Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware issues and now a problem with Chrome


  • This topic is locked This topic is locked
34 replies to this topic

#1 Zaria

Zaria

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 15 February 2015 - 02:19 PM

My mom is having malware issues with this laptop (Trojan Win 32 Malware Gen and various PUPS) - I ran scans with Avast (needed a boot time scan to get the Trojan), Malwarebytes and Superantispyware which are now coming up clean but she's still having a problem with Google chrome. Whenever it's opened before you even search for anything Malwarebytes pops up with "Malicious Website blocked", every single time without fail.

 

Not sure what's wrong but she uses this laptop for banking etc. and is now uncomfortable/feels unsafe using it.

 

Any help appreciated.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by BrendaB (administrator) on BRENDA on 15-02-2015 11:44:51
Running from C:\Users\BrendaB\Desktop
Loaded Profiles: BrendaB (Available profiles: BrendaB & Guest)
Platform: Windows 8 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Spotify Ltd) C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2014-02-26] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-30] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-03] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2014-03-11] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-02-05] (SUPERAntiSpyware)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Google Update] => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-26] (Google Inc.)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Spotify Web Helper] => C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-27] (Spotify Ltd)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/search?FORM=INCOH1&PC=IC02
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> DefaultScope {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> URL http://search.conduit.com/Results.aspx?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP09BE6171-9CD9-4611-A8F1-F83740EFA184&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {BA10A51A-167E-44CA-9362-8DCB9F7A6EBF} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.bing.com/search?FORM=INCOH1&PC=IC02
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/O1DPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=3 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=9 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BrendaB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Media Hint - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\mediahint@jetpack.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-26]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-26]
CHR Extension: (Google Drive) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-26]
CHR Extension: (Google Search) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-26]
CHR Extension: (Elite Unzip) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea [2015-02-14]
CHR Extension: (Solution Real) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gajmlbhaikobfinipefjoonopbfdkpcl [2015-01-31]
CHR Extension: (Avast Online Security) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-03-11]
CHR Extension: (SnapMyScreen) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhimebnnaphjchlhcdgdlbfmlbbbaank [2015-01-30]
CHR Extension: (iLivid) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-02-05] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-31] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92560 2014-02-26] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-30] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
S2 ClaraUpdater; C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-31] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-15] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-31] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 11:44 - 2015-02-15 11:45 - 00024189 _____ () C:\Users\BrendaB\Desktop\FRST.txt
2015-02-15 11:43 - 2015-02-15 11:44 - 00000000 ____D () C:\FRST
2015-02-15 11:41 - 2015-02-15 11:41 - 02134528 _____ (Farbar) C:\Users\BrendaB\Desktop\FRST64.exe
2015-02-15 11:21 - 2015-02-15 11:23 - 00000197 _____ () C:\Windows\system32\2015-02-15-11-21-48.002-AvastVBoxSVC.exe-3436.log
2015-02-15 10:53 - 2015-02-15 10:54 - 00000197 _____ () C:\Windows\system32\2015-02-15-10-53-13.011-AvastVBoxSVC.exe-3656.log
2015-02-14 19:53 - 2015-02-14 19:53 - 08503296 _____ () C:\Users\BrendaB\Documents\main.db
2015-02-14 19:53 - 2015-02-14 19:51 - 00201608 _____ () C:\Users\BrendaB\Documents\main.db-journal
2015-02-14 18:13 - 2015-02-14 18:14 - 00000197 _____ () C:\Windows\system32\2015-02-14-18-13-21.046-AvastVBoxSVC.exe-2152.log
2015-02-14 17:10 - 2015-02-14 17:12 - 00000197 _____ () C:\Windows\system32\2015-02-14-17-10-32.097-AvastVBoxSVC.exe-2292.log
2015-02-13 14:27 - 2015-01-15 11:44 - 00588288 ____N (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-02-13 14:27 - 2015-01-15 11:43 - 01282560 ____N (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 14:27 - 2015-01-15 10:00 - 00452608 ____N (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 02237952 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 01627648 ____N (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 01409536 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 00915968 ____N (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-02-13 14:27 - 2015-01-12 06:47 - 02655744 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 14:27 - 2015-01-12 05:07 - 01762816 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 14:27 - 2015-01-12 05:07 - 01181696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 14:27 - 2015-01-12 05:06 - 02055168 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 14:27 - 2014-12-08 06:48 - 00391168 ____N (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 14:25 - 2014-12-18 06:50 - 00723968 ____N (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-13 14:25 - 2014-11-26 06:43 - 00778240 ____N (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 14:25 - 2014-11-26 04:50 - 00567808 ____N (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 14:14 - 2015-02-15 10:44 - 00000000 ____D () C:\410ded665ceef920ed1a
2015-02-10 20:43 - 2015-02-10 20:43 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Unity
2015-02-05 23:32 - 2015-02-05 23:34 - 00000197 _____ () C:\Windows\system32\2015-02-05-23-32-35.061-AvastVBoxSVC.exe-3012.log
2015-02-05 21:27 - 2015-02-05 21:27 - 00000000 ____D () C:\Windows\pss
2015-02-05 20:39 - 2015-02-05 20:39 - 00000197 _____ () C:\Windows\system32\2015-02-05-20-39-00.031-AvastVBoxSVC.exe-2868.log
2015-02-05 18:47 - 2015-02-05 18:47 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-47-35.054-AvastVBoxSVC.exe-3532.log
2015-02-05 18:03 - 2015-02-05 18:06 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-03-20.051-AvastVBoxSVC.exe-3004.log
2015-02-05 17:28 - 2015-02-05 17:29 - 00000197 _____ () C:\Windows\system32\2015-02-05-17-28-55.008-AvastVBoxSVC.exe-2876.log
2015-02-04 10:45 - 2015-02-04 10:45 - 00003278 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1465268432-4247279613-3226374191-1001
2015-02-04 10:41 - 2015-02-04 10:41 - 00000197 _____ () C:\Windows\system32\2015-02-04-10-41-07.048-AvastVBoxSVC.exe-3320.log
2015-02-04 10:37 - 2015-02-04 10:37 - 00430392 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-03 19:13 - 2015-02-03 19:14 - 00002200 _____ () C:\Users\BrendaB\Desktop\chrome.lnk
2015-02-03 19:09 - 2015-02-03 19:09 - 00000197 _____ () C:\Windows\system32\2015-02-03-19-09-10.042-AvastVBoxSVC.exe-3020.log
2015-02-03 13:01 - 2015-02-03 13:01 - 00000247 _____ () C:\Windows\system32\2015-02-03-13-01-55.009-aswFe.exe-1924.log
2015-02-03 12:53 - 2015-02-03 13:01 - 00000247 _____ () C:\Windows\system32\2015-02-03-12-53-40.021-aswFe.exe-3568.log
2015-02-03 12:53 - 2015-02-03 12:53 - 00000197 _____ () C:\Windows\system32\2015-02-03-12-53-34.055-AvastVBoxSVC.exe-5716.log
2015-02-03 12:43 - 2014-10-09 04:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-02-03 12:43 - 2014-10-09 04:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-02-03 12:43 - 2014-10-09 04:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-02-03 12:43 - 2014-10-09 03:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-02-03 12:43 - 2014-10-09 03:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-02-03 12:35 - 2014-07-15 22:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-02-03 12:33 - 2015-02-15 11:16 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-02-03 12:26 - 2015-02-15 11:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-03 12:25 - 2015-02-03 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2015-02-03 12:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-03 12:25 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-03 10:59 - 2015-02-03 10:59 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-03 10:59 - 2015-01-31 09:39 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-03 10:52 - 2015-02-03 10:52 - 05006864 _____ (AVAST Software) C:\Users\BrendaB\Downloads\avast_free_antivirus_setup_online.exe
2015-02-03 10:49 - 2015-02-03 18:28 - 00000000 ____D () C:\Program Files (x86)\dab2ae2d-a46a-4825-8298-8c6b2d194993
2015-02-03 10:49 - 2015-02-03 10:49 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\globalUpdate
2015-02-03 10:48 - 2015-02-03 10:48 - 00003654 _____ () C:\Windows\System32\Tasks\PostPoneInstall
2015-02-02 19:06 - 2015-02-02 19:07 - 00000197 _____ () C:\Windows\system32\2015-02-02-19-06-25.033-AvastVBoxSVC.exe-2880.log
2015-02-02 17:36 - 2015-02-02 17:36 - 00000197 _____ () C:\Windows\system32\2015-02-02-17-36-29.014-AvastVBoxSVC.exe-2856.log
2015-02-02 17:20 - 2015-02-02 17:22 - 00000197 _____ () C:\Windows\system32\2015-02-02-17-20-06.010-AvastVBoxSVC.exe-2880.log
2015-02-02 17:04 - 2015-02-02 17:05 - 00000197 _____ () C:\Windows\system32\2015-02-02-17-04-52.044-AvastVBoxSVC.exe-2848.log
2015-02-02 16:27 - 2015-02-02 16:27 - 00000197 _____ () C:\Windows\system32\2015-02-02-16-27-26.024-AvastVBoxSVC.exe-3428.log
2015-02-02 03:15 - 2015-02-02 03:15 - 00000197 _____ () C:\Windows\system32\2015-02-02-03-15-16.061-AvastVBoxSVC.exe-3024.log
2015-02-02 02:22 - 2015-02-02 02:22 - 00000197 _____ () C:\Windows\system32\2015-02-02-02-22-24.036-AvastVBoxSVC.exe-2932.log
2015-02-02 02:16 - 2015-02-02 02:16 - 00000197 _____ () C:\Windows\system32\2015-02-02-02-16-18.080-AvastVBoxSVC.exe-2784.log
2015-02-02 01:34 - 2015-02-02 01:34 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair (1).exe
2015-02-02 01:32 - 2015-02-02 01:32 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair.exe
2015-02-01 13:50 - 2015-02-01 13:52 - 00000197 _____ () C:\Windows\system32\2015-02-01-13-50-21.054-AvastVBoxSVC.exe-3896.log
2015-02-01 13:29 - 2015-02-01 13:29 - 00000197 _____ () C:\Windows\system32\2015-02-01-13-29-58.048-AvastVBoxSVC.exe-4428.log
2015-02-01 13:11 - 2015-02-01 13:11 - 00000197 _____ () C:\Windows\system32\2015-02-01-13-11-16.066-AvastVBoxSVC.exe-2920.log
2015-02-01 12:19 - 2015-02-01 12:19 - 00000197 _____ () C:\Windows\system32\2015-02-01-12-19-21.016-AvastVBoxSVC.exe-2868.log
2015-02-01 11:37 - 2015-02-01 11:37 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-37-01.035-AvastVBoxSVC.exe-5080.log
2015-02-01 11:09 - 2015-02-01 11:09 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-09-53.078-AvastVBoxSVC.exe-2848.log
2015-01-31 22:36 - 2015-01-31 22:36 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-36-18.070-AvastVBoxSVC.exe-2876.log
2015-01-31 22:28 - 2015-01-31 22:28 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-28-12.003-AvastVBoxSVC.exe-3352.log
2015-01-31 22:15 - 2015-01-31 22:15 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-15-24.014-AvastVBoxSVC.exe-4688.log
2015-01-31 22:05 - 2015-01-31 22:05 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-05-43.039-AvastVBoxSVC.exe-2988.log
2015-01-31 21:51 - 2015-01-31 21:51 - 00000197 _____ () C:\Windows\system32\2015-01-31-21-51-32.033-AvastVBoxSVC.exe-5620.log
2015-01-31 21:30 - 2015-01-31 21:30 - 00000197 _____ () C:\Windows\system32\2015-01-31-21-30-52.006-AvastVBoxSVC.exe-3404.log
2015-01-31 21:05 - 2015-01-31 21:05 - 00000197 _____ () C:\Windows\system32\2015-01-31-21-05-18.016-AvastVBoxSVC.exe-4576.log
2015-01-31 20:51 - 2015-01-31 20:51 - 00000197 _____ () C:\Windows\system32\2015-01-31-20-51-04.039-AvastVBoxSVC.exe-4660.log
2015-01-31 20:23 - 2015-01-31 20:23 - 00000197 _____ () C:\Windows\system32\2015-01-31-20-23-04.039-AvastVBoxSVC.exe-3940.log
2015-01-31 19:33 - 2015-01-31 19:33 - 00000000 ____D () C:\Users\BrendaB\Documents\ROBLOX
2015-01-31 19:09 - 2015-01-31 19:09 - 00000197 _____ () C:\Windows\system32\2015-01-31-19-09-50.036-AvastVBoxSVC.exe-2804.log
2015-01-31 18:35 - 2015-02-02 04:19 - 00000000 __SHD () C:\Recovery
2015-01-31 18:30 - 2015-01-31 18:30 - 00262144 _____ () C:\Windows\system32\config\userdiff
2015-01-31 17:02 - 2015-02-02 03:38 - 00003107 _____ () C:\Windows\comsetup.log
2015-01-31 16:56 - 2015-01-31 16:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia
2015-01-31 15:38 - 2015-02-02 03:45 - 00064773 _____ () C:\Windows\diagwrn.xml
2015-01-31 15:38 - 2015-02-02 03:45 - 00064773 _____ () C:\Windows\diagerr.xml
2015-01-31 15:32 - 2015-01-31 19:33 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Roblox
2015-01-31 15:32 - 2015-01-31 15:32 - 00639856 _____ (ROBLOX Corporation) C:\Users\BrendaB\Downloads\RobloxPlayerLauncher.exe
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\Documents\CyberLink
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\CyberLink
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Software
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Cyberlink
2015-01-31 12:09 - 2015-01-31 12:09 - 00000197 _____ () C:\Windows\system32\2015-01-31-12-09-14.098-AvastVBoxSVC.exe-5180.log
2015-01-31 11:35 - 2015-01-31 11:35 - 00000197 _____ () C:\Windows\system32\2015-01-31-11-35-09.087-AvastVBoxSVC.exe-428.log
2015-01-31 09:57 - 2015-01-31 09:57 - 00000247 _____ () C:\Windows\system32\2015-01-31-09-57-18.053-aswFe.exe-1872.log
2015-01-31 09:52 - 2015-01-31 09:57 - 00000247 _____ () C:\Windows\system32\2015-01-31-09-52-40.048-aswFe.exe-1676.log
2015-01-31 09:52 - 2015-01-31 09:52 - 00000197 _____ () C:\Windows\system32\2015-01-31-09-52-37.036-AvastVBoxSVC.exe-5912.log
2015-01-31 09:44 - 2015-02-02 16:20 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-31 09:44 - 2015-02-02 16:20 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-31 09:40 - 2015-02-15 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-31 09:39 - 2015-01-31 09:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-31 09:35 - 2015-01-31 09:35 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-01-31 08:58 - 2015-01-31 08:58 - 00757336 _____ (DownloadAstro) C:\Users\Guest\Downloads\grand_theft_auto_v.exe
2015-01-31 08:56 - 2015-01-31 08:56 - 00016945 _____ () C:\Users\Guest\Downloads\Grand.Theft.Auto.5.PC (2).torrent
2015-01-31 08:56 - 2015-01-31 08:56 - 00016945 _____ () C:\Users\Guest\Downloads\Grand.Theft.Auto.5.PC (1).torrent
2015-01-31 08:54 - 2015-01-31 08:54 - 00016945 _____ () C:\Users\Guest\Downloads\Grand.Theft.Auto.5.PC.torrent
2015-01-31 08:25 - 2015-01-31 08:25 - 00004535 _____ () C:\Users\Guest\AppData\Roaming\CamStudio.cfg
