-02 00:56 - 763972937 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-02 00:56 - 2015-01-02 00:56 - 00284720 _____ () C:\WINDOWS\Minidump\010215-39640-01.dmp
2015-01-02 00:56 - 2015-01-02 00:56 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-02 00:51 - 2015-01-02 00:52 - 05198336 _____ (AVAST Software) C:\Users\Brandon Young\Downloads\aswMBR.exe
2015-01-02 00:29 - 2015-01-02 00:29 - 00035158 _____ () C:\Users\Brandon Young\Desktop\FRST.txt
2015-01-02 00:26 - 2015-01-02 00:29 - 00028603 _____ () C:\Users\Brandon Young\Downloads\Addition.txt
2015-01-02 00:25 - 2015-01-09 00:48 - 00018948 _____ () C:\Users\Brandon Young\Downloads\FRST.txt
2015-01-02 00:24 - 2015-01-09 00:48 - 00000000 ____D () C:\FRST
2015-01-02 00:24 - 2015-01-02 00:24 - 02123264 _____ (Farbar) C:\Users\Brandon Young\Downloads\FRST64.exe
2015-01-02 00:24 - 2015-01-02 00:24 - 01114624 _____ (Farbar) C:\Users\Brandon Young\Downloads\FRST.exe
2015-01-01 23:18 - 2015-01-01 23:18 - 01649936 _____ () C:\Users\Brandon Young\Downloads\PANDAAP15.exe
2015-01-01 23:18 - 2015-01-01 23:18 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-01 21:53 - 2015-01-01 21:57 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-01 21:53 - 2015-01-01 21:53 - 00001418 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-01 21:53 - 2015-01-01 21:53 - 00001406 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-01 21:53 - 2015-01-01 21:53 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-01-01 21:53 - 2015-01-01 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-01 21:53 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-01-01 21:50 - 2015-01-01 21:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Brandon Young\Downloads\spybot-2.4.exe
2015-01-01 21:45 - 2015-01-01 23:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-01 21:45 - 2015-01-01 21:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2015-01-01 21:42 - 2015-01-01 21:43 - 16409960 _____ (Safer Networking Limited ) C:\Users\Brandon Young\Downloads\spybotsd162.exe
2014-12-29 02:02 - 2014-12-29 02:03 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Brandon Young\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-29 00:35 - 2013-08-21 12:42 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2014-12-29 00:25 - 2013-10-15 16:03 - 00111488 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\THAccel.sys
2014-12-27 04:36 - 2014-12-27 04:36 - 00000006 _____ () C:\Users\Brandon Young\Desktop\sdavaaaaaaaaaaaaaaaaaaaaaaaaa.txt
2014-12-25 17:19 - 2014-12-25 17:19 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\sMedio
2014-12-25 16:08 - 2014-12-25 16:08 - 01294830 _____ () C:\Users\Brandon Young\Desktop\gvgvgvgvgv.log
2014-12-25 12:06 - 2015-01-08 22:03 - 00000000 ___RD () C:\Users\Brandon Young\OneDrive
2014-12-24 02:29 - 2014-12-24 02:29 - 02777719 _____ () C:\Users\Brandon Young\Downloads\facebook-BrandonYoung343.zip
2014-12-19 01:00 - 2014-12-19 01:00 - 00323300 _____ () C:\Users\Brandon Young\Desktop\10823590_766496683397971_969325336_n.mp4
2014-12-19 00:54 - 2014-12-19 00:54 - 03314383 _____ () C:\Users\Brandon Young\Desktop\10823932_766494533398186_596768922_n.mp4
2014-12-19 00:41 - 2014-12-19 00:41 - 03277647 _____ () C:\Users\Brandon Young\Desktop\10829521_766489193398720_1757110758_n.mp4
2014-12-13 19:30 - 2014-12-13 19:30 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-12 23:38 - 2014-12-12 23:38 - 00199035 _____ () C:\Users\Brandon Young\Desktop\avadfvadfva.rbxl
2014-12-12 22:13 - 2014-12-12 22:13 - 00270384 _____ () C:\Users\Brandon Young\Desktop\wafavavava.rbxl
2014-12-11 05:42 - 2014-12-11 05:42 - 00274971 _____ () C:\Users\Brandon Young\Desktop\afadfasfasdfasdfdasdf.rbxl
2014-12-11 02:50 - 2014-12-03 20:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 02:50 - 2014-12-03 20:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 02:50 - 2014-11-09 23:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 02:50 - 2014-11-09 22:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 02:49 - 2014-10-31 20:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 02:49 - 2014-10-31 20:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 02:49 - 2014-10-30 20:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 02:49 - 2014-10-30 20:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 02:45 - 2014-11-22 00:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 02:45 - 2014-11-21 23:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 02:45 - 2014-11-21 23:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 02:45 - 2014-11-21 23:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 02:45 - 2014-11-21 23:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 02:45 - 2014-11-21 23:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 02:45 - 2014-11-21 23:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 02:45 - 2014-11-21 23:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 02:45 - 2014-11-21 23:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 02:45 - 2014-11-21 23:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 02:45 - 2014-11-21 23:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 02:45 - 2014-11-21 23:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 02:45 - 2014-11-21 23:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 02:45 - 2014-11-21 23:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 02:45 - 2014-11-21 23:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 02:45 - 2014-11-21 22:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 02:45 - 2014-11-21 22:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 02:45 - 2014-11-21 22:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 02:45 - 2014-11-21 22:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 02:45 - 2014-11-21 22:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 02:45 - 2014-11-21 22:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 02:45 - 2014-11-21 22:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 02:45 - 2014-11-21 22:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 02:45 - 2014-11-21 22:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 02:45 - 2014-11-21 22:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 02:45 - 2014-11-21 22:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 02:45 - 2014-11-21 22:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 02:45 - 2014-11-21 22:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 02:45 - 2014-11-21 22:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 02:45 - 2014-11-21 22:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 02:45 - 2014-11-21 22:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 02:45 - 2014-11-21 22:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 02:45 - 2014-11-21 22:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 02:45 - 2014-11-21 22:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 02:45 - 2014-11-21 22:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 02:45 - 2014-11-21 22:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 02:45 - 2014-11-21 22:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 02:45 - 2014-11-21 21:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 02:45 - 2014-11-21 21:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 02:45 - 2014-11-07 01:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 02:45 - 2014-11-07 00:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 02:45 - 2014-10-12 23:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 02:45 - 2014-10-12 23:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 02:45 - 2014-10-12 23:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 02:45 - 2014-10-12 23:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-10 21:50 - 2014-10-30 19:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-10 21:50 - 2014-10-30 19:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-09 00:43 - 2014-10-07 22:04 - 01130313 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-09 00:39 - 2014-10-05 02:19 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\Skype
2015-01-09 00:08 - 2014-10-31 05:29 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-09 00:00 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-08 22:15 - 2014-10-04 16:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2422473469-3821547915-1951462274-1001
2015-01-08 22:10 - 2014-10-30 22:55 - 00001387 _____ () C:\Users\Brandon Young\Desktop\ROBLOX Player.lnk
2015-01-08 22:10 - 2014-10-30 22:53 - 00001202 _____ () C:\Users\Brandon Young\Desktop\ROBLOX Studio.lnk
2015-01-08 22:10 - 2014-10-30 22:53 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2015-01-08 22:03 - 2014-10-11 17:49 - 00000000 ____D () C:\ProgramData\WRData
2015-01-08 22:02 - 2014-10-11 18:02 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 22:02 - 2014-10-11 17:49 - 00000770 _____ () C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2015-01-08 22:02 - 2014-10-07 21:54 - 00000000 ____D () C:\Users\Brandon Young
2015-01-08 22:02 - 2013-08-22 11:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-06 18:38 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-06 02:01 - 2014-10-30 21:46 - 00000430 _____ () C:\WINDOWS\Tasks\update-sys.job
2015-01-06 01:56 - 2014-10-30 21:46 - 00000430 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-2422473469-3821547915-1951462274-1001.job
2015-01-05 23:51 - 2014-10-08 03:35 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\CrashDumps
2015-01-03 02:33 - 2014-10-21 03:34 - 00001211 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-01-03 02:33 - 2014-10-21 03:34 - 00001199 _____ () C:\Users\Public\Desktop\paint.net.lnk
2015-01-03 02:33 - 2014-10-21 03:34 - 00000000 ____D () C:\Program Files\paint.net
2015-01-02 23:40 - 2014-10-02 10:08 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\Packages
2015-01-02 01:03 - 2013-08-22 10:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-02 01:00 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-02 00:56 - 2014-03-18 06:54 - 00798510 _____ () C:\WINDOWS\PFRO.log
2015-01-02 00:56 - 2013-05-10 04:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-29 18:28 - 2014-10-05 02:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-29 18:25 - 2014-10-30 21:46 - 00000059 _____ () C:\Users\Brandon Young\AppData\Local\UserProducts.xml
2014-12-29 18:25 - 2014-10-30 21:46 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-12-29 14:26 - 2013-08-22 11:46 - 00289268 _____ () C:\WINDOWS\setupact.log
2014-12-29 00:35 - 2014-03-24 04:14 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-25 12:06 - 2014-10-07 22:27 - 00000000 __RDO () C:\Users\Brandon Young\OneDrive.old
2014-12-25 10:56 - 2014-10-07 22:35 - 00003974 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D0824DB7-9EAA-4609-A3E9-BAD372D15A76}
2014-12-24 17:17 - 2014-03-18 07:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-24 17:14 - 2014-10-05 02:19 - 00000000 ____D () C:\ProgramData\Skype
2014-12-24 16:51 - 2014-10-31 05:27 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\Adobe
2014-12-24 16:48 - 2014-10-31 05:29 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-21 02:04 - 2013-05-10 04:32 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-12-20 22:56 - 2014-11-22 03:23 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\.minecraft
2014-12-18 18:42 - 2012-07-26 04:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 01:38 - 2014-10-30 21:46 - 00003294 _____ () C:\WINDOWS\System32\Tasks\update-S-1-5-21-2422473469-3821547915-1951462274-1001
2014-12-16 20:03 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-13 19:54 - 2014-10-11 17:49 - 00153256 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2014-12-13 19:54 - 2014-10-11 17:49 - 00114176 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
2014-12-13 19:54 - 2014-10-11 17:49 - 00103816 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2014-12-13 19:30 - 2014-10-05 16:54 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 18:14 - 2014-10-11 18:03 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 17:11 - 2014-10-02 11:37 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-12 15:18 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 15:18 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 15:17 - 2014-10-02 11:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 21:41 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 05:22 - 2014-10-04 00:43 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\Roblox
 