2015-01-31 08:25 - 2015-01-31 08:25 - 00000408 _____ () C:\Users\Guest\AppData\Roaming\CamShapes.ini
2015-01-31 08:25 - 2015-01-31 08:25 - 00000408 _____ () C:\Users\Guest\AppData\Roaming\CamLayout.ini
2015-01-31 08:25 - 2015-01-31 08:25 - 00000046 _____ () C:\Users\Guest\AppData\Roaming\Camdata.ini
2015-01-31 08:24 - 2015-01-31 08:24 - 00004608 _____ () C:\Users\Guest\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 08:24 - 2015-01-31 08:24 - 00000096 _____ () C:\Users\Guest\AppData\Roaming\version2.xml
2015-01-31 08:24 - 2015-01-31 08:24 - 00000000 ____D () C:\Users\Guest\Documents\ezvid
2015-01-31 08:24 - 2015-01-31 08:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\ezvid,_inc
2015-01-31 08:17 - 2015-01-31 08:17 - 00000000 ____D () C:\Users\Guest\AppData\Local\EgisTec IPS
2015-01-31 00:48 - 2015-01-31 08:17 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Spotify
2015-01-31 00:48 - 2015-01-31 00:48 - 00000000 ____D () C:\Users\Guest\AppData\Local\Spotify
2015-01-31 00:43 - 2015-01-31 16:57 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrashDumps
2015-01-31 00:43 - 2015-01-31 00:43 - 00001434 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Folder
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Real
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVAST Software
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Atheros
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\BMExplorer
2015-01-31 00:42 - 2015-02-15 11:17 - 00000000 ____D () C:\Users\Guest
2015-01-31 00:42 - 2015-02-02 16:19 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-31 00:42 - 2015-02-02 16:19 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-31 00:42 - 2015-01-31 08:28 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-01-31 00:42 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Packages
2015-01-31 00:42 - 2015-01-31 00:42 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2015-01-31 00:42 - 2015-01-31 00:42 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\lm
2015-01-31 00:42 - 2015-01-31 00:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore
2015-01-31 00:42 - 2014-03-01 18:56 - 00002209 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-01-31 00:42 - 2012-07-26 08:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-31 00:42 - 2012-07-26 08:13 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-31 00:14 - 2015-01-31 00:14 - 00000000 ____D () C:\Users\BrendaB\Documents\PC Cleaner
2015-01-31 00:13 - 2015-01-31 00:13 - 01721872 _____ (PCHelpSoft ) C:\Users\BrendaB\Downloads\pc-cleaner-417.exe
2015-01-30 23:14 - 2014-11-15 06:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-30 23:14 - 2014-11-15 05:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-30 23:14 - 2014-11-15 05:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-01-30 23:14 - 2014-11-15 03:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-30 23:14 - 2014-11-15 03:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-30 23:14 - 2014-11-15 03:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-30 23:14 - 2014-11-15 03:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-30 23:13 - 2014-12-19 06:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-30 23:13 - 2014-12-11 06:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-30 23:13 - 2014-11-27 02:40 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-30 23:13 - 2014-11-27 01:28 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-30 23:12 - 2014-11-05 06:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-30 23:12 - 2014-11-05 06:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-30 23:12 - 2014-11-01 06:28 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-30 23:12 - 2014-10-29 14:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-01-30 23:12 - 2014-10-27 22:10 - 00390841 _____ () C:\Windows\system32\ApnDatabase.xml
2015-01-30 23:12 - 2014-08-28 06:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-01-30 23:09 - 2014-12-19 04:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-30 23:09 - 2014-12-06 07:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-30 23:09 - 2014-12-06 07:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-30 23:09 - 2014-12-06 07:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-30 23:09 - 2014-12-06 07:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-30 23:09 - 2014-12-06 07:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-30 23:09 - 2014-12-06 07:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-30 23:09 - 2014-12-06 07:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-30 23:09 - 2014-12-06 07:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-30 23:09 - 2014-12-06 06:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-30 23:09 - 2014-12-06 06:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-30 23:09 - 2014-12-06 06:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-30 23:09 - 2014-12-06 06:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-30 23:08 - 2014-12-11 07:35 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-30 22:50 - 2015-01-30 22:50 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (5).torrent
2015-01-30 22:50 - 2015-01-30 22:50 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (4).torrent
2015-01-30 22:43 - 2015-02-02 16:20 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
2015-01-30 22:43 - 2015-01-30 22:43 - 00001761 _____ () C:\Users\BrendaB\Desktop\Gameo.lnk
2015-01-30 22:43 - 2015-01-30 22:43 - 00001747 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
2015-01-30 22:43 - 2015-01-30 22:43 - 00000173 _____ () C:\Users\BrendaB\Desktop\Play Games Online.url
2015-01-30 22:43 - 2015-01-30 22:43 - 00000173 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-01-30 22:43 - 2015-01-30 22:43 - 00000000 ___HD () C:\Users\BrendaB\AppData\Roaming\GoldenGate
2015-01-30 22:41 - 2015-01-30 22:41 - 00757336 _____ (DownloadAstro) C:\Users\BrendaB\Downloads\grand_theft_auto_v.exe
2015-01-30 22:38 - 2015-01-30 22:38 - 01177464 _____ () C:\Users\BrendaB\Downloads\Download GTA 5 PC Game grand theft auto V full version Highly compressed Free(1).exe
2015-01-30 22:37 - 2015-01-30 22:38 - 01177464 _____ () C:\Users\BrendaB\Downloads\Download GTA 5 PC Game grand theft auto V full version Highly compressed Free.exe
2015-01-30 22:34 - 2015-01-30 22:34 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (3).torrent
2015-01-30 22:30 - 2014-09-22 05:53 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-01-30 22:30 - 2014-08-26 22:08 - 00270024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-01-30 22:28 - 2014-10-11 07:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-01-30 22:28 - 2014-10-11 07:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-30 22:28 - 2014-10-11 07:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-30 22:28 - 2014-10-11 07:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-30 22:28 - 2014-10-11 05:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-01-30 22:28 - 2014-10-11 05:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-30 22:28 - 2014-10-11 05:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-30 22:28 - 2014-10-11 05:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-30 22:25 - 2015-01-30 22:25 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (2).torrent
2015-01-30 22:24 - 2015-01-30 22:24 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC.torrent
2015-01-30 22:24 - 2015-01-30 22:24 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (1).torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 11:41 - 2014-02-26 01:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1465268432-4247279613-3226374191-1001
2015-02-15 11:29 - 2014-03-02 18:37 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA.job
2015-02-15 11:29 - 2014-02-26 01:07 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 11:23 - 2014-02-26 01:31 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Skype
2015-02-15 11:22 - 2014-03-01 17:04 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-15 11:22 - 2014-02-26 01:07 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 11:22 - 2014-02-26 01:00 - 00000000 ____D () C:\Users\BrendaB
2015-02-15 11:18 - 2012-07-26 07:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 11:17 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\WinStore
2015-02-15 11:16 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\sru
2015-02-15 11:16 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\rescache
2015-02-15 11:16 - 2012-07-26 05:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-15 11:15 - 2014-03-01 16:58 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-15 11:15 - 2014-02-26 01:00 - 01301971 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 11:15 - 2012-07-26 08:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-15 11:14 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\registration
2015-02-15 11:12 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Real
2015-02-15 11:04 - 2012-07-26 07:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-15 10:59 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-15 01:17 - 2014-03-06 14:29 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\CrashDumps
2015-02-14 18:09 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-14 17:50 - 2014-02-28 13:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-14 17:07 - 2012-08-03 02:21 - 00696798 _____ () C:\Windows\PFRO.log
2015-02-10 12:29 - 2014-03-02 18:37 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core.job
2015-02-10 12:24 - 2014-03-02 18:37 - 00003880 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA
2015-02-10 12:24 - 2014-03-02 18:37 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core
2015-02-10 12:24 - 2014-02-26 01:07 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 12:24 - 2014-02-26 01:07 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 18:58 - 2014-12-29 11:18 - 00000000 ____D () C:\Program Files (x86)\Brackets
2015-02-04 10:40 - 2014-02-26 01:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-03 19:29 - 2014-12-29 10:46 - 00714184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:29 - 2014-12-29 10:46 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 19:15 - 2012-07-26 07:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ___RD () C:\Windows\ToastData
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\en-GB
2015-02-03 19:01 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-02-03 19:01 - 2012-07-26 08:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-03 19:01 - 2012-07-26 08:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-03 18:28 - 2014-12-29 11:09 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2015-02-03 12:26 - 2014-03-01 17:12 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-02-03 12:23 - 2014-02-28 13:11 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-03 10:59 - 2014-02-26 01:19 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-02 17:47 - 2014-02-26 02:07 - 00000000 ____D () C:\Users\BrendaB\Documents\Bluetooth Folder
2015-02-02 16:27 - 2014-11-22 07:14 - 00000000 ___HD () C:\$Windows.~BT
2015-02-02 16:20 - 2014-12-29 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-02 16:20 - 2014-12-29 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2015-02-02 16:20 - 2014-04-12 14:09 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-02 16:20 - 2014-04-05 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-02 16:20 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-02-02 16:20 - 2014-03-06 14:44 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2015-02-02 16:20 - 2014-03-04 14:26 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-02 16:20 - 2014-03-01 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-02 16:20 - 2014-02-26 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-02 16:20 - 2014-02-26 02:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-02 16:20 - 2014-02-26 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-02 16:20 - 2014-02-26 01:00 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 16:20 - 2012-08-27 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-02 16:20 - 2012-08-27 18:42 - 00000000 ____D () C:\Program Files\Intel
2015-02-02 16:20 - 2012-08-27 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-02-02 16:20 - 2012-08-03 02:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-02 16:20 - 2012-08-03 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-02 16:20 - 2012-08-03 02:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-02 16:20 - 2012-08-03 02:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-02 16:20 - 2012-08-03 02:24 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-02 16:20 - 2012-08-03 02:24 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-02 16:20 - 2012-07-26 08:18 - 00000000 ____D () C:\Windows\DigitalLocker
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\spool
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\Recovery
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\MUI
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\Help
2015-02-02 16:20 - 2012-07-26 07:49 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-02-02 16:20 - 2012-07-26 07:49 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-02-02 16:20 - 2012-07-26 07:49 - 00000000 ____D () C:\Windows\system32\WCN
2015-02-02 16:20 - 2012-07-26 05:38 - 00000000 ____D () C:\Windows\SysWOW64\SMI
2015-02-02 03:45 - 2012-07-26 07:21 - 01073828 _____ () C:\Windows\setupact.log
2015-02-02 03:43 - 2012-07-26 08:13 - 00004323 _____ () C:\Windows\DtcInstall.log
2015-02-02 03:17 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-02 02:10 - 2014-02-26 01:00 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Packages
2015-01-31 18:14 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(75)
2015-01-31 18:14 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(60)
2015-01-31 12:13 - 2012-08-27 19:11 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-31 10:11 - 2014-03-20 13:43 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Mozilla
2015-01-31 09:43 - 2012-07-26 05:26 - 00000226 _____ () C:\Windows\win.ini
2015-01-31 09:39 - 2014-05-02 21:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-30 21:54 - 2014-12-29 20:13 - 00000000 ____D () C:\Program Files\nodejs

==================== Files in the root of some directories =======

2014-12-29 11:31 - 2014-12-29 20:14 - 0000127 _____ () C:\Users\BrendaB\AppData\Roaming\Camdata.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamLayout.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamShapes.ini
2014-12-29 11:30 - 2014-12-29 11:30 - 0004535 _____ () C:\Users\BrendaB\AppData\Roaming\CamStudio.cfg
2014-12-29 11:10 - 2014-12-29 12:10 - 0000096 _____ () C:\Users\BrendaB\AppData\Roaming\version2.xml
2014-12-29 11:52 - 2014-12-29 12:04 - 0005632 _____ () C:\Users\BrendaB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-27 18:40 - 2012-08-27 18:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-29 11:10 - 2014-12-29 11:10 - 0001150 _____ () C:\ProgramData\FavIcon.ico

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-15 10:27

==================== End Of Log ============================

Attached Files


Edited by Zaria, 15 February 2015 - 09:44 PM.


BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:53 AM

Posted 15 February 2015 - 02:24 PM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 Zaria

Zaria
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 15 February 2015 - 07:24 PM

Hi Machiavelli, 

 

Here's everything, thank you. 

 

Step 1.

 

# AdwCleaner v4.110 - Logfile created 15/02/2015 at 21:28:58
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 8  (x64)
# Username : BrendaB - BRENDA
# Running from : C:\Users\BrendaB\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : ClaraUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\BrendaB\AppData\Local\globalUpdate
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
Folder Deleted : C:\Users\BrendaB\Documents\PC Cleaner
Folder Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea
Folder Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gameo.lnk
File Deleted : C:\Users\BrendaB\Desktop\gameo.lnk
File Deleted : C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\user.js
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovigo.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.publikeco00.publikeco.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.publikeco00.publikeco.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : Run_Bobby_Browser
Task Deleted : PostPoneInstall

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\gameo
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

-\\ Mozilla Firefox v28.0 (en-US)

-\\ Google Chrome v40.0.2214.111

[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovigo.com/Results.aspx?q={searchTerms}&Suggest=&stype=Homepage&useHistory=0&UP=SP09BE6171-9CD9-4611-A8F1-F83740EFA184&UM=4&SelfSearch=1&SearchType=SearchWeb&SearchSource=55&ctid=CT3324790&octid=EB_ORIGINAL_CTID
[C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

-\\ Opera v27.0.1689.69

[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovigo.com/Results.aspx?q={searchTerms}&Suggest=&stype=Homepage&useHistory=0&UP=SP09BE6171-9CD9-4611-A8F1-F83740EFA184&UM=4&SelfSearch=1&SearchType=SearchWeb&SearchSource=55&ctid=CT3324790&octid=EB_ORIGINAL_CTID
[C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [10012 bytes] - [15/02/2015 19:34:31]
AdwCleaner[R1].txt - [10072 bytes] - [15/02/2015 21:16:45]
AdwCleaner[S0].txt - [10662 bytes] - [15/02/2015 21:28:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10722  bytes] ##########

 

Step 2.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15/02/2015
Scan Time: 22:05:25
Logfile: Malwarebytes log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.15.06
Rootkit Database: v2015.02.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: BrendaB

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374536
Time Elapsed: 17 min, 27 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