Some content of TEMP:
====================
C:\Users\Brandon Young\AppData\Local\Temp\{D720C8BA-3027-43DB-8231-9924663245C8}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-29 06:23
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by -Brandon Young- at 2015-01-09 00:52:23
Running from C:\Users\Brandon Young\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version:  - Bohemia Interactive)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0062 - DTS, Inc.)
Elementals - The Magic Key (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Microsoft SkyDrive (HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6886 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
ROBLOX Player for -Brandon Young- (HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for Brandon Young (HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.5 - TOSHIBA)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.6 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.4.6405 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6629.6407 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.2.0000 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.0.0.10 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.5.03 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Unity Web Player (HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.6.28 - Webroot)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.14 - WildTangent) Hidden
Wonderland Solitaire (x32 Version: 2.2.0.110 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2422473469-3821547915-1951462274-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brandon Young\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2422473469-3821547915-1951462274-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brandon Young\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2422473469-3821547915-1951462274-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Brandon Young\AppData\Local\Roblox\Versions\version-d11d3bd1dfae46fa\RobloxProxy64.dll No F (the data entry has 3 more characters).
CustomCLSID: HKU\S-1-5-21-2422473469-3821547915-1951462274-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brandon Young\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2422473469-3821547915-1951462274-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brandon Young\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
18-12-2014 18:40:00 Windows Update
27-12-2014 18:12:44 Scheduled Checkpoint
29-12-2014 00:35:04 Installed REALTEK Wireless LAN Driver
29-12-2014 18:26:21 Removed Skype Click to Call
29-12-2014 18:27:27 Removed Skype Click to Call
03-01-2015 02:31:16 paint.net 4.0.5
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {03145B3E-E08E-4636-A981-27BC906DA3D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {101BF832-B476-4A6C-87D3-5C755A0FF819} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {10D560E9-F5C2-4C5B-8B58-95335BB47701} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-03-19] (TOSHIBA Corporation)
Task: {14192484-2CEC-4099-B7F4-D04D5E965EC4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-24] (Adobe Systems Incorporated)
Task: {4C28C3C4-1DC8-4598-914B-4170CB24F435} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {4C599B64-610E-4BA2-AC0E-7C2BBB9DC566} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {6A93B261-EA72-45D7-BAE8-231E06C386D7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {A6B5D1AC-976F-4B80-8D9A-9C8E122405C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-11] (Google Inc.)
Task: {C5FBCC2F-FB97-4C9A-A4CA-C38AEE35534D} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {D55656CA-9477-45C4-948A-7F137D2FEF30} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {D844D5A2-9BA8-4F4D-92AD-BAF699440962} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-11] (Google Inc.)
Task: {EC579137-B7DE-4612-9F33-689C9112EC8C} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {EC60AD5C-33B3-4752-B938-2F363DCD6E8C} - System32\Tasks\update-S-1-5-21-2422473469-3821547915-1951462274-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {F2C51DC5-B970-4912-A69A-C7798B1FF4F2} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2422473469-3821547915-1951462274-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-10 18:45 - 2013-04-10 18:45 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-11-04 23:22 - 2013-11-04 23:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-18 22:38 - 2012-07-18 22:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 04:19 - 2013-08-22 03:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-08-22 04:19 - 2013-08-22 03:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2013-08-22 04:19 - 2013-08-22 03:54 - 00030208 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd
2014-10-11 17:06 - 2014-10-11 17:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 17:05 - 2014-10-11 17:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-01 21:53 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-01 21:53 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-01 21:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-01 21:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-01 21:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-12-12 18:14 - 2014-12-05 22:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 18:14 - 2014-12-05 22:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 18:14 - 2014-12-05 22:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 18:14 - 2014-12-05 22:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-03-24 04:09 - 2013-01-14 14:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-12-12 18:14 - 2014-12-05 22:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Brandon Young\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Brandon Young\OneDrive.old:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ToshibaAppPlace"
HKLM\...\StartupApproved\Run32: => "Andy"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\StartupApproved\Run: => "SkypeVoiceChanger"
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\StartupApproved\Run: => "LightShot"
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\StartupApproved\Run: => "AVG-Secure-Search-Update_1014av"
 
========================= Accounts: ==========================
 
-Brandon Young- (S-1-5-21-2422473469-3821547915-1951462274-1001 - Administrator - Enabled) => C:\Users\Brandon Young
Administrator (S-1-5-21-2422473469-3821547915-1951462274-500 - Administrator - Disabled)
Guest (S-1-5-21-2422473469-3821547915-1951462274-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/06/2015 06:24:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53123406
 
Error: (01/06/2015 06:24:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53123406
 
Error: (01/06/2015 06:24:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/06/2015 06:24:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53122281
 
Error: (01/06/2015 06:24:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53122281
 
Error: (01/06/2015 06:24:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/06/2015 03:38:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1297
 
Error: (01/06/2015 03:38:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1297
 
Error: (01/06/2015 03:38:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/05/2015 11:51:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Camera.exe, version: 6.3.9600.17334, time stamp: 0x5407c597
Faulting module name: WindowsInternal.Inbox.Media.Viewer.dll, version: 6.3.9600.17334, time stamp: 0x5407c50b
Exception code: 0x80000003
Fault offset: 0x000000000009953c
Faulting process id: 0x1aec
Faulting application start time: 0xCamera.exe0
Faulting application path: Camera.exe1
Faulting module path: Camera.exe2
Report Id: Camera.exe3
Faulting package full name: Camera.exe4
Faulting package-relative application ID: Camera.exe5
 
 
System errors:
=============
Error: (01/08/2015 10:01:37 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
 
Error: (01/08/2015 10:02:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:03:13 PM on ‎1/‎6/‎2015 was unexpected.
 
Error: (01/06/2015 06:24:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
 
Error: (01/06/2015 06:24:19 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.13 with the system
having network hardware address B4-75-0E-6E-CE-95. Network operations on this system may
be disrupted as a result.
 
Error: (01/03/2015 00:38:25 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.4 with the system
having network hardware address B4-75-0E-25-94-BB. Network operations on this system may
be disrupted as a result.
 
Error: (01/03/2015 03:00:39 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.5 with the system
having network hardware address B4-75-0E-25-94-BB. Network operations on this system may
be disrupted as a result.
 
Error: (01/02/2015 03:00:30 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.13 with the system
having network hardware address D4-85-64-9F-00-CF. Network operations on this system may
be disrupted as a result.
 
Error: (01/02/2015 00:19:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer FRENCHIES-HP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E4EC6CB5-AB5F-43D9-99D8-441286454B30}.
The master browser is stopping or an election is being forced.
 
Error: (01/02/2015 00:57:02 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0x0000000000000000, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP010215-39640-01
 
Error: (01/02/2015 00:57:01 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:29:39 AM on ‎1/‎2/‎2015 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (01/06/2015 06:24:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53123406
 
Error: (01/06/2015 06:24:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53123406
 
Error: (01/06/2015 06:24:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/06/2015 06:24:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53122281
 
Error: (01/06/2015 06:24:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53122281
 
Error: (01/06/2015 06:24:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/06/2015 03:38:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1297
 
Error: (01/06/2015 03:38:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1297
 
Error: (01/06/2015 03:38:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/05/2015 11:51:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Camera.exe6.3.9600.173345407c597WindowsInternal.Inbox.Media.Viewer.dll6.3.9600.173345407c50b80000003000000000009953c1aec01d0295b9f6e49f6C:\Windows\Camera\Camera.exeC:\Windows\MediaViewer\WindowsInternal.Inbox.Media.Viewer.dlle182cc36-954e-11e4-bea3-008cfa6c4335Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Camera
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-11-10 19:26:04.822
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-11-10 19:26:04.767
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU 1037U @ 1.80GHz
Percentage of memory in use: 52%
Total physical RAM: 3975.27 MB
Available physical RAM: 1897.29 MB
Total Pagefile: 8071.27 MB
Available Pagefile: 4722.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: (TI10664600J) (Fixed) (Total:453.41 GB) (Free:327.18 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
 
If you see Conflicting IP's it's my other Computer that I messed up the Ip's with. I think they converged or something when I was messing with Wireless adapters and routers which that shouldnt be the problem.