Step 3.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8 x64
Ran by BrendaB on 15/02/2015 at 23:09:48.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Emptied folder: C:\Users\BrendaB\AppData\Roaming\mozilla\firefox\profiles\m80i6pxe.default\minidumps [1 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/02/2015 at 23:25:00.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Step 4.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by BrendaB (administrator) on BRENDA on 15-02-2015 23:55:40
Running from C:\Users\BrendaB\Desktop
Loaded Profiles: BrendaB (Available profiles: BrendaB & Guest)
Platform: Windows 8 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Spotify Ltd) C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2014-02-26] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-30] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-03] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2014-03-11] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-02-05] (SUPERAntiSpyware)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Google Update] => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-26] (Google Inc.)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Spotify Web Helper] => C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-27] (Spotify Ltd)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> URL http://search.conduit.com/Results.aspx?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP09BE6171-9CD9-4611-A8F1-F83740EFA184&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {BA10A51A-167E-44CA-9362-8DCB9F7A6EBF} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.bing.com/search?FORM=INCOH1&PC=IC02
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/O1DPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=3 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=9 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BrendaB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Media Hint - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\mediahint@jetpack.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-26]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-26]
CHR Extension: (Google Drive) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-26]
CHR Extension: (Google Search) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-26]
CHR Extension: (Solution Real) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gajmlbhaikobfinipefjoonopbfdkpcl [2015-01-31]
CHR Extension: (Avast Online Security) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-03-11]
CHR Extension: (SnapMyScreen) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhimebnnaphjchlhcdgdlbfmlbbbaank [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-02-05] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-31] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92560 2014-02-26] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-30] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-31] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-31] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 23:55 - 2015-02-15 23:55 - 00000000 ____D () C:\Users\BrendaB\Desktop\FRST-OlderVersion
2015-02-15 23:25 - 2015-02-15 23:25 - 00000747 _____ () C:\Users\BrendaB\Desktop\JRT.txt
2015-02-15 23:08 - 2015-02-15 23:08 - 01388274 _____ (Thisisu) C:\Users\BrendaB\Desktop\JRT.exe
2015-02-15 21:33 - 2015-02-15 21:34 - 00000197 _____ () C:\Windows\system32\2015-02-15-21-33-22.010-AvastVBoxSVC.exe-2880.log
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v4.html
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v3.html
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v2.html
2015-02-15 19:30 - 2015-02-15 19:30 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015.html
2015-02-15 19:29 - 2015-02-15 21:29 - 00000000 ____D () C:\AdwCleaner
2015-02-15 19:28 - 2015-02-15 19:28 - 02112512 _____ () C:\Users\BrendaB\Desktop\AdwCleaner.exe
2015-02-15 17:40 - 2015-02-15 17:40 - 00003820 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424022019
2015-02-15 17:40 - 2015-02-15 17:40 - 00001143 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-15 17:40 - 2015-02-15 17:40 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-15 17:40 - 2015-02-15 17:40 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Opera Software
2015-02-15 17:40 - 2015-02-15 17:40 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Opera Software
2015-02-15 17:39 - 2015-02-15 21:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-15 16:36 - 2015-02-15 16:37 - 00000197 _____ () C:\Windows\system32\2015-02-15-16-36-15.078-AvastVBoxSVC.exe-3036.log
2015-02-15 11:45 - 2015-02-15 11:46 - 00037455 _____ () C:\Users\BrendaB\Desktop\Addition.txt
2015-02-15 11:44 - 2015-02-15 23:55 - 00023434 _____ () C:\Users\BrendaB\Desktop\FRST.txt
2015-02-15 11:43 - 2015-02-15 23:55 - 00000000 ____D () C:\FRST
2015-02-15 11:41 - 2015-02-15 23:55 - 02085888 _____ (Farbar) C:\Users\BrendaB\Desktop\FRST64.exe
2015-02-15 11:21 - 2015-02-15 11:23 - 00000197 _____ () C:\Windows\system32\2015-02-15-11-21-48.002-AvastVBoxSVC.exe-3436.log
2015-02-15 10:53 - 2015-02-15 10:54 - 00000197 _____ () C:\Windows\system32\2015-02-15-10-53-13.011-AvastVBoxSVC.exe-3656.log
2015-02-14 19:53 - 2015-02-14 19:53 - 08503296 _____ () C:\Users\BrendaB\Documents\main.db
2015-02-14 18:13 - 2015-02-14 18:14 - 00000197 _____ () C:\Windows\system32\2015-02-14-18-13-21.046-AvastVBoxSVC.exe-2152.log
2015-02-14 17:10 - 2015-02-14 17:12 - 00000197 _____ () C:\Windows\system32\2015-02-14-17-10-32.097-AvastVBoxSVC.exe-2292.log
2015-02-13 14:27 - 2015-01-15 11:44 - 00588288 ____N (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-02-13 14:27 - 2015-01-15 11:43 - 01282560 ____N (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 14:27 - 2015-01-15 10:00 - 00452608 ____N (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 02237952 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 01627648 ____N (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 01409536 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 14:27 - 2015-01-12 06:49 - 00915968 ____N (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-02-13 14:27 - 2015-01-12 06:47 - 02655744 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 14:27 - 2015-01-12 05:07 - 01762816 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 14:27 - 2015-01-12 05:07 - 01181696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 14:27 - 2015-01-12 05:06 - 02055168 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 14:27 - 2014-12-08 06:48 - 00391168 ____N (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 14:25 - 2014-12-18 06:50 - 00723968 ____N (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-13 14:25 - 2014-11-26 06:43 - 00778240 ____N (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 14:25 - 2014-11-26 04:50 - 00567808 ____N (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 14:14 - 2015-02-15 10:44 - 00000000 ____D () C:\410ded665ceef920ed1a
2015-02-10 20:43 - 2015-02-10 20:43 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Unity
2015-02-05 23:32 - 2015-02-05 23:34 - 00000197 _____ () C:\Windows\system32\2015-02-05-23-32-35.061-AvastVBoxSVC.exe-3012.log
2015-02-05 21:27 - 2015-02-05 21:27 - 00000000 ____D () C:\Windows\pss
2015-02-05 20:39 - 2015-02-05 20:39 - 00000197 _____ () C:\Windows\system32\2015-02-05-20-39-00.031-AvastVBoxSVC.exe-2868.log
2015-02-05 18:47 - 2015-02-05 18:47 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-47-35.054-AvastVBoxSVC.exe-3532.log
2015-02-05 18:03 - 2015-02-05 18:06 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-03-20.051-AvastVBoxSVC.exe-3004.log
2015-02-05 17:28 - 2015-02-05 17:29 - 00000197 _____ () C:\Windows\system32\2015-02-05-17-28-55.008-AvastVBoxSVC.exe-2876.log
2015-02-04 10:45 - 2015-02-04 10:45 - 00003278 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1465268432-4247279613-3226374191-1001
2015-02-04 10:41 - 2015-02-04 10:41 - 00000197 _____ () C:\Windows\system32\2015-02-04-10-41-07.048-AvastVBoxSVC.exe-3320.log
2015-02-04 10:37 - 2015-02-04 10:37 - 00430392 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-03 19:13 - 2015-02-03 19:14 - 00002200 _____ () C:\Users\BrendaB\Desktop\chrome.lnk
2015-02-03 19:09 - 2015-02-03 19:09 - 00000197 _____ () C:\Windows\system32\2015-02-03-19-09-10.042-AvastVBoxSVC.exe-3020.log
2015-02-03 13:01 - 2015-02-03 13:01 - 00000247 _____ () C:\Windows\system32\2015-02-03-13-01-55.009-aswFe.exe-1924.log
2015-02-03 12:53 - 2015-02-03 13:01 - 00000247 _____ () C:\Windows\system32\2015-02-03-12-53-40.021-aswFe.exe-3568.log
2015-02-03 12:53 - 2015-02-03 12:53 - 00000197 _____ () C:\Windows\system32\2015-02-03-12-53-34.055-AvastVBoxSVC.exe-5716.log
2015-02-03 12:43 - 2014-10-09 04:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-02-03 12:43 - 2014-10-09 04:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-02-03 12:43 - 2014-10-09 04:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-02-03 12:43 - 2014-10-09 03:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-02-03 12:43 - 2014-10-09 03:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-02-03 12:35 - 2014-07-15 22:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-02-03 12:33 - 2015-02-15 11:16 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-02-03 12:26 - 2015-02-15 22:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-03 12:25 - 2015-02-15 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2015-02-15 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-03 12:25 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-03 10:59 - 2015-02-03 10:59 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-03 10:59 - 2015-01-31 09:39 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-03 10:52 - 2015-02-03 10:52 - 05006864 _____ (AVAST Software) C:\Users\BrendaB\Downloads\avast_free_antivirus_setup_online.exe
2015-02-03 10:49 - 2015-02-03 18:28 - 00000000 ____D () C:\Program Files (x86)\dab2ae2d-a46a-4825-8298-8c6b2d194993
2015-02-02 19:06 - 2015-02-02 19:07 - 00000197 _____ () C:\Windows\system32\2015-02-02-19-06-25.033-AvastVBoxSVC.exe-2880.log
2015-02-02 17:36 - 2015-02-02 17:36 - 00000197 _____ () C:\Windows\system32\2015-02-02-17-36-29.014-AvastVBoxSVC.exe-2856.log
2015-02-02 17:20 - 2015-02-02 17:22 - 00000197 _____ () C:\Windows\system32\2015-02-02-17-20-06.010-AvastVBoxSVC.exe-2880.log
2015-02-02 17:04 - 2015-02-02 17:05 - 00000197 _____ () C:\Windows\system32\2015-02-02-17-04-52.044-AvastVBoxSVC.exe-2848.log
2015-02-02 16:27 - 2015-02-02 16:27 - 00000197 _____ () C:\Windows\system32\2015-02-02-16-27-26.024-AvastVBoxSVC.exe-3428.log
2015-02-02 03:15 - 2015-02-02 03:15 - 00000197 _____ () C:\Windows\system32\2015-02-02-03-15-16.061-AvastVBoxSVC.exe-3024.log
2015-02-02 02:22 - 2015-02-02 02:22 - 00000197 _____ () C:\Windows\system32\2015-02-02-02-22-24.036-AvastVBoxSVC.exe-2932.log
2015-02-02 02:16 - 2015-02-02 02:16 - 00000197 _____ () C:\Windows\system32\2015-02-02-02-16-18.080-AvastVBoxSVC.exe-2784.log
2015-02-02 01:34 - 2015-02-02 01:34 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair (1).exe
2015-02-02 01:32 - 2015-02-02 01:32 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair.exe
2015-02-01 13:50 - 2015-02-01 13:52 - 00000197 _____ () C:\Windows\system32\2015-02-01-13-50-21.054-AvastVBoxSVC.exe-3896.log
2015-02-01 13:29 - 2015-02-01 13:29 - 00000197 _____ () C:\Windows\system32\2015-02-01-13-29-58.048-AvastVBoxSVC.exe-4428.log
2015-02-01 13:11 - 2015-02-01 13:11 - 00000197 _____ () C:\Windows\system32\2015-02-01-13-11-16.066-AvastVBoxSVC.exe-2920.log
2015-02-01 12:19 - 2015-02-01 12:19 - 00000197 _____ () C:\Windows\system32\2015-02-01-12-19-21.016-AvastVBoxSVC.exe-2868.log
2015-02-01 11:37 - 2015-02-01 11:37 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-37-01.035-AvastVBoxSVC.exe-5080.log
2015-02-01 11:09 - 2015-02-01 11:09 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-09-53.078-AvastVBoxSVC.exe-2848.log
2015-01-31 22:36 - 2015-01-31 22:36 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-36-18.070-AvastVBoxSVC.exe-2876.log
2015-01-31 22:28 - 2015-01-31 22:28 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-28-12.003-AvastVBoxSVC.exe-3352.log
2015-01-31 22:15 - 2015-01-31 22:15 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-15-24.014-AvastVBoxSVC.exe-4688.log
2015-01-31 22:05 - 2015-01-31 22:05 - 00000197 _____ () C:\Windows\system32\2015-01-31-22-05-43.039-AvastVBoxSVC.exe-2988.log
2015-01-31 21:51 - 2015-01-31 21:51 - 00000197 _____ () C:\Windows\system32\2015-01-31-21-51-32.033-AvastVBoxSVC.exe-5620.log
2015-01-31 21:30 - 2015-01-31 21:30 - 00000197 _____ () C:\Windows\system32\2015-01-31-21-30-52.006-AvastVBoxSVC.exe-3404.log
2015-01-31 21:05 - 2015-01-31 21:05 - 00000197 _____ () C:\Windows\system32\2015-01-31-21-05-18.016-AvastVBoxSVC.exe-4576.log
2015-01-31 20:51 - 2015-01-31 20:51 - 00000197 _____ () C:\Windows\system32\2015-01-31-20-51-04.039-AvastVBoxSVC.exe-4660.log
2015-01-31 20:23 - 2015-01-31 20:23 - 00000197 _____ () C:\Windows\system32\2015-01-31-20-23-04.039-AvastVBoxSVC.exe-3940.log
2015-01-31 19:33 - 2015-01-31 19:33 - 00000000 ____D () C:\Users\BrendaB\Documents\ROBLOX
2015-01-31 19:09 - 2015-01-31 19:09 - 00000197 _____ () C:\Windows\system32\2015-01-31-19-09-50.036-AvastVBoxSVC.exe-2804.log
2015-01-31 18:35 - 2015-02-02 04:19 - 00000000 __SHD () C:\Recovery
2015-01-31 18:30 - 2015-01-31 18:30 - 00262144 _____ () C:\Windows\system32\config\userdiff
2015-01-31 17:02 - 2015-02-02 03:38 - 00003107 _____ () C:\Windows\comsetup.log
2015-01-31 16:56 - 2015-01-31 16:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia
2015-01-31 15:38 - 2015-02-02 03:45 - 00064773 _____ () C:\Windows\diagwrn.xml
2015-01-31 15:38 - 2015-02-02 03:45 - 00064773 _____ () C:\Windows\diagerr.xml
2015-01-31 15:32 - 2015-01-31 19:33 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Roblox
2015-01-31 15:32 - 2015-01-31 15:32 - 00639856 _____ (ROBLOX Corporation) C:\Users\BrendaB\Downloads\RobloxPlayerLauncher.exe
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\Documents\CyberLink
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\CyberLink
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Software
2015-01-31 12:13 - 2015-01-31 12:13 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Cyberlink
2015-01-31 12:09 - 2015-01-31 12:09 - 00000197 _____ () C:\Windows\system32\2015-01-31-12-09-14.098-AvastVBoxSVC.exe-5180.log
2015-01-31 11:35 - 2015-01-31 11:35 - 00000197 _____ () C:\Windows\system32\2015-01-31-11-35-09.087-AvastVBoxSVC.exe-428.log
2015-01-31 09:57 - 2015-01-31 09:57 - 00000247 _____ () C:\Windows\system32\2015-01-31-09-57-18.053-aswFe.exe-1872.log
2015-01-31 09:52 - 2015-01-31 09:57 - 00000247 _____ () C:\Windows\system32\2015-01-31-09-52-40.048-aswFe.exe-1676.log
2015-01-31 09:52 - 2015-01-31 09:52 - 00000197 _____ () C:\Windows\system32\2015-01-31-09-52-37.036-AvastVBoxSVC.exe-5912.log
2015-01-31 09:44 - 2015-02-02 16:20 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-31 09:44 - 2015-02-02 16:20 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-31 09:40 - 2015-02-15 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-31 09:39 - 2015-01-31 09:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-31 09:35 - 2015-01-31 09:35 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-01-31 08:58 - 2015-01-31 08:58 - 00757336 _____ (DownloadAstro) C:\Users\Guest\Downloads\grand_theft_auto_v.exe
2015-01-31 08:56 - 2015-01-31 08:56 - 00016945 _____ () C:\Users\Guest\Downloads\Grand.Theft.Auto.5.PC (2).torrent
2015-01-31 08:56 - 2015-01-31 08:56 - 00016945 _____ () C:\Users\Guest\Downloads\Grand.Theft.Auto.5.PC (1).torrent
2015-01-31 08:54 - 2015-01-31 08:54 - 00016945 _____ () C:\Users\Guest\Downloads\Grand.Theft.Auto.5.PC.torrent
2015-01-31 08:25 - 2015-01-31 08:25 - 00004535 _____ () C:\Users\Guest\AppData\Roaming\CamStudio.cfg
2015-01-31 08:25 - 2015-01-31 08:25 - 00000408 _____ () C:\Users\Guest\AppData\Roaming\CamShapes.ini
2015-01-31 08:25 - 2015-01-31 08:25 - 00000408 _____ () C:\Users\Guest\AppData\Roaming\CamLayout.ini
2015-01-31 08:25 - 2015-01-31 08:25 - 00000046 _____ () C:\Users\Guest\AppData\Roaming\Camdata.ini
2015-01-31 08:24 - 2015-01-31 08:24 - 00004608 _____ () C:\Users\Guest\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 08:24 - 2015-01-31 08:24 - 00000096 _____ () C:\Users\Guest\AppData\Roaming\version2.xml
2015-01-31 08:24 - 2015-01-31 08:24 - 00000000 ____D () C:\Users\Guest\Documents\ezvid
2015-01-31 08:24 - 2015-01-31 08:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\ezvid,_inc
2015-01-31 08:17 - 2015-01-31 08:17 - 00000000 ____D () C:\Users\Guest\AppData\Local\EgisTec IPS
2015-01-31 00:48 - 2015-01-31 08:17 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Spotify
2015-01-31 00:48 - 2015-01-31 00:48 - 00000000 ____D () C:\Users\Guest\AppData\Local\Spotify
2015-01-31 00:43 - 2015-01-31 16:57 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrashDumps
2015-01-31 00:43 - 2015-01-31 00:43 - 00001434 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Folder
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Real
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVAST Software
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Atheros
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2015-01-31 00:43 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\BMExplorer
2015-01-31 00:42 - 2015-02-15 16:51 - 00000000 ____D () C:\Users\Guest
2015-01-31 00:42 - 2015-02-02 16:19 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-31 00:42 - 2015-02-02 16:19 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-31 00:42 - 2015-01-31 08:28 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-01-31 00:42 - 2015-01-31 00:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Packages
2015-01-31 00:42 - 2015-01-31 00:42 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2015-01-31 00:42 - 2015-01-31 00:42 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\lm
2015-01-31 00:42 - 2015-01-31 00:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore
2015-01-31 00:42 - 2014-03-01 18:56 - 00002209 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-01-31 00:42 - 2012-07-26 08:13 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-31 00:42 - 2012-07-26 08:13 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-31 00:13 - 2015-01-31 00:13 - 01721872 _____ (PCHelpSoft ) C:\Users\BrendaB\Downloads\pc-cleaner-417.exe
2015-01-30 23:14 - 2014-11-15 06:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-30 23:14 - 2014-11-15 05:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-30 23:14 - 2014-11-15 05:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-30 23:14 - 2014-11-15 05:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-01-30 23:14 - 2014-11-15 03:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-30 23:14 - 2014-11-15 03:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-30 23:14 - 2014-11-15 03:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-30 23:14 - 2014-11-15 03:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-30 23:13 - 2014-12-19 06:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-30 23:13 - 2014-12-11 06:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-30 23:13 - 2014-11-27 02:40 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-30 23:13 - 2014-11-27 01:28 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-30 23:12 - 2014-11-05 06:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-30 23:12 - 2014-11-05 06:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-30 23:12 - 2014-11-01 06:28 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-30 23:12 - 2014-10-29 14:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-01-30 23:12 - 2014-10-27 22:10 - 00390841 _____ () C:\Windows\system32\ApnDatabase.xml
2015-01-30 23:12 - 2014-08-28 06:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-01-30 23:09 - 2014-12-19 04:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-30 23:09 - 2014-12-06 07:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-30 23:09 - 2014-12-06 07:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-30 23:09 - 2014-12-06 07:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-30 23:09 - 2014-12-06 07:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-30 23:09 - 2014-12-06 07:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-30 23:09 - 2014-12-06 07:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-30 23:09 - 2014-12-06 07:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-30 23:09 - 2014-12-06 07:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-30 23:09 - 2014-12-06 06:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-30 23:09 - 2014-12-06 06:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-30 23:09 - 2014-12-06 06:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-30 23:09 - 2014-12-06 06:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-30 23:08 - 2014-12-11 07:35 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-30 22:50 - 2015-01-30 22:50 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (5).torrent
2015-01-30 22:50 - 2015-01-30 22:50 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (4).torrent
2015-01-30 22:43 - 2015-01-30 22:43 - 00000173 _____ () C:\Users\BrendaB\Desktop\Play Games Online.url
2015-01-30 22:43 - 2015-01-30 22:43 - 00000173 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-01-30 22:43 - 2015-01-30 22:43 - 00000000 ___HD () C:\Users\BrendaB\AppData\Roaming\GoldenGate
2015-01-30 22:41 - 2015-01-30 22:41 - 00757336 _____ (DownloadAstro) C:\Users\BrendaB\Downloads\grand_theft_auto_v.exe
2015-01-30 22:38 - 2015-01-30 22:38 - 01177464 _____ () C:\Users\BrendaB\Downloads\Download GTA 5 PC Game grand theft auto V full version Highly compressed Free(1).exe
2015-01-30 22:37 - 2015-01-30 22:38 - 01177464 _____ () C:\Users\BrendaB\Downloads\Download GTA 5 PC Game grand theft auto V full version Highly compressed Free.exe
2015-01-30 22:34 - 2015-01-30 22:34 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (3).torrent
2015-01-30 22:30 - 2014-09-22 05:53 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-01-30 22:30 - 2014-08-26 22:08 - 00270024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-01-30 22:28 - 2014-10-11 07:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-01-30 22:28 - 2014-10-11 07:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-30 22:28 - 2014-10-11 07:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-30 22:28 - 2014-10-11 07:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-30 22:28 - 2014-10-11 05:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-01-30 22:28 - 2014-10-11 05:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-30 22:28 - 2014-10-11 05:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-30 22:28 - 2014-10-11 05:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-30 22:25 - 2015-01-30 22:25 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (2).torrent
2015-01-30 22:24 - 2015-01-30 22:24 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC.torrent
2015-01-30 22:24 - 2015-01-30 22:24 - 00016945 _____ () C:\Users\BrendaB\Downloads\Grand.Theft.Auto.5.PC (1).torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 23:33 - 2014-02-26 01:31 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Skype
2015-02-15 23:29 - 2014-03-02 18:37 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA.job
2015-02-15 23:29 - 2014-02-26 01:07 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 23:25 - 2014-02-26 01:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1465268432-4247279613-3226374191-1001
2015-02-15 23:02 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\sru
2015-02-15 21:49 - 2014-03-01 17:12 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-15 21:33 - 2014-03-01 17:04 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-15 21:32 - 2014-02-26 01:07 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 21:30 - 2012-07-26 07:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 12:29 - 2014-03-02 18:37 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core.job
2015-02-15 11:22 - 2014-02-26 01:00 - 00000000 ____D () C:\Users\BrendaB
2015-02-15 11:17 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\WinStore
2015-02-15 11:16 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\rescache
2015-02-15 11:16 - 2012-07-26 05:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-15 11:15 - 2014-03-01 16:58 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-15 11:15 - 2014-02-26 01:00 - 01301971 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 11:15 - 2012-07-26 08:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-15 11:14 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\registration
2015-02-15 11:12 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Real
2015-02-15 11:04 - 2012-07-26 07:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-15 10:59 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-15 01:17 - 2014-03-06 14:29 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\CrashDumps
2015-02-14 18:09 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-14 17:50 - 2014-02-28 13:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-14 17:07 - 2012-08-03 02:21 - 00696798 _____ () C:\Windows\PFRO.log
2015-02-10 12:24 - 2014-03-02 18:37 - 00003880 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA
2015-02-10 12:24 - 2014-03-02 18:37 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core
2015-02-10 12:24 - 2014-02-26 01:07 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 12:24 - 2014-02-26 01:07 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 18:58 - 2014-12-29 11:18 - 00000000 ____D () C:\Program Files (x86)\Brackets
2015-02-04 10:40 - 2014-02-26 01:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-03 19:29 - 2014-12-29 10:46 - 00714184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:29 - 2014-12-29 10:46 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 19:15 - 2012-07-26 07:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ___RD () C:\Windows\ToastData
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 19:02 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\en-GB
2015-02-03 19:01 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-02-03 19:01 - 2012-07-26 08:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-03 19:01 - 2012-07-26 08:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-03 18:28 - 2014-12-29 11:09 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2015-02-03 12:26 - 2014-03-01 17:12 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-02-03 12:23 - 2014-02-28 13:11 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-03 10:59 - 2014-02-26 01:19 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-02 17:47 - 2014-02-26 02:07 - 00000000 ____D () C:\Users\BrendaB\Documents\Bluetooth Folder
2015-02-02 16:27 - 2014-11-22 07:14 - 00000000 ___HD () C:\$Windows.~BT
2015-02-02 16:20 - 2014-12-29 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-02 16:20 - 2014-12-29 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2015-02-02 16:20 - 2014-04-12 14:09 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-02 16:20 - 2014-04-05 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-02 16:20 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-02-02 16:20 - 2014-03-04 14:26 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-02 16:20 - 2014-03-01 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-02 16:20 - 2014-02-26 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-02 16:20 - 2014-02-26 02:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-02 16:20 - 2014-02-26 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-02 16:20 - 2014-02-26 01:00 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 16:20 - 2012-08-27 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-02 16:20 - 2012-08-27 18:42 - 00000000 ____D () C:\Program Files\Intel
2015-02-02 16:20 - 2012-08-27 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-02-02 16:20 - 2012-08-03 02:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-02 16:20 - 2012-08-03 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-02 16:20 - 2012-08-03 02:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-02 16:20 - 2012-08-03 02:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-02 16:20 - 2012-08-03 02:24 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-02 16:20 - 2012-08-03 02:24 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-02 16:20 - 2012-07-26 08:18 - 00000000 ____D () C:\Windows\DigitalLocker
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\spool
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\Recovery
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\MUI
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-02-02 16:20 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\Help
2015-02-02 16:20 - 2012-07-26 07:49 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-02-02 16:20 - 2012-07-26 07:49 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-02-02 16:20 - 2012-07-26 07:49 - 00000000 ____D () C:\Windows\system32\WCN
2015-02-02 16:20 - 2012-07-26 05:38 - 00000000 ____D () C:\Windows\SysWOW64\SMI
2015-02-02 03:45 - 2012-07-26 07:21 - 01073828 _____ () C:\Windows\setupact.log
2015-02-02 03:43 - 2012-07-26 08:13 - 00004323 _____ () C:\Windows\DtcInstall.log
2015-02-02 03:17 - 2012-07-26 08:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-02 02:10 - 2014-02-26 01:00 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Packages
2015-01-31 18:14 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(75)
2015-01-31 18:14 - 2012-07-26 05:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(60)
2015-01-31 12:13 - 2012-08-27 19:11 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-31 10:11 - 2014-03-20 13:43 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Mozilla
2015-01-31 09:43 - 2012-07-26 05:26 - 00000226 _____ () C:\Windows\win.ini
2015-01-31 09:39 - 2014-05-02 21:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-31 09:39 - 2014-02-26 01:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-30 21:54 - 2014-12-29 20:13 - 00000000 ____D () C:\Program Files\nodejs

==================== Files in the root of some directories =======

2014-12-29 11:31 - 2014-12-29 20:14 - 0000127 _____ () C:\Users\BrendaB\AppData\Roaming\Camdata.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamLayout.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamShapes.ini
2014-12-29 11:30 - 2014-12-29 11:30 - 0004535 _____ () C:\Users\BrendaB\AppData\Roaming\CamStudio.cfg
2014-12-29 11:10 - 2014-12-29 12:10 - 0000096 _____ () C:\Users\BrendaB\AppData\Roaming\version2.xml
2014-12-29 11:52 - 2014-12-29 12:04 - 0005632 _____ () C:\Users\BrendaB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-27 18:40 - 2012-08-27 18:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-29 11:10 - 2014-12-29 11:10 - 0001150 _____ () C:\ProgramData\FavIcon.ico

Some content of TEMP:
====================
C:\Users\BrendaB\AppData\Local\Temp\Quarantine.exe
C:\Users\BrendaB\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-15 10:27

==================== End Of Log ============================



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:53 AM

Posted 16 February 2015 - 04:40 AM

Hey, :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    HKLM-x32\...\Run: [LManager] => [X]
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {BA10A51A-167E-44CA-9362-8DCB9F7A6EBF} URL =
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
    FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
    FF NetworkProxy: "type", 2
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:53 AM

Posted 20 February 2015 - 12:01 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:53 AM

Posted 28 February 2015 - 06:42 AM

User returned.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 Zaria

Zaria
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 01 March 2015 - 10:21 AM

My youngest sibling has been using the laptop even though he's not meant to and it looks like it's in a worse condition now than when I left it, there are more viruses in quarantine in Avast and using the internet is now more difficult (redirections, other browsers not working, shutting down randomly). Is it ok to go ahead with your last instructions or should I start from the beginning again? 



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:53 AM

Posted 02 March 2015 - 11:08 AM

Hi, please run FRST again.

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 Zaria

Zaria
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 02 March 2015 - 07:36 PM

Hi Deeprybka, 

 