#5 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:02:49 PM

Posted 09 January 2015 - 03:10 AM

Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • 2.0 Threat Scan
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    Please download AdwCleaner by Xplode onto your desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Search, then Clean.
    • A logfile will automatically open after the scan has finished.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#6 Brandonyoung34372

Brandonyoung34372
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 09 January 2015 - 10:16 PM

# AdwCleaner v4.107 - Report created 09/01/2015 at 18:37:26
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : -Brandon Young- - BRANDONYOUNG
# Running from : C:\Users\Brandon Young\Downloads\adwcleaner_4.107.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Found : C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Found : C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
Folder Found : C:\Users\Brandon Young\Favorites\StumbleUpon
Folder Found : C:\Users\Brandon Young\Favorites\StumbleUpon
 
***** [ Scheduled Tasks ] *****
 
Task Found : update-sys
Task Found : update-S-1-5-21-2422473469-3821547915-1951462274-1001
Task Found : update-sys
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nym1.ib.adnxs.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v0.0.0.0
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[R0].txt - [1628 octets] - [09/01/2015 18:37:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1688 octets] ##########
 
 
 
I would just like to note that My Email was hacked from an IP address located in Bejing China and My Email password has been changed twice now, Once today and I have to recover the account yet again. I have had a Air.voice Trojan go through my Computer and I got rid of it with AVG and Malwarebytes did not detect it. The Malwarebytes log came up empty but some things did show on the Adware scan by Xplode.


#7 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:02:49 PM

Posted 10 January 2015 - 05:18 AM

You just ran a scan with AdwCleaner, please run it again and click on the Clean button.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#8 Brandonyoung34372

Brandonyoung34372
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 10 January 2015 - 12:42 PM

Scan Log
Version of virus signature database: 10993 (20150110)
Date: 1/10/2015  Time: 12:28:34 PM
Scanned disks, folders and files: Operating memory;C:\Boot sector;C:\
Boot sector of disk C: - error opening [4]
C:\hiberfil.sys - error opening [4]
C:\pagefile.sys - error opening [4]
C:\swapfile.sys - error opening [4]
C:\$Recycle.Bin\S-1-5-21-2422473469-3821547915-1951462274-1001\$R2507B2\Andy\x64\resources\phantomjs\win\phantomjs.exe » UPX v13_m8 - unpack error
C:\$Recycle.Bin\S-1-5-21-2422473469-3821547915-1951462274-1001\$R2507B2\OVA\andy.ova » TAR »  - error reading archive
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateHelper.msi » MSI » required.cab » CAB - error reading archive
C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db - error opening [4]
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\APR2007_d3dx9_33_x64.cab » CAB » d3dx9_33.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\APR2007_d3dx9_33_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\APR2007_d3dx9_33_x64.cab » CAB » apr2007_d3dx9_33_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\APR2007_d3dx9_33_x64.cab » CAB » d3dx9_33_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\APR2007_d3dx9_33_x64.cab » CAB » d3dx9_33_x64_xp.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Aug2008_d3dx9_39_x64.cab » CAB » d3dx9_39.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Aug2008_d3dx9_39_x64.cab » CAB » d3dx9_39_x64.cat - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Aug2008_d3dx9_39_x64.cab » CAB » d3dx9_39_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Aug2008_d3dx9_39_x64.cab » CAB » d3dx9_39_x64_xp.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Aug2008_d3dx9_39_x64.cab » CAB » Aug2008_d3dx9_39_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Aug2008_d3dx9_39_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x64.cab » CAB » d3dx9_29.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x64.cab » CAB » d3dx9_29_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x64.cab » CAB » feb2006_d3dx9_29_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x86.cab » CAB » d3dx9_29.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x86.cab » CAB » d3dx9_29_w9x.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x86.cab » CAB » d3dx9_29_x86.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Feb2006_d3dx9_29_x86.cab » CAB » feb2006_d3dx9_29_x86.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Jun2005_d3dx9_26_x64.cab » CAB » d3dx9_26.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Jun2005_d3dx9_26_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Jun2005_d3dx9_26_x64.cab » CAB » d3dx9_26_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Jun2005_d3dx9_26_x64.cab » CAB » jun2005_d3dx9_26_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Mar2009_d3dx10_41_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Mar2009_d3dx9_41_x64.cab » CAB » d3dx9_41.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Mar2009_d3dx9_41_x64.cab » CAB » d3dx9_41_x64.cat - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Mar2009_d3dx9_41_x64.cab » CAB » d3dx9_41_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Mar2009_d3dx9_41_x64.cab » CAB » d3dx9_41_x64_xp.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Mar2009_d3dx9_41_x64.cab » CAB » Mar2009_d3dx9_41_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Mar2009_d3dx9_41_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2007_d3dx9_36_x64.cab » CAB » d3dx9_36.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2007_d3dx9_36_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2007_d3dx9_36_x64.cab » CAB » d3dx9_36_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2007_d3dx9_36_x64.cab » CAB » d3dx9_36_x64_xp.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2007_d3dx9_36_x64.cab » CAB » nov2007_d3dx9_36_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40.dll - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64.cat - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64_xp.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2008_d3dx9_40_x64.cab » CAB » Nov2008_d3dx9_40_x64.inf - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\SteamApps\downloading\33930\DirectX\Nov2008_d3dx9_40_x64.cab » CAB » infinst.exe - archive damaged - the file could not be extracted.
C:\Program Files (x86)\Steam\userdata\88401397\ugc\download\538502649190497051\the slavs by greater europe (v 1).civ5mod.download » 7ZIP »  - error reading archive
C:\Program Files (x86)\Steam\userdata\88401397\ugc\download\547510578211384465\jfd's the empire of great britain (v 2).civ5mod.download » 7ZIP »  - error reading archive
C:\Program Files (x86)\Steam\userdata\88401397\ugc\download\547511746954223552\jfd's the commonwealth of poland-lithuania (v 1).civ5mod.download » 7ZIP »  - error reading archive
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\03c84ce31d754405592ebcb2c02353bb_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0580a976cb94c3f5aab137b0472fdb9c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0916f68432265e46d6f5b57955b82a7d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0ae1ed237531973882bdd3ddb1b18746_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\103451df83ba9ad93b02a50036315518_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\119fad08d42ffa6d95dcd9b526e7a420_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\14e9942b7e35396b11cdb35807b9102d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\16ae86e4b639db321f1d148d51329b3a_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1aa8963e36e2deff726005cc874c8193_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1b2262e2c7ba179e6a7bb06e88bff159_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\275ebc96cb74423472aa091915d0d6c6_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2955222c1808761bd893d9e3ba29573f_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2b92b1eada9851d8da887cb05d3f3ec1_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2e8cd5feb8dea0cf03e22ee378e6d281_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2eb76084d0dff8cba298a8c14965decf_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\358cdb6834a7b99c56c8464f02d13f10_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\35aa7a1f25f94dc7232dee33e6671861_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3d3b1405bdd7ce07084c17a30bcb4159_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3d74727e4f8ad94a9224f2defb865830_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3ff7b38c8343be3ce2ebfd9f900dc3f4_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\42b1db90083cc8216751ab82634e99a5_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\453e457a6f43b98feb07c5bd61f3ab50_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5228a7601a194613d930ef816c500d43_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\56315423dffb6cb3cbe5a1cd333ed9fe_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5997b436764fc5856f70bc9e21626075_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5c9163e642bfbf1443bfad616dfffe9f_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\60cbf8602d48368c2c68026ff8c00dde_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\62fbb03da5033a039ce8e943b5f3eeb6_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6830a7941fcdee4547063ae3027dc330_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6fe92f79d95dcde97f42caf1e3f79a2e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\73b9c53b613e5242814a879e312f007e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8157b8bb8797ddaeb8fa5797c436b0d5_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\81a97dfae8ed092abbb7ca5b822cb28d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8384de689c072db3f4323e0cfacfcc40_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\84f3be68ace61e7a860d8f5c5b255d35_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\86798c11cfcbbbd82a7f1be24ee6e984_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\87368cd04a6eb35f5e70bd190809170e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\87a4b1bb54022387c4e696f8c47c5cad_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\883841598cf8880d007df695bff75b5d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8a1000d2dee5f1aa8e3aec6794f06cef_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8cdf184dcf4db61eb6a7de8154392686_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9825c38e62b83557a0dfd7720195cfcf_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9b4e5c158976b92e7c8e98ab81a93383_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b40f26fb8b3c3670fdf49c8bbb1bc8c6_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b676b48254e58ccc0f7e12ac4dc34add_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b93e2ebc2cabbeef65f618be46ee0d6e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bb4eaed34370c797524034b4105d8a58_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c542dcc7d42f61e34499b541e4240013_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c75e6579f3d2b8ce2b0d100fa5681191_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c984e0739a146e84f63dcbfdf40c58ce_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cd177d97bf82ca3c1e812555cc24b2f4_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d5561f5c27e63495b422d0ac60b40f96_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d634aa3dfa9dcb24f9e4dfdac32dbf0c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d99633d630656343851443e729cd4046_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\da6a56c5dfcd6ae9809f9c336e8a162c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\da970e29e278da3a3220a4229a595f34_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\de23b9078e314b93ac2138482f83b343_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e03b21a7c7f12d1aa304fc6ff5f11250_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e2208d95305324fd7cc734ddbb1e09e4_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eb48c9d94aa1fe90f7b9b3f69ba98ffd_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ec0eb78b21bcd535cc27acffb8f1cf28_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ed234d8db18ba079fa643e1614ca1a39_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\edf949122d2ee120fb7fe3319ae1841f_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f1348c29fcf014b32335b67a5a12adf7_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_bd7efb67-ddf5-4a0f-bfde-088bd4029529 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fa3e2554e6fd47eaea06a551e5af882c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\ProgramData\Microsoft\User Account Pictures\Administrator.dat - error opening [4]
C:\ProgramData\Oracle\Java\installcache\baseimagefam8 » ZIP » lib/rt.pack » PACK200 - archive damaged
C:\ProgramData\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » BurstMedia-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » Cache-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » CasaleMedia-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » Cookie-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » DoubleClick-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\FastClick-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\FastClick-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\FastClick-0000.zip » ZIP » FastClick-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » History-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Internet Explorer-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Quarantine.lst - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Macromedia.FlashPlayer.Cookies-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Macromedia.FlashPlayer.Cookies-0000.md5 - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/assets-jp.jwpsrv.com/com.longtailvideo.jwplayer.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/cdn.optimatic.com/alfy_shell.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/cfiles.5min.com/5minSessionTracker_start.new.toshiba.com.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/cfiles.5min.com/Storage5minCookie.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/images-na.ssl-images-amazon.com/mercury.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/player.ooyala.com/auth.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/player.ooyala.com/auth2.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/player.ooyala.com/auth_id.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/player.ooyala.com/perf.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/s.ytimg.com/soundData.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/unblocker.thesyndicationserver.co.uk/HIRO_NETWORK_CAPPING_COOKIE.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/unblocker.thesyndicationserver.co.uk/US_FARM_unblocker.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/www.cbsnews.com/OVPMetricsProvider.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/skype.com/#ui/preferences.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip » ZIP » Users/Brandon Young/AppData/Roaming/Macromedia/Flash Player/#SharedObjects/9TBM3UNV/theuppercut.thesyndicationserver.co.uk/SyndPlugins/flowplayer.unlimited-3.2.16_thesyndicationserver.co.uk.swf/org.flowplayer.sol - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » MediaPlex-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » MS DirectDraw-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » MS DirectInput-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip » ZIP » MS Management Console-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip » ZIP » MS Paint-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Regedit-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Regedit-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Regedit-0000.zip » ZIP » MS Regedit-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Regedit-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip » ZIP » MS Wordpad-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » Statcounter-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Windows Explorer-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Windows Media SDK-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Windows.OpenWith-0000.sfv - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Zedo-0000.zip » ZIP » 150101-220201.xml - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Zedo-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Zedo-0000.zip » ZIP » Zedo-0000.sfv - error - password-protected file