Here they are, thanks. 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by BrendaB (administrator) on BRENDA on 03-03-2015 00:13:43
Running from C:\Users\BrendaB\Desktop
Loaded Profiles: BrendaB (Available profiles: BrendaB & Adult Admin Acc & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Spotify Ltd) C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
() C:\Program Files (x86)\Opera\27.0.1689.76\opera_crashreporter.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2014-02-26] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-30] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-03] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2014-03-11] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-02-05] (SUPERAntiSpyware)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Google Update] => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-26] (Google Inc.)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Spotify Web Helper] => C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-27] (Spotify Ltd)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [SlimCleaner Plus] => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26165568 2014-12-23] (SlimWare Utilities, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKLM -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKLM -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\.DEFAULT -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-19 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-19 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-19 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-20 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-20 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-20 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {BA10A51A-167E-44CA-9362-8DCB9F7A6EBF} URL = 
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {CD8D7CA0-7D5E-4772-8DEF-860EB0874892} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10811
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {FE1CA8F7-B215-477B-A3EA-0E391ACE7F58} URL = http://search.findwide.com/serp?guid={023A957A-7D15-47BF-8E98-C86EE3CFCA09}&action=default_search&k={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - FindWide Toolbar - {0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED} - C:\Program Files (x86)\TNT2\Profiles\10811\passport64.dll No File
Toolbar: HKLM-x32 - FindWide Toolbar - {0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED} - C:\Program Files (x86)\TNT2\Profiles\10811\passport.dll No File
Toolbar: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> FindWide Toolbar - {0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED} - C:\Program Files (x86)\TNT2\Profiles\10811\passport64.dll No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default
FF NewTab: hxxp://www.omniboxes.com/newtab/?type=nt&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261
FF Homepage: hxxp://www.omniboxes.com/?type=hp&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF DefaultSearchEngine: Search       
FF SearchEngineOrder.1: Search       
FF SelectedSearchEngine: Search       
FF DefaultSearchUrl: hxxp://www.safesearch.net/search?p=s&q={searchTerms}&m=ff&c=wi&s=wi
FF Keyword.URL: hxxp://www.safesearch.net/search?p=s&q=
FF Homepage: hxxp://www.safesearch.net/?p=h&m=ff&c=wi&s=wi
FF NewTab: hxxp://www.safesearch.net/?p=t&m=ff&c=wi&s=wi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/O1DPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=3 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=9 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BrendaB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\searchplugins\safesearch.xml
FF Extension: No Name - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\faststartff@gmail.com [2015-02-19]
FF Extension: No Name - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\searchengine@gmail.com [2015-02-19]
FF Extension: Media Hint - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\mediahint@jetpack.xpi [2014-04-12]
FF Extension: gate snapper 1.0.1 - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\{fd10cee5-1b00-4433-a349-4c4d1226980a}.xpi [2015-02-19]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-26]
FF Extension: No Name - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\extensions\toolbar10811@findwide.com.xpi [Not Found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.omniboxes.com/?type=hp&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261
CHR StartupUrls: Default -> "hxxp://www.omniboxes.com/?type=hp&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261"
CHR DefaultSearchKeyword: Default -> omniboxes
CHR DefaultNewTabURL: Default -> http://www.safesearch.net/?p=t
CHR Profile: C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-26]
CHR Extension: (Google Drive) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-26]
CHR Extension: (gate snapper) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjinmnllklljcmofdllbapdjgkbhnjc [2015-02-19]
CHR Extension: (Google Search) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-26]
CHR Extension: (No Name) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea [2015-02-16]
CHR Extension: (Solution Real) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gajmlbhaikobfinipefjoonopbfdkpcl [2015-01-31]
CHR Extension: (Avast Online Security) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-03-11]
CHR Extension: (SnapMyScreen) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhimebnnaphjchlhcdgdlbfmlbbbaank [2015-01-30]
CHR Extension: (No Name) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-02-16]
CHR Extension: (Google Wallet) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-26]
CHR Extension: (CrushArcade) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol [2015-02-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-02-05] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-31] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-30] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [244544 2014-12-23] (SlimWare Utilities, Inc.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [126568 2015-02-17] (RaMMicHaeL)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-31] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-22] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-01] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2015-03-01] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-31] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-22] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-01 17:47 - 2015-03-01 17:48 - 00000197 _____ () C:\WINDOWS\system32\2015-03-01-17-47-46.039-AvastVBoxSVC.exe-2720.log
2015-03-01 17:47 - 2015-03-01 17:47 - 00000247 _____ () C:\WINDOWS\system32\2015-03-01-17-47-56.031-aswFe.exe-6140.log
2015-03-01 14:43 - 2015-03-01 14:43 - 00000247 _____ () C:\WINDOWS\system32\2015-03-01-14-43-39.047-aswFe.exe-7616.log
2015-03-01 14:43 - 2015-03-01 14:43 - 00000197 _____ () C:\WINDOWS\system32\2015-03-01-14-43-14.012-AvastVBoxSVC.exe-2188.log
2015-03-01 14:42 - 2015-03-01 14:42 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\EgisTec IPS
2015-03-01 14:41 - 2015-03-01 14:47 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1465268432-4247279613-3226374191-1002
2015-02-27 16:11 - 2015-02-27 16:11 - 00000000 ____D () C:\Users\Adult Admin Acc\Documents\Bluetooth Folder
2015-02-27 16:11 - 2015-02-27 16:11 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\BMExplorer
2015-02-27 16:10 - 2015-02-27 16:10 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Real
2015-02-27 16:10 - 2015-02-27 16:10 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\AVAST Software
2015-02-27 16:10 - 2015-02-27 16:10 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Atheros
2015-02-27 16:09 - 2015-03-01 15:44 - 00000000 ____D () C:\Users\Adult Admin Acc
2015-02-27 16:09 - 2015-03-01 14:41 - 00002283 _____ () C:\Users\Adult Admin Acc\Desktop\Google Chrome.lnk
2015-02-27 16:09 - 2015-02-27 16:11 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\Packages
2015-02-27 16:09 - 2015-02-27 16:09 - 00001450 _____ () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-27 16:09 - 2015-02-27 16:09 - 00000258 __RSH () C:\Users\Adult Admin Acc\ntuser.pol
2015-02-27 16:09 - 2015-02-27 16:09 - 00000020 ___SH () C:\Users\Adult Admin Acc\ntuser.ini
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\lm
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Adobe
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\VirtualStore
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\Google
2015-02-27 16:09 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-27 16:09 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-27 16:09 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-27 16:09 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-27 16:09 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-27 16:09 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-27 00:34 - 2015-02-27 00:34 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Opera Software
2015-02-27 00:34 - 2015-02-27 00:34 - 00000000 ____D () C:\Users\Guest\AppData\Local\Opera Software
2015-02-27 00:33 - 2015-02-27 00:33 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\SUPERAntiSpyware.com
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieBrowserModeList
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 ____D () C:\Users\Guest\Documents\Add-in Express
2015-02-27 00:28 - 2015-03-01 20:58 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrimeWatch
2015-02-27 00:26 - 2015-02-27 00:26 - 00001446 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-27 00:25 - 2015-02-27 00:25 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2015-02-27 00:15 - 2015-02-27 00:15 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-24 20:03 - 2015-02-24 20:03 - 00000247 _____ () C:\WINDOWS\system32\2015-02-24-20-03-32.040-aswFe.exe-7068.log
2015-02-24 20:03 - 2015-02-24 20:03 - 00000197 _____ () C:\WINDOWS\system32\2015-02-24-20-03-14.029-AvastVBoxSVC.exe-2932.log
2015-02-24 19:51 - 2015-02-24 19:51 - 00000247 _____ () C:\WINDOWS\system32\2015-02-24-19-51-52.036-aswFe.exe-2956.log
2015-02-24 19:51 - 2015-02-24 19:51 - 00000197 _____ () C:\WINDOWS\system32\2015-02-24-19-51-47.005-AvastVBoxSVC.exe-7272.log
2015-02-23 20:10 - 2015-02-23 20:10 - 01285312 _____ () C:\ProgramData\Setup.exe
2015-02-22 00:35 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-22 00:35 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-22 00:33 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-22 00:33 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-22 00:33 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-22 00:33 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-22 00:30 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-22 00:30 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-22 00:27 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-22 00:27 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-22 00:21 - 2015-02-03 23:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-22 00:21 - 2015-02-03 23:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-22 00:21 - 2015-02-03 23:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-22 00:21 - 2015-02-02 23:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-22 00:21 - 2015-02-02 23:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-22 00:21 - 2015-02-02 23:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-22 00:21 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-22 00:21 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-02-21 12:57 - 2015-02-23 19:21 - 00000247 _____ () C:\WINDOWS\system32\2015-02-21-12-57-49.007-aswFe.exe-7988.log
2015-02-21 12:57 - 2015-02-21 12:57 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-12-57-46.045-AvastVBoxSVC.exe-6428.log
2015-02-21 11:53 - 2015-02-21 11:55 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-11-53-50.066-AvastVBoxSVC.exe-3184.log
2015-02-21 11:53 - 2015-02-21 11:53 - 00001315 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Online Backup.lnk
2015-02-21 11:41 - 2015-02-21 11:43 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-11-41-33.084-AvastVBoxSVC.exe-2976.log
2015-02-21 11:29 - 2015-02-21 11:31 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-11-29-02.035-AvastVBoxSVC.exe-4380.log
2015-02-20 11:17 - 2015-02-20 11:19 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-11-17-58.056-AvastVBoxSVC.exe-1840.log
2015-02-20 10:58 - 2015-02-20 11:02 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-10-58-35.031-AvastVBoxSVC.exe-3828.log
2015-02-20 10:32 - 2015-02-20 10:33 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-10-32-01.059-AvastVBoxSVC.exe-3748.log
2015-02-20 10:09 - 2015-02-20 10:12 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-10-09-54.065-AvastVBoxSVC.exe-3796.log
2015-02-20 01:24 - 2015-02-20 01:24 - 00000000 ____D () C:\ProgramData\Browser
2015-02-20 00:56 - 2015-02-20 00:57 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-00-56-45.032-AvastVBoxSVC.exe-4620.log
2015-02-19 23:13 - 2015-02-19 23:15 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-23-13-29.065-AvastVBoxSVC.exe-4484.log
2015-02-19 22:45 - 2015-02-19 22:45 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\WTools
2015-02-19 22:45 - 2015-02-19 22:45 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Store
2015-02-19 22:44 - 2015-03-01 20:58 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
2015-02-19 22:44 - 2015-02-19 22:44 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Nosibay
2015-02-19 22:43 - 2015-03-01 20:58 - 00000000 ____D () C:\Program Files (x86)\TNT2
2015-02-19 22:43 - 2015-02-19 22:43 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\TNT2
2015-02-19 22:30 - 2015-02-19 22:32 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-22-30-23.038-AvastVBoxSVC.exe-3532.log
2015-02-19 22:29 - 2015-02-19 22:29 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-02-19 22:29 - 2015-02-19 22:29 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-19 22:17 - 2015-02-19 22:17 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-19 22:08 - 2015-02-27 16:02 - 00000000 ___DO () C:\Users\BrendaB\OneDrive
2015-02-19 22:04 - 2015-03-01 14:44 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39BF4D1A-6E3F-46A2-8BC2-B41FBD5753FE}
2015-02-19 22:04 - 2015-02-19 22:04 - 00000000 __SHD () C:\Users\BrendaB\AppData\Local\EmieUserList
2015-02-19 22:04 - 2015-02-19 22:04 - 00000000 __SHD () C:\Users\BrendaB\AppData\Local\EmieSiteList
2015-02-19 22:04 - 2015-02-19 22:04 - 00000000 __SHD () C:\Users\BrendaB\AppData\Local\EmieBrowserModeList
2015-02-19 21:56 - 2015-02-19 21:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-02-19 21:49 - 2015-02-27 16:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-19 21:46 - 2015-02-19 21:46 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-19 21:45 - 2015-03-01 15:22 - 00000258 __RSH () C:\Users\BrendaB\ntuser.pol
2015-02-19 21:45 - 2015-02-19 21:45 - 00000020 ___SH () C:\Users\BrendaB\ntuser.ini
2015-02-19 21:42 - 2015-03-01 19:17 - 01627366 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-19 21:41 - 2015-02-19 21:41 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-19 21:30 - 2015-02-19 21:30 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-21-30-47.065-AvastVBoxSVC.exe-2964.log
2015-02-19 21:21 - 2015-02-19 21:21 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-19 21:16 - 2015-02-19 21:16 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-19 21:13 - 2015-03-01 15:22 - 00000000 ____D () C:\Users\BrendaB
2015-02-19 21:13 - 2015-02-27 00:26 - 00000000 ____D () C:\Users\Guest
2015-02-19 21:13 - 2015-02-19 21:42 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2015-02-19 21:13 - 2015-02-19 21:42 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2015-02-19 21:13 - 2015-02-19 21:15 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 21:13 - 2015-02-19 21:14 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 21:13 - 2015-02-19 21:14 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 21:13 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 21:13 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 21:13 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 21:13 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 21:13 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 21:05 - 2015-02-19 21:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-19 21:05 - 2015-02-19 21:06 - 00000000 ____D () C:\Program Files\Elantech
2015-02-19 21:05 - 2015-02-19 21:05 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-19 21:05 - 2015-02-19 21:05 - 00000000 ____D () C:\Program Files\Realtek
2015-02-19 21:04 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-02-19 21:04 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-02-19 21:00 - 2015-02-21 11:06 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-19 21:00 - 2015-02-19 21:00 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-19 21:00 - 2015-02-19 21:00 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-19 20:59 - 2015-02-19 20:59 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-19 20:59 - 2015-02-19 20:59 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-19 20:59 - 2015-02-19 20:59 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-19 20:58 - 2015-02-19 20:58 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-19 20:58 - 2015-02-19 20:58 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-19 20:58 - 2015-02-19 20:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-19 20:58 - 2015-02-19 20:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-19 20:57 - 2015-02-19 20:57 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-19 20:57 - 2015-02-19 20:57 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-19 20:57 - 2015-02-19 20:57 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-19 20:57 - 2015-02-19 20:57 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-19 20:57 - 2015-02-19 20:57 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-19 20:57 - 2015-02-19 20:57 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-19 20:57 - 2015-02-19 20:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-19 20:56 - 2015-02-19 20:56 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-19 20:55 - 2015-02-19 20:55 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-19 20:52 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-19 20:52 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-19 20:52 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-19 20:52 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-19 18:55 - 2015-02-19 18:55 - 00001856 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-02-19 12:46 - 2015-02-19 12:46 - 00003976 _____ () C:\WINDOWS\System32\Tasks\SafeSearchUpdate
2015-02-19 12:46 - 2015-02-19 12:46 - 00003204 _____ () C:\WINDOWS\System32\Tasks\SafeSearchVerify
2015-02-19 12:40 - 2015-02-19 12:40 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-12-40-24.080-AvastVBoxSVC.exe-3160.log
2015-02-19 12:21 - 2015-03-01 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
2015-02-19 12:02 - 2015-02-19 12:02 - 01167680 _____ (Elex do Brasil Participações Ltda) C:\Users\BrendaB\Downloads\yet_another_cleaner_mat_setup_152743.exe
2015-02-19 11:55 - 2015-03-01 20:59 - 00000000 ____D () C:\Program Files (x86)\gate snapper
2015-02-19 11:54 - 2015-03-01 20:59 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\omniboxes
2015-02-19 11:54 - 2015-03-01 16:24 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-02-19 00:04 - 2015-03-01 20:58 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\CrimeWatch