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\03c84ce31d754405592ebcb2c02353bb_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\0580a976cb94c3f5aab137b0472fdb9c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\0916f68432265e46d6f5b57955b82a7d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\0ae1ed237531973882bdd3ddb1b18746_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\103451df83ba9ad93b02a50036315518_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\119fad08d42ffa6d95dcd9b526e7a420_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\14e9942b7e35396b11cdb35807b9102d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\16ae86e4b639db321f1d148d51329b3a_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\1aa8963e36e2deff726005cc874c8193_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\1b2262e2c7ba179e6a7bb06e88bff159_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\275ebc96cb74423472aa091915d0d6c6_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\2955222c1808761bd893d9e3ba29573f_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\2b92b1eada9851d8da887cb05d3f3ec1_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\2e8cd5feb8dea0cf03e22ee378e6d281_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\2eb76084d0dff8cba298a8c14965decf_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\358cdb6834a7b99c56c8464f02d13f10_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\35aa7a1f25f94dc7232dee33e6671861_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\3d3b1405bdd7ce07084c17a30bcb4159_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\3d74727e4f8ad94a9224f2defb865830_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\3ff7b38c8343be3ce2ebfd9f900dc3f4_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\42b1db90083cc8216751ab82634e99a5_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\453e457a6f43b98feb07c5bd61f3ab50_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\5228a7601a194613d930ef816c500d43_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\56315423dffb6cb3cbe5a1cd333ed9fe_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\5997b436764fc5856f70bc9e21626075_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\5c9163e642bfbf1443bfad616dfffe9f_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\60cbf8602d48368c2c68026ff8c00dde_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\62fbb03da5033a039ce8e943b5f3eeb6_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\6830a7941fcdee4547063ae3027dc330_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\6fe92f79d95dcde97f42caf1e3f79a2e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\73b9c53b613e5242814a879e312f007e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\8157b8bb8797ddaeb8fa5797c436b0d5_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\81a97dfae8ed092abbb7ca5b822cb28d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\8384de689c072db3f4323e0cfacfcc40_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\84f3be68ace61e7a860d8f5c5b255d35_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\86798c11cfcbbbd82a7f1be24ee6e984_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\87368cd04a6eb35f5e70bd190809170e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\87a4b1bb54022387c4e696f8c47c5cad_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\883841598cf8880d007df695bff75b5d_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\8a1000d2dee5f1aa8e3aec6794f06cef_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\8cdf184dcf4db61eb6a7de8154392686_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\9825c38e62b83557a0dfd7720195cfcf_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\9b4e5c158976b92e7c8e98ab81a93383_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\b40f26fb8b3c3670fdf49c8bbb1bc8c6_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\b676b48254e58ccc0f7e12ac4dc34add_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\b93e2ebc2cabbeef65f618be46ee0d6e_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\bb4eaed34370c797524034b4105d8a58_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\c542dcc7d42f61e34499b541e4240013_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\c75e6579f3d2b8ce2b0d100fa5681191_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\c984e0739a146e84f63dcbfdf40c58ce_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\cd177d97bf82ca3c1e812555cc24b2f4_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\d5561f5c27e63495b422d0ac60b40f96_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\d634aa3dfa9dcb24f9e4dfdac32dbf0c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\d99633d630656343851443e729cd4046_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\da6a56c5dfcd6ae9809f9c336e8a162c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\da970e29e278da3a3220a4229a595f34_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\de23b9078e314b93ac2138482f83b343_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\e03b21a7c7f12d1aa304fc6ff5f11250_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\e2208d95305324fd7cc734ddbb1e09e4_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\eb48c9d94aa1fe90f7b9b3f69ba98ffd_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\ec0eb78b21bcd535cc27acffb8f1cf28_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\ed234d8db18ba079fa643e1614ca1a39_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\edf949122d2ee120fb7fe3319ae1841f_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\f1348c29fcf014b32335b67a5a12adf7_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_bd7efb67-ddf5-4a0f-bfde-088bd4029529 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\fa3e2554e6fd47eaea06a551e5af882c_2026ff30-d979-4873-8d9c-d2d1d7742283 - error opening [4]
C:\Users\All Users\Microsoft\User Account Pictures\Administrator.dat - error opening [4]
C:\Users\Brandon Young\NTUSER.DAT - error opening [4]
C:\Users\Brandon Young\ntuser.dat.LOG1 - error opening [4]
C:\Users\Brandon Young\ntuser.dat.LOG2 - error opening [4]
C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Current Session - error opening [4]
C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Current Tabs - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\InputPersonalization\TextHarvesterRestart.sav - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\WebCacheLock.dat - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\1c00b494a4089eb7d4994244a6ba2278[1] » GZIP » 1c00b494a4089eb7d4994244a6ba2278[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\1cffea576f4b5dc232cb7b5294278f5c[1] » GZIP » 1cffea576f4b5dc232cb7b5294278f5c[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\2397b44ec3cb2e6b051a66d6a5605828[1] » GZIP » 2397b44ec3cb2e6b051a66d6a5605828[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\276a282c648b6b1aec09735828544b87[1] » GZIP » 276a282c648b6b1aec09735828544b87[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\31b97725e6ef1f1c313f6405b8e6fe98[1] » GZIP » 31b97725e6ef1f1c313f6405b8e6fe98[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\35da3deb988c0e20cc56713cba3b50e3[1] » GZIP » 35da3deb988c0e20cc56713cba3b50e3[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\4b27ffb982ae5130b37843b16de76960[1] » GZIP » 4b27ffb982ae5130b37843b16de76960[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\5a64d2ca3f252549ea632ed6cf5c9e83[1] » GZIP » 5a64d2ca3f252549ea632ed6cf5c9e83[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\a756d9239364e59bccc029ee31e10126[1] » GZIP » a756d9239364e59bccc029ee31e10126[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\c822fc9b18bc324d93c02165184b1ddf[1] » GZIP » c822fc9b18bc324d93c02165184b1ddf[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\1QBQHSNL\d3cc585df40f4dfaca44d1312d9324a3[1] » GZIP » d3cc585df40f4dfaca44d1312d9324a3[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\248b1fbd1b34b237c417dbbab87b1677[1] » GZIP » 248b1fbd1b34b237c417dbbab87b1677[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\338f9a35195d63d2e8b3c36da11f1b4d[1] » GZIP » 338f9a35195d63d2e8b3c36da11f1b4d[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\356e041ca372dfd1ad9771fd9ae39295[1] » GZIP » 356e041ca372dfd1ad9771fd9ae39295[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\3ab2a52d587994239ae9db509ee80b09[1] » GZIP » 3ab2a52d587994239ae9db509ee80b09[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\69c08ba347798d2fb0b0d1e4fdff93db[1] » GZIP » 69c08ba347798d2fb0b0d1e4fdff93db[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\7c88112ba5e4a054816d4fc8dc98b9ce[1] » GZIP » 7c88112ba5e4a054816d4fc8dc98b9ce[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\8e5abde5a19e9b3316c8e0312b0e3158[1] » GZIP » 8e5abde5a19e9b3316c8e0312b0e3158[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\b57faf16cc9d00b0573fcd02a78f4650[1] » GZIP » b57faf16cc9d00b0573fcd02a78f4650[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\c3e2acd13342600f82fc97d21985c4f9[1] » GZIP » c3e2acd13342600f82fc97d21985c4f9[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\c59398f635ba50ca3ff8679e5f4964c1[1] » GZIP » c59398f635ba50ca3ff8679e5f4964c1[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\564WLKBN\e161171c27d750dee85c6c899ef81570[1] » GZIP » e161171c27d750dee85c6c899ef81570[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\7Y5ZUI6L\392e644bf6d6e718d50f608067ed0ce4[1] » GZIP » 392e644bf6d6e718d50f608067ed0ce4[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\7Y5ZUI6L\aaacc2772b0102dfac19323d56a790e5[1] » GZIP » aaacc2772b0102dfac19323d56a790e5[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\23bf1db826835154ddf28af8f0bb4612[1] » GZIP » 23bf1db826835154ddf28af8f0bb4612[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\3b265e6b5f201a11d8c8e2013641a152[1] » GZIP » 3b265e6b5f201a11d8c8e2013641a152[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\4c81472e5108d82de1389451f5b2cd38[1] » GZIP » 4c81472e5108d82de1389451f5b2cd38[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\56edf5f5e09e91483b1a123836eef437[1] » GZIP » 56edf5f5e09e91483b1a123836eef437[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\8bc1a695066785ebd6973cb0621f5dfe[1] » GZIP » 8bc1a695066785ebd6973cb0621f5dfe[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\9fa55e8211ae55b127cff8ec71075e8c[1] » GZIP » 9fa55e8211ae55b127cff8ec71075e8c[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\afc4e5c75aeb92f6f1b76c13d7b5dec6[1] » GZIP » afc4e5c75aeb92f6f1b76c13d7b5dec6[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\b188f73386410b04c81eb9114ea05752[1] » GZIP » b188f73386410b04c81eb9114ea05752[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\b86e2391727c8f159a53e59585b99203[1] » GZIP » b86e2391727c8f159a53e59585b99203[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\b9b0354c7221afb71149d287fd7cedc5[1] » GZIP » b9b0354c7221afb71149d287fd7cedc5[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\c27a5bfa47a0e4fe4946907e57195126[1] » GZIP » c27a5bfa47a0e4fe4946907e57195126[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\d040b85a99d2710aee467786e282a40c[1] » GZIP » d040b85a99d2710aee467786e282a40c[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\e941cd3d409979fd72420b4395f6c86b[1] » GZIP » e941cd3d409979fd72420b4395f6c86b[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\9SCS99YG\fc721d32fa8f41bf13d7dfe212c900e1[1] » GZIP » fc721d32fa8f41bf13d7dfe212c900e1[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\008590429040e90934fc73d49436e80b[1] » GZIP » 008590429040e90934fc73d49436e80b[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\261ac96766be6b4e913ee7780c669883[1] » GZIP » 261ac96766be6b4e913ee7780c669883[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\2dd1a49538ca6d14ba872ecf21862bac[1] » GZIP » 2dd1a49538ca6d14ba872ecf21862bac[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\4376f023f5f860fc13a774698e25ed7c[1] » GZIP » 4376f023f5f860fc13a774698e25ed7c[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\536d4ba363a9170b62f4bc948ed23871[1] » GZIP » 536d4ba363a9170b62f4bc948ed23871[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\6a6c06bb477ef4f93e30337a8ded0a2a[1] » GZIP » 6a6c06bb477ef4f93e30337a8ded0a2a[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\74838b8b59a90838ed5ddc88cfeb9f8c[1] » GZIP » 74838b8b59a90838ed5ddc88cfeb9f8c[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\88c4bb10cab84e366c3093bfe1d8961e[1] » GZIP » 88c4bb10cab84e366c3093bfe1d8961e[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\9536925d4ec186100f73e111915f2a2d[1] » GZIP » 9536925d4ec186100f73e111915f2a2d[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\ae194ea4a118bc8a7a6ea9d3e5f63a16[1] » GZIP » ae194ea4a118bc8a7a6ea9d3e5f63a16[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\afdcd5f3d0aae6cdabf2e59fd787bcd6[1] » GZIP » afdcd5f3d0aae6cdabf2e59fd787bcd6[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\d6d37aeb5a277b93480617be90b83d3f[1] » GZIP » d6d37aeb5a277b93480617be90b83d3f[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\E28G9U6B\f9f65fd1d2b5d9b7728595a54259815e[1] » GZIP » f9f65fd1d2b5d9b7728595a54259815e[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\FITPNN0C\60a87344d714c2a8eb7130534e74c8b0[1] » GZIP » 60a87344d714c2a8eb7130534e74c8b0[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\053e30555fbbb410e4a38ea077583841[1] » GZIP » 053e30555fbbb410e4a38ea077583841[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\0ce69d49d82d00c4e923460514087fda[1] » GZIP » 0ce69d49d82d00c4e923460514087fda[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\30c01d32d7529536fe031aa2d5cbaaa5[1] » GZIP » 30c01d32d7529536fe031aa2d5cbaaa5[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\676826671b6b8feb9804cbeb52ed5a82[1] » GZIP » 676826671b6b8feb9804cbeb52ed5a82[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\69c08ba347798d2fb0b0d1e4fdff93db[1] » GZIP » 69c08ba347798d2fb0b0d1e4fdff93db[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\7752306a31ff42a4e2f9dc025c73d5e4[1] » GZIP » 7752306a31ff42a4e2f9dc025c73d5e4[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\b7ec9bebb476a45ebd1fae248837d81d[1] » GZIP » b7ec9bebb476a45ebd1fae248837d81d[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\d14a0aac6de0210d727edd1ecacd420e[1] » GZIP » d14a0aac6de0210d727edd1ecacd420e[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\e2589fd974dfd7248221f3970774a5a6[1] » GZIP » e2589fd974dfd7248221f3970774a5a6[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\e6efdbcd51bed22290eefdbde7c7fe96[1] » GZIP » e6efdbcd51bed22290eefdbde7c7fe96[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O08Q3KGV\f7bfe85c2385cfda7f74052223563270[1] » GZIP » f7bfe85c2385cfda7f74052223563270[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O794TSAO\339afd053530b6dfe405cb5c30dae384[1] » GZIP » 339afd053530b6dfe405cb5c30dae384[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O794TSAO\57418ddffabb716b9faaed3ac3f2eb61[1] » GZIP » 57418ddffabb716b9faaed3ac3f2eb61[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O794TSAO\5dbef662e9b95d27d4e51d6e37105852[1] » GZIP » 5dbef662e9b95d27d4e51d6e37105852[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O794TSAO\b949607dd7c5ce3554497b3f17580db8[1] » GZIP » b949607dd7c5ce3554497b3f17580db8[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O794TSAO\ba37e121928923e7420d3f685bf8f1b8[1] » GZIP » ba37e121928923e7420d3f685bf8f1b8[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O794TSAO\bc33bea38722214b103bc0dc21d34a0a[1] » GZIP » bc33bea38722214b103bc0dc21d34a0a[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\O794TSAO\efa640ebb548b0276b2e291219523897[1] » GZIP » efa640ebb548b0276b2e291219523897[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\074b6a72c20d957114a0a6a64442cb78[1] » GZIP » 074b6a72c20d957114a0a6a64442cb78[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\0efbb9931edfa98a2bcf2f162198ea46[1] » GZIP » 0efbb9931edfa98a2bcf2f162198ea46[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\1816a45e79a297bf3d0cec1a8514ddd2[1] » GZIP » 1816a45e79a297bf3d0cec1a8514ddd2[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\1e5f055b183fc5d7bef6efc463f329e4[1] » GZIP » 1e5f055b183fc5d7bef6efc463f329e4[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\1fdd0faa3197260e9913ebf92a6b686a[1] » GZIP » 1fdd0faa3197260e9913ebf92a6b686a[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\22b0e91c60ab153008dc757005c712c4[1] » GZIP » 22b0e91c60ab153008dc757005c712c4[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\5dbef662e9b95d27d4e51d6e37105852[1] » GZIP » 5dbef662e9b95d27d4e51d6e37105852[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\67a78f9b2a68d21d3c955023ab5ed96e[1] » GZIP » 67a78f9b2a68d21d3c955023ab5ed96e[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\67a78f9b2a68d21d3c955023ab5ed96e[2] » GZIP » 67a78f9b2a68d21d3c955023ab5ed96e[2] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\83eec00ff07de52e6812677a2a81a6e1[1] » GZIP » 83eec00ff07de52e6812677a2a81a6e1[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\8fbcc289146bbf25063a730f2f10d1fc[1] » GZIP » 8fbcc289146bbf25063a730f2f10d1fc[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\b6cac4bb5aea13067e2bcaed6d81e8ab[1] » GZIP » b6cac4bb5aea13067e2bcaed6d81e8ab[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\d940cd3b76cf46ac7e99658e7bcf6e93[1] » GZIP » d940cd3b76cf46ac7e99658e7bcf6e93[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\e20eaddf4d16ed24e0c67d8fe410cecd[1] » GZIP » e20eaddf4d16ed24e0c67d8fe410cecd[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\VWG418X6\f7bfe85c2385cfda7f74052223563270[1] » GZIP » f7bfe85c2385cfda7f74052223563270[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\16168947cb7d10fef07d5590a4a30157[1] » GZIP » 16168947cb7d10fef07d5590a4a30157[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\2454c0cd6b7eb4d96e71d6ec1ea1185c[1] » GZIP » 2454c0cd6b7eb4d96e71d6ec1ea1185c[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\267d2575d1e423a37dd3daabe6267794[1] » GZIP » 267d2575d1e423a37dd3daabe6267794[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\331849e04fbf937095f88501747492d0[1] » GZIP » 331849e04fbf937095f88501747492d0[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\38c4f3c6002c59e9c7600f7486e2393d[1] » GZIP » 38c4f3c6002c59e9c7600f7486e2393d[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\39204ad15a4b8525e037a9081bbbe599[1] » GZIP » 39204ad15a4b8525e037a9081bbbe599[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\474e0103fdd618d0b7b3b398c665a0ff[1] » GZIP » 474e0103fdd618d0b7b3b398c665a0ff[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\5a107c43d290f096581028e6cede352b[1] » GZIP » 5a107c43d290f096581028e6cede352b[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\83eec00ff07de52e6812677a2a81a6e1[1] » GZIP » 83eec00ff07de52e6812677a2a81a6e1[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\ac2fec7be5cbd3754f95a0020bdfa227[1] » GZIP » ac2fec7be5cbd3754f95a0020bdfa227[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\b8bd929b906822c1da2ebc197568c719[1] » GZIP » b8bd929b906822c1da2ebc197568c719[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\bda52fdb88d86ec245691d3ded6554db[1] » GZIP » bda52fdb88d86ec245691d3ded6554db[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\c53b16e591d9db03898fbffb9c82e54b[1] » GZIP » c53b16e591d9db03898fbffb9c82e54b[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\c7cc2b7212b4f708939a8aaef94bd288[1] » GZIP » c7cc2b7212b4f708939a8aaef94bd288[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\INetCache\IE\Y0XO6USK\e48863ca99d5f5349c803458dc0b7ade[1] » GZIP » e48863ca99d5f5349c803458dc0b7ade[1] - unpack error
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\SkyDrive\settings\a35e7fc671ce5ec8.dat - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\SkyDrive\settings\a35e7fc671ce5ec8.log - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\WebCache\V01.log - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log - error opening [4]
C:\Users\Brandon Young\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - error opening [4]
C:\Users\Brandon Young\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat - error opening [4]
C:\Users\Brandon Young\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]
C:\Users\Brandon Young\AppData\Local\Packages\WinStore_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]
C:\Users\Brandon Young\AppData\Local\Temp\log.txt - error opening [4]
C:\Users\Brandon Young\AppData\Local\Temp\{D720C8BA-3027-43DB-8231-9924663245C8}.exe » RAR5 » Program Files/Panda Security/Panda Cloud Antivirus/Tools/PandaSecurityTb.exe - incorrect CRC checksum, the file may be damaged
C:\Users\Brandon Young\AppData\Local\Temp\{D720C8BA-3027-43DB-8231-9924663245C8}.exe » RAR5 »  - error reading archive
C:\Users\Brandon Young\AppData\Local\Toshiba\FlashCards\Brightness.txt - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141022_142311.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141022_142317.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141022_142319.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141022_142320.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141123_224910.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141224_141116.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141224_141128.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141224_141129 (2).JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141224_141129.JPG - error opening [4]
C:\Users\Brandon Young\OneDrive.old\Pictures\Camera Roll\BRANDONYOUNG - WIN_20141225_114216.JPG - error opening [4]
C:\Windows\diagerr.xml - error opening [4]
C:\Windows\diagwrn.xml - error opening [4]
C:\Windows\MEMORY.DMP - error opening [4]
C:\Windows\Installer\510b53.msi » MSI » Data1.cab » CAB - error reading archive
C:\Windows\Installer\a7211f8.msi » MSI » required.cab » CAB - error reading archive
C:\Windows\Logs\DPX\setupact.log - error opening [4]
C:\Windows\Logs\DPX\setuperr.log - error opening [4]
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config - error opening [4]
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe.config - error opening [4]
C:\Windows\Panther\UnattendGC\diagerr.xml - error opening [4]
C:\Windows\Panther\UnattendGC\diagwrn.xml - error opening [4]
C:\Windows\Panther\UnattendGC\setupact.log - error opening [4]
C:\Windows\Panther\UnattendGC\setuperr.log - error opening [4]
C:\Windows\PLA\System\System Diagnostics.xml - error opening [4]
C:\Windows\PLA\System\System Performance.xml - error opening [4]
C:\Windows\security\database\secedit.sdb - error opening [4]
C:\Windows\System32\catroot2\edb.log - error opening [4]
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - error opening [4]
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG1 - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG2 - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{f180f6fb-4aa0-11e4-be7e-008cfa6c4335}.TM.blf - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{f180f6fb-4aa0-11e4-be7e-008cfa6c4335}.TMContainer00000000000000000001.regtrans-ms - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{f180f6fb-4aa0-11e4-be7e-008cfa6c4335}.TMContainer00000000000000000002.regtrans-ms - error opening [4]
C:\Windows\System32\restore\MachineGuid.txt - error opening [4]
C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT - error opening [4]
C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT.LOG1 - error opening [4]
C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT.LOG2 - error opening [4]
C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{42b8217c-0b2e-11e3-93f4-90b11c2eb9f2}.TM.blf - error opening [4]