2015-02-19 00:03 - 2015-03-01 20:59 - 00000000 ____D () C:\Program Files (x86)\PremierOpinion
2015-02-19 00:02 - 2015-03-01 20:58 - 00000000 ____D () C:\ProgramData\CrimeWatch
2015-02-19 00:01 - 2015-03-01 16:17 - 00000000 ____D () C:\ProgramData\cODWExc
2015-02-19 00:01 - 2015-02-22 01:59 - 00000000 ____D () C:\Users\BrendaB\Documents\Add-in Express
2015-02-19 00:00 - 2015-03-01 20:58 - 00000000 ____D () C:\Program Files\SafeSearch
2015-02-18 23:59 - 2015-02-19 22:42 - 00000000 _____ () C:\END
2015-02-18 23:59 - 2015-02-18 23:59 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-02-18 18:59 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-02-18 18:59 - 2015-02-18 18:59 - 00001461 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-02-18 18:59 - 2015-02-18 18:59 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NSSx64
2015-02-18 18:59 - 2015-02-18 18:59 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2015-02-18 18:55 - 2015-03-01 18:55 - 00000370 _____ () C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB).job
2015-02-18 18:55 - 2015-02-18 18:55 - 00003016 _____ () C:\WINDOWS\System32\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB)
2015-02-18 18:54 - 2015-02-18 18:56 - 00000197 _____ () C:\WINDOWS\system32\2015-02-18-18-54-53.057-AvastVBoxSVC.exe-3284.log
2015-02-17 12:15 - 2015-03-01 23:01 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2015-02-17 12:15 - 2015-03-01 23:01 - 00000436 _____ () C:\WINDOWS\Tasks\DriverUpdate Startup.job
2015-02-17 12:15 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2015-02-17 12:15 - 2015-02-18 18:54 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\SlimWare Utilities Inc
2015-02-17 12:15 - 2015-02-18 18:51 - 00000490 _____ () C:\WINDOWS\Tasks\DriverUpdate Scan.job
2015-02-17 12:15 - 2015-02-17 12:15 - 00003346 _____ () C:\WINDOWS\System32\Tasks\DriverUpdate Scan
2015-02-17 12:15 - 2015-02-17 12:15 - 00002846 _____ () C:\WINDOWS\System32\Tasks\DriverUpdate Startup
2015-02-17 12:15 - 2015-02-17 12:15 - 00002465 _____ () C:\Users\Public\Desktop\SlimCleaner Plus.lnk
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Downloaded Installers
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\Program Files\SlimService
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2015-02-17 12:14 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2015-02-17 12:14 - 2015-02-17 12:14 - 00002469 _____ () C:\Users\Public\Desktop\DriverUpdate.lnk
2015-02-17 12:14 - 2015-02-17 12:14 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-02-17 12:14 - 2015-02-17 12:14 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2015-02-17 12:09 - 2015-03-01 20:58 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Gameo
2015-02-17 12:09 - 2015-02-17 12:09 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Taplika
2015-02-17 12:07 - 2015-03-01 16:10 - 00000000 ____D () C:\Program Files (x86)\Cleaner Pro
2015-02-17 12:07 - 2015-02-19 23:33 - 00003450 _____ () C:\WINDOWS\System32\Tasks\CleanerPro_Popup
2015-02-17 12:07 - 2015-02-19 23:33 - 00000000 ____D () C:\Users\BrendaB\Documents\CleanerPro
2015-02-17 12:07 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleaner Pro
2015-02-17 12:07 - 2015-02-17 12:07 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\CleanerPro
2015-02-17 12:06 - 2015-03-01 20:59 - 00000000 ____D () C:\Program Files (x86)\WSE_Taplika
2015-02-17 12:06 - 2015-02-19 22:42 - 00000000 ____D () C:\ProgramData\Unchecky
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\WSE_Taplika
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Taplika
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Cleaner Pro
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\ProgramData\{AF3347F0-FFB1-9676-4E37-E6F49EB5357A}
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2015-02-17 12:05 - 2015-02-17 12:05 - 00355310 _____ () C:\Users\BrendaB\Downloads\MinecraftSetup.exe
2015-02-17 10:25 - 2015-01-29 08:30 - 00011056 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-02-17 00:53 - 2015-02-19 21:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2015-02-17 00:45 - 2015-02-17 00:46 - 00000197 _____ () C:\WINDOWS\system32\2015-02-17-00-45-22.062-AvastVBoxSVC.exe-6644.log
2015-02-17 00:30 - 2015-02-17 00:30 - 00000280 _____ () C:\WINDOWS\system32\2015-02-17-00-30-48.053-aswFe.exe-12736.log
2015-02-16 23:47 - 2015-02-16 23:47 - 00003258 _____ () C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule
2015-02-16 23:41 - 2015-03-01 16:24 - 00000000 ____D () C:\ProgramData\{1d3dcf2a-82b1-0be8-1d3d-dcf2a82b3caa}
2015-02-16 23:41 - 2015-03-01 16:15 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.39
2015-02-16 22:53 - 2015-02-16 22:53 - 00941921 _____ ( ) C:\Users\BrendaB\Downloads\minecraft (2).exe
2015-02-16 22:02 - 2015-02-16 22:02 - 00941921 _____ ( ) C:\Users\BrendaB\Downloads\minecraft (1).exe
2015-02-16 22:01 - 2015-02-16 22:01 - 00263186 _____ () C:\Users\BrendaB\Downloads\Minecraft.exe
2015-02-15 23:55 - 2015-03-03 00:13 - 00000000 ____D () C:\Users\BrendaB\Desktop\FRST-OlderVersion
2015-02-15 23:25 - 2015-02-15 23:25 - 00000747 _____ () C:\Users\BrendaB\Desktop\JRT.txt
2015-02-15 23:08 - 2015-02-15 23:08 - 01388274 _____ (Thisisu) C:\Users\BrendaB\Desktop\JRT.exe
2015-02-15 21:33 - 2015-02-15 21:34 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-21-33-22.010-AvastVBoxSVC.exe-2880.log
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v4.html
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v3.html
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v2.html
2015-02-15 19:30 - 2015-02-15 19:30 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015.html
2015-02-15 19:29 - 2015-02-15 21:29 - 00000000 ____D () C:\AdwCleaner
2015-02-15 19:28 - 2015-02-15 19:28 - 02112512 _____ () C:\Users\BrendaB\Desktop\AdwCleaner.exe
2015-02-15 17:40 - 2015-02-24 17:30 - 00003826 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1424022019
2015-02-15 17:40 - 2015-02-24 17:30 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-15 17:40 - 2015-02-19 11:54 - 00001315 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-15 17:40 - 2015-02-15 17:40 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Opera Software
2015-02-15 17:40 - 2015-02-15 17:40 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Opera Software
2015-02-15 17:39 - 2015-03-01 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-15 16:36 - 2015-02-15 16:37 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-16-36-15.078-AvastVBoxSVC.exe-3036.log
2015-02-15 11:45 - 2015-02-15 11:46 - 00037455 _____ () C:\Users\BrendaB\Desktop\Addition.txt
2015-02-15 11:44 - 2015-03-03 00:14 - 00031167 _____ () C:\Users\BrendaB\Desktop\FRST.txt
2015-02-15 11:43 - 2015-03-03 00:14 - 00000000 ____D () C:\FRST
2015-02-15 11:41 - 2015-03-03 00:13 - 02092544 _____ (Farbar) C:\Users\BrendaB\Desktop\FRST64.exe
2015-02-15 11:21 - 2015-02-15 11:23 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-11-21-48.002-AvastVBoxSVC.exe-3436.log
2015-02-15 10:53 - 2015-02-15 10:54 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-10-53-13.011-AvastVBoxSVC.exe-3656.log
2015-02-14 19:53 - 2015-02-14 19:53 - 08503296 _____ () C:\Users\BrendaB\Documents\main.db
2015-02-14 18:13 - 2015-02-14 18:14 - 00000197 _____ () C:\WINDOWS\system32\2015-02-14-18-13-21.046-AvastVBoxSVC.exe-2152.log
2015-02-14 17:10 - 2015-02-14 17:12 - 00000197 _____ () C:\WINDOWS\system32\2015-02-14-17-10-32.097-AvastVBoxSVC.exe-2292.log
2015-02-13 14:14 - 2015-02-15 10:44 - 00000000 ____D () C:\410ded665ceef920ed1a
2015-02-10 20:43 - 2015-02-10 20:43 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Unity
2015-02-05 23:32 - 2015-02-05 23:34 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-23-32-35.061-AvastVBoxSVC.exe-3012.log
2015-02-05 21:27 - 2015-02-05 21:27 - 00000000 ____D () C:\WINDOWS\pss
2015-02-05 20:39 - 2015-02-05 20:39 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-20-39-00.031-AvastVBoxSVC.exe-2868.log
2015-02-05 18:47 - 2015-02-05 18:47 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-18-47-35.054-AvastVBoxSVC.exe-3532.log
2015-02-05 18:03 - 2015-02-05 18:06 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-18-03-20.051-AvastVBoxSVC.exe-3004.log
2015-02-05 17:28 - 2015-02-05 17:29 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-17-28-55.008-AvastVBoxSVC.exe-2876.log
2015-02-04 10:45 - 2015-02-04 10:45 - 00003278 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-1465268432-4247279613-3226374191-1001
2015-02-04 10:41 - 2015-02-04 10:41 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-10-41-07.048-AvastVBoxSVC.exe-3320.log
2015-02-03 19:13 - 2015-03-01 15:42 - 00002396 _____ () C:\Users\BrendaB\Desktop\chrome.lnk
2015-02-03 19:09 - 2015-02-03 19:09 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-19-09-10.042-AvastVBoxSVC.exe-3020.log
2015-02-03 13:01 - 2015-02-03 13:01 - 00000247 _____ () C:\WINDOWS\system32\2015-02-03-13-01-55.009-aswFe.exe-1924.log
2015-02-03 12:53 - 2015-02-03 13:01 - 00000247 _____ () C:\WINDOWS\system32\2015-02-03-12-53-40.021-aswFe.exe-3568.log
2015-02-03 12:53 - 2015-02-03 12:53 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-12-53-34.055-AvastVBoxSVC.exe-5716.log
2015-02-03 12:33 - 2015-02-19 22:25 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-03 12:26 - 2015-03-01 20:10 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-03 12:25 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2015-02-15 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-03 12:25 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-03 10:59 - 2015-02-03 10:59 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-03 10:59 - 2015-01-31 09:39 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-02-03 10:52 - 2015-02-03 10:52 - 05006864 _____ (AVAST Software) C:\Users\BrendaB\Downloads\avast_free_antivirus_setup_online.exe
2015-02-03 10:49 - 2015-03-01 16:11 - 00000000 ____D () C:\Program Files (x86)\dab2ae2d-a46a-4825-8298-8c6b2d194993
2015-02-02 19:06 - 2015-02-02 19:07 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-19-06-25.033-AvastVBoxSVC.exe-2880.log
2015-02-02 17:36 - 2015-02-02 17:36 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-17-36-29.014-AvastVBoxSVC.exe-2856.log
2015-02-02 17:20 - 2015-02-02 17:22 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-17-20-06.010-AvastVBoxSVC.exe-2880.log
2015-02-02 17:04 - 2015-02-02 17:05 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-17-04-52.044-AvastVBoxSVC.exe-2848.log
2015-02-02 16:27 - 2015-02-02 16:27 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-16-27-26.024-AvastVBoxSVC.exe-3428.log
2015-02-02 03:15 - 2015-02-02 03:15 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-03-15-16.061-AvastVBoxSVC.exe-3024.log
2015-02-02 02:22 - 2015-02-02 02:22 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-02-22-24.036-AvastVBoxSVC.exe-2932.log
2015-02-02 02:16 - 2015-02-02 02:16 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-02-16-18.080-AvastVBoxSVC.exe-2784.log
2015-02-02 01:34 - 2015-02-02 01:34 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair (1).exe
2015-02-02 01:32 - 2015-02-02 01:32 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair.exe
2015-02-01 13:50 - 2015-02-01 13:52 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-13-50-21.054-AvastVBoxSVC.exe-3896.log
2015-02-01 13:29 - 2015-02-01 13:29 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-13-29-58.048-AvastVBoxSVC.exe-4428.log
2015-02-01 13:11 - 2015-02-01 13:11 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-13-11-16.066-AvastVBoxSVC.exe-2920.log
2015-02-01 12:19 - 2015-02-01 12:19 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-12-19-21.016-AvastVBoxSVC.exe-2868.log
2015-02-01 11:37 - 2015-02-01 11:37 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-11-37-01.035-AvastVBoxSVC.exe-5080.log
2015-02-01 11:09 - 2015-02-01 11:09 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-11-09-53.078-AvastVBoxSVC.exe-2848.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-03 00:10 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-01 23:07 - 2014-02-26 01:07 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1465268432-4247279613-3226374191-1001
2015-03-01 23:01 - 2014-02-26 01:07 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-01 22:41 - 2013-08-22 14:46 - 00328729 _____ () C:\WINDOWS\setupact.log
2015-03-01 22:41 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-01 19:17 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-01 19:01 - 2014-03-01 17:04 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-01 19:01 - 2014-02-26 01:31 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Skype
2015-03-01 18:46 - 2014-03-02 18:37 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA.job
2015-03-01 18:45 - 2014-02-26 01:07 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-01 16:10 - 2014-12-29 11:18 - 00000000 ____D () C:\Program Files (x86)\Brackets
2015-03-01 15:42 - 2014-02-26 01:19 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-01 15:38 - 2012-07-26 05:26 - 00000226 _____ () C:\WINDOWS\win.ini
2015-03-01 15:21 - 2014-11-21 16:51 - 00009068 _____ () C:\WINDOWS\PFRO.log
2015-03-01 14:43 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-27 16:11 - 2014-03-01 16:58 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-27 00:30 - 2014-11-22 01:01 - 00005384 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-27 00:26 - 2015-01-31 00:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\Packages
2015-02-27 00:19 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-27 00:15 - 2014-11-22 05:25 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-27 00:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-24 19:39 - 2014-03-01 18:30 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-23 18:33 - 2014-02-28 13:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-23 17:21 - 2014-02-28 13:11 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-23 17:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-22 01:37 - 2014-02-26 01:00 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Packages
2015-02-21 12:29 - 2014-03-02 18:37 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core.job
2015-02-19 22:08 - 2014-03-01 18:56 - 00000000 ___RD () C:\Users\BrendaB\OneDrive.old
2015-02-19 21:56 - 2013-08-22 14:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2015-02-19 21:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-19 21:42 - 2015-01-31 17:02 - 00009700 _____ () C:\WINDOWS\comsetup.log
2015-02-19 21:42 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-19 21:37 - 2013-08-22 15:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-19 21:36 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-19 21:25 - 2013-08-22 14:44 - 00481880 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-19 21:23 - 2015-01-31 09:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-02-19 21:23 - 2015-01-31 09:44 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-02-19 21:23 - 2015-01-31 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-19 21:23 - 2014-12-29 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-19 21:23 - 2014-12-29 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2015-02-19 21:23 - 2014-04-12 14:09 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-19 21:23 - 2014-04-05 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-19 21:23 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-02-19 21:23 - 2014-03-04 14:26 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-19 21:23 - 2014-03-01 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-19 21:23 - 2014-02-26 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-19 21:23 - 2014-02-26 02:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-19 21:23 - 2014-02-26 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-19 21:23 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-19 21:23 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-19 21:23 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-19 21:23 - 2012-08-27 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-19 21:23 - 2012-08-27 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-02-19 21:23 - 2012-08-03 02:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-19 21:23 - 2012-08-03 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-19 21:23 - 2012-08-03 02:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-19 21:23 - 2012-08-03 02:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-19 21:21 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-19 21:21 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-19 21:21 - 2013-08-22 15:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-02-19 21:21 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-19 21:21 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-19 21:20 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-02-19 21:20 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-19 21:19 - 2013-08-22 15:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-19 21:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Resources
2015-02-19 21:19 - 2012-08-03 02:24 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-19 21:18 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-19 21:18 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-19 21:18 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-19 21:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-19 21:16 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-02-19 21:02 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2015-02-19 21:00 - 2015-01-31 18:35 - 00000000 __SHD () C:\Recovery
2015-02-19 21:00 - 2013-08-22 15:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-19 20:59 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-19 20:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-19 20:43 - 2014-02-26 01:00 - 02096067 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-19 20:43 - 2012-07-26 08:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-19 12:42 - 2014-03-06 14:29 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\CrashDumps
2015-02-19 11:54 - 2014-04-12 21:53 - 00001351 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-19 11:53 - 2014-04-12 21:53 - 00001363 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-19 11:53 - 2014-02-26 01:01 - 00001646 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-18 18:59 - 2012-08-27 19:08 - 00000000 ____D () C:\ProgramData\Norton
2015-02-17 00:38 - 2014-04-10 12:07 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Unity
2015-02-15 21:49 - 2014-03-01 17:12 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-15 11:12 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Real
2015-02-10 12:24 - 2014-03-02 18:37 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA
2015-02-10 12:24 - 2014-03-02 18:37 - 00003500 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core
2015-02-10 12:24 - 2014-02-26 01:07 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 12:24 - 2014-02-26 01:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 19:31 - 2014-11-22 05:29 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2014-11-22 05:29 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 18:28 - 2014-12-29 11:09 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2015-02-03 12:26 - 2014-03-01 17:12 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-02-03 10:59 - 2014-02-26 01:19 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-02-02 17:47 - 2014-02-26 02:07 - 00000000 ____D () C:\Users\BrendaB\Documents\Bluetooth Folder
2015-02-02 16:20 - 2012-08-27 18:42 - 00000000 ____D () C:\Program Files\Intel
 