C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{42b8217c-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000001.regtrans-ms - error opening [4]
C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{42b8217c-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000002.regtrans-ms - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\diagerr.xml - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\diagwrn.xml - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\setupact.log - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\setuperr.log - error opening [4]
C:\Windows\System32\winevt\Logs\Application.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Key Management Service.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-All-User-Install-Agent%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Anytime-Upgrade-Events%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppHost%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppID%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ApplicabilityEngine%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application Server-Applications%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application Server-Applications%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Troubleshooter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Inventory.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Telemetry.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Steps-Recorder.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4EXE and DLL.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4MSI and Script.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4Packaged app-Deployment.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4Packaged app-Execution.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppModel-Runtime%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppReadiness%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppReadiness%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeployment%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppxPackaging%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4CaptureMonitor.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4GlitchDetection.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4PlaybackManager.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Authentication User Interface%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Backup.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-BitLocker%4BitLocker Management.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bluetooth-BthLEEnum%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bluetooth-HidBthLE%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bluetooth-MTPEnum%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CertificateServicesClient-Lifecycle-System%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CertificateServicesClient-Lifecycle-User%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CloudStorageWizard%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Compat-Appraiser%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Connected-Search%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CoreApplication%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DAL-Provider%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DataIntegrityScan%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DataIntegrityScan%4CrashRecovery.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DateTimeControlPanel%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSetupManager%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSetupManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSync%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DhcpNap%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PCW%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnostic%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticResolver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DSC%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-EapHost%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-EapMethods-RasChap%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-EapMethods-RasTls%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-EapMethods-Sim%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-EapMethods-Ttls%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-EventCollector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-FileHistory-Core%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-FileHistory-Engine%4BackupLog.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-FileManagerApp%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-FileManagerDataModel%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-FMS%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Folder Redirection%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Forwarding%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GenericRoaming%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Control Panel%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Listener Service%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Provider Service%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HotspotAuth%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-IdCtrls%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-IKE%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International-RegionalOptionsControlPanel%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Iphlpsvc%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-KdsSvc%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-ApphelpCache%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-EventTracing%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-PnP%4Configuration.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-PnPConfig%4Configuration.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LiveId%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MemoryDiagnostics-Results%4Debug.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Mobile-Broadband-Experience-Parser-Task%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Mobile-Broadband-Experience-SmsRouter%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Mprddm%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NcdAutoSetup%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NCSI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NdisImPlatform%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkLocationWizard%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkProvisioning%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NlaSvc%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NTLM%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-OOBE-Machine-DUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PackageStateRoaming%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls-Telemetry%4Auditing.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls-Telemetry%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Policy%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PowerShell%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PowerShell%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PowerShell-DesiredStateConfiguration-FileDownloadManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PrintService%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RasClusterResource%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoostDriver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Regsvr32%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteApp and Desktop Connections%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteApp and Desktop Connections%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteDesktopServices-RdpCoreTS%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteDesktopServices-SessionServices%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SearchUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-Audit-Configuration-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-EnterpriseData-FileRevocationManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-Netlogon%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-SPP-UX-GenuineCenter-Logging%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-SPP-UX-Notifications%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-UserConsentVerifier%4Audit.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Debug.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-ConnectedAccountState%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmartCard-Audit%4Authentication.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmartCard-DeviceEnum%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmartCard-TPM-VCard-Module%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmartCard-TPM-VCard-Module%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Connectivity.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Connectivity.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-StorageSpaces-Driver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-StorageSpaces-ManagementAgent%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Store%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Superfetch%4AgmcOperation.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SystemSettings%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Maintenance.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TCPIP%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-ClientUSBDevices%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-ClientUSBDevices%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-PnPDevices%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-PnPDevices%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-Printers%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-Printers%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TWinUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TZSync%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TZUtil%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-User Control Panel%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-User-Loader%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UserPnp%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UserPnp%4DeviceInstall.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-VDRVROOT%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-VerifyHardwareSecurity%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-VHDMP%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-VPN%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-VPN-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Wcmsvc%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WFP%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsBackup%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsSystemAssessmentTool%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WinRM%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Wired-AutoConfig%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WorkFolders%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WorkFolders%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Workplace Join%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WPD-ClassInstaller%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WPD-CompositeClassDriver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WPD-MTPClassDriver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WWAN-SVC-Events%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-WS-Licensing%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\OAlerts.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Setup.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\SMSApi.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Spybot - Search and Destroy.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\System.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Windows PowerShell.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\WitnessClientAdmin.evtx - error opening [4]
C:\Windows\SysWOW64\log.txt - error opening [4]
C:\Windows\Tasks\Adobe Flash Player Updater.job - error opening [4]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - error opening [4]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - error opening [4]
C:\Windows\WinSxS\amd64_microsoft-windows-c..rformance-perftrack_31bf3856ad364e35_6.3.9600.17031_none_4cc488c51eb1e585\traceanonconfig.xml - error opening [4]
C:\Windows\WinSxS\amd64_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.3.9600.16384_none_c1ecf0b709f6bdc7\dnary.xsd - error opening [4]
Number of scanned objects: 351721
Number of threats found: 0
Time of completion: 2:29:53 PM  Total scanning time: 7279 sec (02:01:19)
 
Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.
 
I did not find any infections am I not infected or is there something else wrong because my computer does go slow. What about a Program named Andy the Android Emulator or Bluestacks App. Andy th Android Emulator is signed by Safe Search Inc.


#9 Brandonyoung34372

Brandonyoung34372
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 10 January 2015 - 12:49 PM

Player/#SharedObjects/9TBM3UNV/unblocker.thesyndicationserver.co.uk/US_FARM_unblocker.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol - error - password-protected file

 

And I saw this in the log and looked up the site, Is it a safe site? and if not why is this even here?



#10 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:02:49 PM

Posted 10 January 2015 - 02:43 PM

Please post a fresh FRST log for my review. The above logfile is from the ESET Onlinescan? :scratchhead:


regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#11 Brandonyoung34372

Brandonyoung34372
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 10 January 2015 - 03:36 PM

Player/#SharedObjects/9TBM3UNV/unblocker.thesyndicationserver.co.uk/US_FARM_unblocker.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol - error - password-protected file Is from the ESET Scan. Nothing came up  for the Found objects or Detections. I scrolled through the lst and found this in the log was asking if it wassafe or not. Sorry If Im making you job harder then it should be. 

 

Heres the FRST Log: 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2015

Ran by -Brandon Young- (administrator) on BRANDONYOUNG on 10-01-2015 17:32:36
Running from C:\Users\Brandon Young\Downloads
Loaded Profile: -Brandon Young- (Available profiles: -Brandon Young-)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Farbar) C:\Users\Brandon Young\Downloads\FRST64 (2).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-10] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2717176 2013-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [771240 2015-01-09] (Webroot)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [SkypeVoiceChanger] => C:\Program Files (x86)\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [LightShot] => C:\Users\Brandon Young\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\...\Run: [AVG-Secure-Search-Update_1014av] => C:\Users\Brandon Young\AppData\Roaming\Avg_Update_1014av\AVG-Secure-Search-Update_1014av.exe /PROMPT /mid=d2b056fd5f3a47d29d364911cce7e94a-78f932fb227216aeafeeb50fab57534a8d4ab72f /CMPID=1014av
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.toshiba.com?cid=J13
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://home.toshiba.com?cid=J13
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.toshiba.com?cid=J13
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.toshiba.com?cid=J13
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2422473469-3821547915-1951462274-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba13.msn.com/?pc=TNJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Brandon Young\AppData\Roaming\Mozilla\Firefox\Profiles\3py3e3dy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2422473469-3821547915-1951462274-1001: @nsroblox.roblox.com/launcher -> C:\Users\Brandon Young\AppData\Local\Roblox\Versions\version-d2af929835a34f18\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2422473469-3821547915-1951462274-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Brandon Young\AppData\Local\Roblox\Versions\version-d2af929835a34f18\\NPRobloxProxy64.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2422473469-3821547915-1951462274-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brandon Young\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-11]
CHR Extension: (Theme Creator) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2015-01-08]
CHR Extension: (Facebook Video Downloader) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2014-12-19]
CHR Extension: (Google Docs) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Adblock Plus) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-07]
CHR Extension: (Google Search) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Google Play Music) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-01-08]
CHR Extension: (Google Sheets) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-11]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-10-11]
CHR Extension: (Bing Rewards Helper) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\neodenankcjdlhndmpcffjmcealafaig [2015-01-04]
CHR Extension: (Google Wallet) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-11]
CHR Extension: (Webroot Password Manager) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Brandon Young\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.40.crx [2014-10-11]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-10-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-06-26] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-04-10] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2014-12-21] (WildTangent)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165488 2012-12-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [771240 2015-01-09] (Webroot)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-06-26] (Broadcom Corporation.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2015-01-09] (Webroot)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-10 17:32 - 2015-01-10 17:32 - 02124288 _____ (Farbar) C:\Users\Brandon Young\Downloads\FRST64 (2).exe
2015-01-10 16:41 - 2015-01-10 16:41 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-01-10 12:10 - 2015-01-10 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-01-10 12:10 - 2015-01-10 12:10 - 00000000 ____D () C:\ProgramData\ESET
2015-01-10 12:10 - 2015-01-10 12:10 - 00000000 ____D () C:\Program Files\ESET
2015-01-10 11:53 - 2015-01-10 11:53 - 00000000 ___HD () C:\OneDriveTemp
2015-01-10 11:52 - 2015-01-10 11:52 - 01761992 _____ (ESET) C:\Users\Brandon Young\Downloads\eset_nod32_antivirus_live_installer.exe
2015-01-09 18:47 - 2015-01-09 18:47 - 00001768 _____ () C:\Users\Brandon Young\Desktop\AdwCleaner[R0].txt
2015-01-09 08:44 - 2015-01-10 00:26 - 00000000 ____D () C:\AdwCleaner
2015-01-09 08:43 - 2015-01-09 08:43 - 02191360 _____ () C:\Users\Brandon Young\Downloads\adwcleaner_4.107.exe
2015-01-09 08:41 - 2015-01-10 15:58 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 08:41 - 2015-01-09 08:41 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-09 08:41 - 2015-01-09 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-09 08:41 - 2015-01-09 08:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-09 08:41 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-09 08:41 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-09 08:41 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-09 08:40 - 2015-01-09 08:40 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Brandon Young\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-09 00:47 - 2015-01-09 00:48 - 02124288 _____ (Farbar) C:\Users\Brandon Young\Downloads\FRST64 (1).exe
2015-01-02 23:41 - 2015-01-02 23:48 - 00000000 ___RD () C:\Users\Brandon Young\Downloads\DeviceDoctor.Opener_mkdtfchztkfbm!App
2015-01-02 20:23 - 2015-01-02 20:23 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Brandon Young\Downloads\SpyHunter-Installer (1).exe
2015-01-02 01:06 - 2015-01-02 01:06 - 01649936 _____ () C:\Users\Brandon Young\Downloads\PANDAAP15 (1).exe
2015-01-02 00:56 - 2015-01-02 00:56 - 763972937 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-02 00:56 - 2015-01-02 00:56 - 00284720 _____ () C:\WINDOWS\Minidump\010215-39640-01.dmp
2015-01-02 00:56 - 2015-01-02 00:56 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-02 00:51 - 2015-01-02 00:52 - 05198336 _____ (AVAST Software) C:\Users\Brandon Young\Downloads\aswMBR.exe
2015-01-02 00:29 - 2015-01-09 00:50 - 00036748 _____ () C:\Users\Brandon Young\Desktop\FRST.txt
2015-01-02 00:26 - 2015-01-09 00:53 - 00027733 _____ () C:\Users\Brandon Young\Downloads\Addition.txt
2015-01-02 00:25 - 2015-01-10 17:32 - 00021188 _____ () C:\Users\Brandon Young\Downloads\FRST.txt
2015-01-02 00:24 - 2015-01-10 17:32 - 00000000 ____D () C:\FRST
2015-01-02 00:24 - 2015-01-02 00:24 - 02123264 _____ (Farbar) C:\Users\Brandon Young\Downloads\FRST64.exe
2015-01-02 00:24 - 2015-01-02 00:24 - 01114624 _____ (Farbar) C:\Users\Brandon Young\Downloads\FRST.exe
2015-01-01 23:18 - 2015-01-01 23:18 - 01649936 _____ () C:\Users\Brandon Young\Downloads\PANDAAP15.exe
2015-01-01 23:18 - 2015-01-01 23:18 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-01 21:53 - 2015-01-01 21:57 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-01 21:53 - 2015-01-01 21:53 - 00001418 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-01 21:53 - 2015-01-01 21:53 - 00001406 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-01 21:53 - 2015-01-01 21:53 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-01-01 21:53 - 2015-01-01 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-01 21:53 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-01-01 21:50 - 2015-01-01 21:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Brandon Young\Downloads\spybot-2.4.exe
2015-01-01 21:45 - 2015-01-01 23:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-01 21:45 - 2015-01-01 21:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2015-01-01 21:42 - 2015-01-01 21:43 - 16409960 _____ (Safer Networking Limited ) C:\Users\Brandon Young\Downloads\spybotsd162.exe
2014-12-29 02:02 - 2014-12-29 02:03 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Brandon Young\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-29 00:35 - 2013-08-21 12:42 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2014-12-29 00:25 - 2013-10-15 16:03 - 00111488 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\THAccel.sys
2014-12-27 04:36 - 2014-12-27 04:36 - 00000006 _____ () C:\Users\Brandon Young\Desktop\sdavaaaaaaaaaaaaaaaaaaaaaaaaa.txt
2014-12-25 17:19 - 2014-12-25 17:19 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\sMedio
2014-12-25 16:08 - 2014-12-25 16:08 - 01294830 _____ () C:\Users\Brandon Young\Desktop\gvgvgvgvgv.log
2014-12-25 12:06 - 2015-01-10 11:53 - 00000000 ____D () C:\Users\Brandon Young\OneDrive
2014-12-24 02:29 - 2014-12-24 02:29 - 02777719 _____ () C:\Users\Brandon Young\Downloads\facebook-BrandonYoung343.zip
2014-12-19 01:00 - 2014-12-19 01:00 - 00323300 _____ () C:\Users\Brandon Young\Desktop\10823590_766496683397971_969325336_n.mp4
2014-12-19 00:54 - 2014-12-19 00:54 - 03314383 _____ () C:\Users\Brandon Young\Desktop\10823932_766494533398186_596768922_n.mp4
2014-12-19 00:41 - 2014-12-19 00:41 - 03277647 _____ () C:\Users\Brandon Young\Desktop\10829521_766489193398720_1757110758_n.mp4
2014-12-13 19:30 - 2014-12-13 19:30 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-12 23:38 - 2014-12-12 23:38 - 00199035 _____ () C:\Users\Brandon Young\Desktop\avadfvadfva.rbxl
2014-12-12 22:13 - 2014-12-12 22:13 - 00270384 _____ () C:\Users\Brandon Young\Desktop\wafavavava.rbxl
2014-12-11 05:42 - 2014-12-11 05:42 - 00274971 _____ () C:\Users\Brandon Young\Desktop\afadfasfasdfasdfdasdf.rbxl
2014-12-11 02:50 - 2014-12-03 20:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 02:50 - 2014-12-03 20:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 02:50 - 2014-12-02 20:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 02:50 - 2014-11-09 23:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 02:50 - 2014-11-09 22:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 02:49 - 2014-10-31 20:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 02:49 - 2014-10-31 20:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 02:49 - 2014-10-30 20:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 02:49 - 2014-10-30 20:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 02:45 - 2014-11-22 00:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 02:45 - 2014-11-21 23:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 02:45 - 2014-11-21 23:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 02:45 - 2014-11-21 23:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 02:45 - 2014-11-21 23:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 02:45 - 2014-11-21 23:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 02:45 - 2014-11-21 23:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 02:45 - 2014-11-21 23:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 02:45 - 2014-11-21 23:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 02:45 - 2014-11-21 23:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 02:45 - 2014-11-21 23:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 02:45 - 2014-11-21 23:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 02:45 - 2014-11-21 23:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 02:45 - 2014-11-21 23:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 02:45 - 2014-11-21 23:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 02:45 - 2014-11-21 22:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 02:45 - 2014-11-21 22:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 02:45 - 2014-11-21 22:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 02:45 - 2014-11-21 22:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 02:45 - 2014-11-21 22:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 02:45 - 2014-11-21 22:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 02:45 - 2014-11-21 22:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 02:45 - 2014-11-21 22:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 02:45 - 2014-11-21 22:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 02:45 - 2014-11-21 22:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 02:45 - 2014-11-21 22:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 02:45 - 2014-11-21 22:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 02:45 - 2014-11-21 22:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 02:45 - 2014-11-21 22:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 02:45 - 2014-11-21 22:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 02:45 - 2014-11-21 22:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 02:45 - 2014-11-21 22:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 02:45 - 2014-11-21 22:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 02:45 - 2014-11-21 22:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 02:45 - 2014-11-21 22:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 02:45 - 2014-11-21 22:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 02:45 - 2014-11-21 22:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 02:45 - 2014-11-21 21:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 02:45 - 2014-11-21 21:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 02:45 - 2014-11-07 01:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 02:45 - 2014-11-07 00:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 02:45 - 2014-10-12 23:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 02:45 - 2014-10-12 23:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 02:45 - 2014-10-12 23:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 02:45 - 2014-10-12 23:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-10 17:22 - 2014-10-07 22:04 - 01618530 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-10 17:08 - 2014-10-31 05:29 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-10 17:00 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-10 16:44 - 2014-03-18 07:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-10 16:41 - 2013-08-22 11:46 - 00289913 _____ () C:\WINDOWS\setupact.log
2015-01-10 15:47 - 2014-10-04 16:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2422473469-3821547915-1951462274-1001
2015-01-10 14:31 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-10 00:58 - 2014-10-05 02:19 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\Skype
2015-01-10 00:30 - 2014-10-11 18:02 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-10 00:28 - 2014-10-11 17:49 - 00000770 _____ () C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2015-01-10 00:28 - 2014-03-18 06:54 - 00799088 _____ () C:\WINDOWS\PFRO.log
2015-01-10 00:28 - 2013-08-22 11:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-10 00:27 - 2014-10-11 17:49 - 00000000 ____D () C:\ProgramData\WRData
2015-01-10 00:27 - 2014-10-07 21:54 - 00000000 ____D () C:\Users\Brandon Young
2015-01-10 00:27 - 2013-08-22 10:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-09 09:08 - 2014-10-11 17:49 - 00153256 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2015-01-09 09:08 - 2014-10-11 17:49 - 00114176 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
2015-01-09 09:08 - 2014-10-11 17:49 - 00103816 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2015-01-08 22:10 - 2014-10-30 22:55 - 00001387 _____ () C:\Users\Brandon Young\Desktop\ROBLOX Player.lnk
2015-01-08 22:10 - 2014-10-30 22:53 - 00001202 _____ () C:\Users\Brandon Young\Desktop\ROBLOX Studio.lnk
2015-01-08 22:10 - 2014-10-30 22:53 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2015-01-05 23:51 - 2014-10-08 03:35 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\CrashDumps
2015-01-03 02:33 - 2014-10-21 03:34 - 00001211 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-01-03 02:33 - 2014-10-21 03:34 - 00001199 _____ () C:\Users\Public\Desktop\paint.net.lnk
2015-01-03 02:33 - 2014-10-21 03:34 - 00000000 ____D () C:\Program Files\paint.net
2015-01-02 23:40 - 2014-10-02 10:08 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\Packages
2015-01-02 01:00 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-02 00:56 - 2013-05-10 04:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-29 18:28 - 2014-10-05 02:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-29 18:25 - 2014-10-30 21:46 - 00000059 _____ () C:\Users\Brandon Young\AppData\Local\UserProducts.xml
2014-12-29 18:25 - 2014-10-30 21:46 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-12-29 00:35 - 2014-03-24 04:14 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-25 12:06 - 2014-10-07 22:27 - 00000000 __RDO () C:\Users\Brandon Young\OneDrive.old
2014-12-25 10:56 - 2014-10-07 22:35 - 00003974 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D0824DB7-9EAA-4609-A3E9-BAD372D15A76}
2014-12-24 17:14 - 2014-10-05 02:19 - 00000000 ____D () C:\ProgramData\Skype
2014-12-24 16:51 - 2014-10-31 05:27 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\Adobe
2014-12-24 16:48 - 2014-10-31 05:29 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-21 02:04 - 2013-05-10 04:32 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-12-20 22:56 - 2014-11-22 03:23 - 00000000 ____D () C:\Users\Brandon Young\AppData\Roaming\.minecraft
2014-12-18 18:42 - 2012-07-26 04:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-16 20:03 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-13 19:30 - 2014-10-05 16:54 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 18:14 - 2014-10-11 18:03 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 17:11 - 2014-10-02 11:37 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-12 15:18 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 15:18 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 15:17 - 2014-10-02 11:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 21:41 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 05:22 - 2014-10-04 00:43 - 00000000 ____D () C:\Users\Brandon Young\AppData\Local\Roblox
 
Some content of TEMP:
====================
C:\Users\Brandon Young\AppData\Local\Temp\InstHelper.exe
C:\Users\Brandon Young\AppData\Local\Temp\Quarantine.exe
C:\Users\Brandon Young\AppData\Local\Temp\sqlite3.dll
C:\Users\Brandon Young\AppData\Local\Temp\{D720C8BA-3027-43DB-8231-9924663245C8}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-29 06:23
 
==================== End Of Log ============================


#12 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:02:49 PM

Posted 11 January 2015 - 01:57 AM

No problem :). When exactly is the system slow? Only at startup? Please disable AVG completely and reboot.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#13 Brandonyoung34372

Brandonyoung34372
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 11 January 2015 - 01:41 PM

The System is slow when I open something up like Skype, Google Chrome and Steam. This computer is suppose to be able to handle all that. Could it just need updated? And alright Ill disable the AVG.



#14 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:02:49 PM

Posted 12 January 2015 - 03:49 AM

Sometimes the av program can slowdown the system. That's why I asked you to disable AVG and reboot. Is the system still slow when AVG is disabled?
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#15 Brandonyoung34372

Brandonyoung34372
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 13 January 2015 - 04:39 PM

I couldn't find the Avg program....It didnt show up in the program list. But I do recall seeing the Avg program process running in task manager when I have to go in it.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users