==================== Files in the root of some directories =======
 
2014-12-29 11:31 - 2014-12-29 20:14 - 0000127 _____ () C:\Users\BrendaB\AppData\Roaming\Camdata.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamLayout.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamShapes.ini
2014-12-29 11:30 - 2014-12-29 11:30 - 0004535 _____ () C:\Users\BrendaB\AppData\Roaming\CamStudio.cfg
2014-12-29 11:10 - 2014-12-29 12:10 - 0000096 _____ () C:\Users\BrendaB\AppData\Roaming\version2.xml
2014-12-29 11:52 - 2014-12-29 12:04 - 0005632 _____ () C:\Users\BrendaB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-27 18:40 - 2012-08-27 18:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-29 11:10 - 2014-12-29 11:10 - 0001150 _____ () C:\ProgramData\FavIcon.ico
2015-02-23 20:10 - 2015-02-23 20:10 - 1285312 _____ () C:\ProgramData\Setup.exe
 
Files to move or delete:
====================
C:\ProgramData\Setup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-01 18:07
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2015
Ran by BrendaB at 2015-03-03 00:16:41
Running from C:\Users\BrendaB\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}) (Version: 1.00.3012 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Cleaner Pro (HKLM-x32\...\{25FBF79F-83C6-4243-B149-C6050AB71B72}) (Version: 2.6.2 - Cleaner Pro)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrimeWatch (HKLM-x32\...\CrimeWatch) (Version: 3.0.40 - Mathematical Applications)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
DriverUpdate (HKLM-x32\...\{B2B04F8B-6444-4364-89C8-F3088D4E8D02}) (Version: 2.2.43335 - SlimWare Utilities, Inc.)
Dropbox (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 7.1.0.17 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Minecraft Packages (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Minecraft Packages) (Version:  - ) <==== ATTENTION
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.2.0.3 - PC Utilities Software Limited) <==== ATTENTION
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimCleaner Plus (HKLM\...\{BA219F82-20BF-49AD-A279-E2D69D3B9D3F}) (Version: 1.0.26102 - SlimWare Utilities, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Unchecky v0.3.6 (HKLM-x32\...\Unchecky) (Version: 0.3.6 - RaMMicHaeL)
Unity Web Player (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.7 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED}\InprocServer32 -> C:\Program Files (x86)\TNT2\Profiles\10811\passport64.dll No File
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
23-02-2015 17:15:05 Windows Update
01-03-2015 18:08:41 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 05:26 - 2015-03-01 22:42 - 00001993 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
 
There are 4 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0CCD2741-BC79-422E-ABB9-7ECC7E82289E} - \WindApp Update No Task File <==== ATTENTION
Task: {10B87867-0074-4F97-810F-49ABB65F024B} - \111702df-71a6-401a-950f-be860a6ab76d-5_user No Task File <==== ATTENTION
Task: {15E071EC-58C6-4A6B-9528-52CCBB1EE11C} - System32\Tasks\Opera scheduled Autoupdate 1424022019 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software)
Task: {22B4C7E8-72C9-4E09-BD9E-44BB671A410D} - System32\Tasks\SafeSearchUpdate => C:\Program Files\SafeSearch\1_7\se.exe
Task: {2908927B-FA1F-4534-95BF-74F63F2CF895} - System32\Tasks\DriverUpdate Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2014-12-11] (SlimWare Utilities, Inc.)
Task: {2A1753E7-E104-4BA2-9F0F-ED2357E88460} - \111702df-71a6-401a-950f-be860a6ab76d-5 No Task File <==== ATTENTION
Task: {2B5AA756-B52F-45BB-86C6-3772357B90C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {30CEEB46-ADA8-4F25-B110-FBD88206A6F9} - \111702df-71a6-401a-950f-be860a6ab76d-1-7 No Task File <==== ATTENTION
Task: {357A410B-DD04-4405-8F1C-F45D33AF27AE} - \111702df-71a6-401a-950f-be860a6ab76d-6 No Task File <==== ATTENTION
Task: {3B00A1D6-9FBE-4ABB-B7C3-67B974B75E0E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {41D7949E-B659-4F93-833A-5E01E5F838B9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {42CE8862-B65F-4F84-9DA2-2A541A888354} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {442AA615-92D8-46C4-A0DA-5ABBA0239B98} - \Taplika No Task File <==== ATTENTION
Task: {55997012-9B97-44F4-BDFD-0AD9CBFB97BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {58D5E164-790F-4B0A-AFD3-93B76393AF7D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-31] (AVAST Software)
Task: {5DC2915E-0C70-49DB-B6B9-DF0FCAF3DF7F} - \Selection Tools Update No Task File <==== ATTENTION
Task: {63BEF037-FED5-4446-B17C-8936242354E7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {77D50B6F-D6BB-47B7-AFAA-9C53184C514F} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {891CE9D9-4829-4971-8265-604AA2720FBA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1465268432-4247279613-3226374191-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {8945E50E-53DE-4A56-AA52-A202FEE4442C} - \111702df-71a6-401a-950f-be860a6ab76d-11 No Task File <==== ATTENTION
Task: {8C042187-F5FA-4382-BB35-BDD45CF01BC8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-23] (Microsoft Corporation)
Task: {94EA158F-FA27-41BB-AF2C-9CBF20927675} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {99207698-4A79-4399-9DA5-07E5BB635AC5} - \111702df-71a6-401a-950f-be860a6ab76d-4 No Task File <==== ATTENTION
Task: {9ED32C6B-1544-4B98-9098-99B228E2955E} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-07-12] ()
Task: {A052D890-18FD-4AE5-8D8A-CAAD77F46C20} - \111702df-71a6-401a-950f-be860a6ab76d-7 No Task File <==== ATTENTION
Task: {A1D04B2E-E0EF-4A03-80A9-70A3325C651A} - \111702df-71a6-401a-950f-be860a6ab76d-10_user No Task File <==== ATTENTION
Task: {A2F18105-6B72-4E83-A71B-2210CD98026E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {A535F8BE-2BC3-4103-8FA4-10778DDDB29B} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [2014-12-23] (SlimWare Utilities, Inc.)
Task: {A59EC215-70A5-44FD-820E-F99ECC7D97A1} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-07-12] ()
Task: {A9D1759E-8146-4D85-BA4D-FFE47776014F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {AB8AB1BF-0DE8-4024-9887-8E6229F489D3} - System32\Tasks\SafeSearchVerify => C:\Program Files\SafeSearch\1_7\se.exe
Task: {B42CD17E-9F4E-4E82-8138-2E30E9C6ABF3} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2014-12-11] (SlimWare Utilities, Inc.)
Task: {C26AFDC6-3194-49C8-B59B-AF36B2088100} - System32\Tasks\avastBCLRestartS-1-5-21-1465268432-4247279613-3226374191-1001 => Chrome.exe 
Task: {C74B3221-63F3-4874-9C97-243A36A8EF90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {CECDDD4C-8065-4E4D-9916-9054EC4ED2DA} - \111702df-71a6-401a-950f-be860a6ab76d-1-6 No Task File <==== ATTENTION
Task: {E589F0D0-5900-4DE7-BDD8-95B7B83F0A27} - System32\Tasks\CleanerPro_Popup => C:\Program Files (x86)\Cleaner Pro\Splash.exe [2015-01-23] ()
Task: {F1C3869E-155D-4BC8-A5C2-168980F9F817} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-14] (Microsoft Corporation)
Task: {F2EDFC9A-AFFB-4EFE-9469-03541313BD41} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.39\OptProLauncher.exe [2015-02-09] (PC Utilities Software Limited) <==== ATTENTION
Task: {F3802FB0-A723-42DB-A912-6C075DA019FB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1465268432-4247279613-3226374191-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {FD5869C3-622D-447F-966D-D1203F1AB49C} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\WINDOWS\Tasks\DriverUpdate Scan.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core.job => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA.job => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-03-01 18:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-24 19:37 - 2014-12-23 19:53 - 08898728 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-06-22 01:12 - 2012-06-22 01:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 14:47 - 2013-01-28 14:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-23 08:11 - 2014-12-23 08:11 - 00756032 _____ () C:\Program Files\SlimService\MyDefragDll.dll
2012-07-12 23:01 - 2012-07-12 23:01 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-07-12 23:01 - 2012-07-12 23:01 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-02-24 17:30 - 2015-02-24 17:28 - 00552056 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\opera_crashreporter.exe
2015-03-01 18:58 - 2015-03-01 18:58 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15030101\algo.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-03-03 00:14 - 2015-03-03 00:14 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15030202\algo.dll
2015-02-17 12:06 - 2015-02-17 12:06 - 00058880 _____ () C:\Program Files (x86)\Unchecky\bin\collector.dll
2012-08-27 18:42 - 2012-06-25 17:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-07-30 23:04 - 2012-07-30 23:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-20 10:37 - 2015-02-17 22:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 10:37 - 2015-02-17 22:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 10:37 - 2015-02-17 22:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-24 17:29 - 2015-02-24 17:28 - 00157816 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\message_center_win8.dll
2015-02-24 17:29 - 2015-02-24 17:28 - 01408632 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\libglesv2.dll
2015-02-24 17:29 - 2015-02-24 17:28 - 00219256 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\libegl.dll
2014-12-25 14:14 - 2014-12-25 14:14 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-02-24 17:30 - 2015-02-24 17:28 - 09510520 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\BrendaB\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1465268432-4247279613-3226374191-500 - Administrator - Disabled)
Adult Admin Acc (S-1-5-21-1465268432-4247279613-3226374191-1002 - Administrator - Enabled) => C:\Users\Adult Admin Acc
BrendaB (S-1-5-21-1465268432-4247279613-3226374191-1001 - Administrator - Enabled) => C:\Users\BrendaB
Guest (S-1-5-21-1465268432-4247279613-3226374191-501 - Limited - Enabled) => C:\Users\Guest
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/01/2015 06:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (03/01/2015 06:46:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
 
Error: (03/01/2015 06:38:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
 
Error: (03/01/2015 06:35:15 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (03/01/2015 05:47:39 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000463C994B40).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 03:42:48 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000001150EA8400).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 02:43:08 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000078B80C67F0).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (02/27/2015 00:59:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (02/27/2015 00:29:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (02/27/2015 00:29:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (03/01/2015 10:40:23 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (03/01/2015 10:40:23 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/01/2015 10:40:04 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1068netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (03/01/2015 10:40:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/01/2015 10:40:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error: 
%%1068
 
Error: (03/01/2015 10:39:30 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/01/2015 10:29:30 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/01/2015 10:19:30 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/01/2015 10:09:30 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/01/2015 09:59:30 PM) (Source: DCOM) (EventID: 10005) (User: Brenda)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
Microsoft Office Sessions:
=========================
Error: (03/01/2015 06:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\ProgramData\Browser\prompt.exeC:\ProgramData\Browser\prompt.exe.Config0
 
Error: (03/01/2015 06:46:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\Users\BrendaB\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe
 
Error: (03/01/2015 06:38:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\Users\BrendaB\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe
 
Error: (03/01/2015 06:35:15 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\safesearch\1_7\ie\adxloader.dll.Manifestc:\program files\safesearch\1_7\ie\adxloader.dll.Manifest2
 
Error: (03/01/2015 05:47:39 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000463C994B40)
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 03:42:48 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000001150EA8400)
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 02:43:08 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000078B80C67F0)
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (02/27/2015 00:59:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (02/27/2015 00:29:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000
 
Error: (02/27/2015 00:29:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-17 10:18:11.038
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:18:10.788
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:18:10.570
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:18:10.367
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:48.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:48.087
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:47.978
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:47.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:02:06.156
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:02:05.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 5959.27 MB
Available physical RAM: 4021.01 MB
Total Pagefile: 10823.27 MB
Available Pagefile: 8396.55 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:441.75 GB) (Free:380.59 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A0DE79BE)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
 
 


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:53 AM

Posted 03 March 2015 - 06:44 AM

Hi,

Step 1

Please uninstall some programs:

  • Windows 8 w8.png: Hold down the Windows logo key and press X to open a menu at the lower-left area of the screen.
  • Select Programs and Features from the menu.
  • Search and select the following programs one by one and click on Uninstall:

    Optimizer Pro v3.2
    Minecraft Packages

  • Reboot your computer.

Step 2
Scan with mbam.pngMalwarebytes Anti-Malware

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

mbameng.gif

Step 3

Scan with adwcleaner.png AdwCleaner(by Xplode).

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 Zaria

Zaria
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 03 March 2015 - 07:41 AM

Hey, I un-installed Optimizer Pro but with Minecraft some Uninstall Manager came up and I got "You have already uninstalled all the offers that came with Minecraft packages or that the installation is still in progress" and I had an option to "Remove this manager from add/removed programs". So I'm not completely sure what's going on with that one. 

 

About to complete the other steps...



#12 Zaria

Zaria
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 03 March 2015 - 10:11 AM

Having issues with Malwarebtyes - there were a lot of things detected in the scan, mostly PUPS but also one other thing which looked more serious (non malware items detected:583 malware items: 1). Everything seemed fine until I tried to get a detailed log and it came up blank (time elapsed 0, everything 0 etc.). All the items meant to have been quarantined are also not in quarantine. 

 

I repeated the scan after this happened the 1st time and it picked up everything all over again so it wasn't cleaned and probably still hasn't been :/

 

# AdwCleaner v4.111 - Logfile created 03/03/2015 at 15:49:57
# Updated 18/02/2015 by Xplode
# Database : 2015-03-02.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : BrendaB - BRENDA
# Running from : C:\Users\BrendaB\Downloads\AdwCleaner (2).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Browser
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\f4330af80000671d
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleaner Pro
Folder Deleted : C:\Program Files (x86)\PremierOpinion
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\TNT2
Folder Deleted : C:\Program Files (x86)\Cleaner Pro
Folder Deleted : C:\Program Files (x86)\WSE_Taplika
Folder Deleted : C:\Users\BrendaB\AppData\Local\TNT2
Folder Deleted : C:\Users\BrendaB\AppData\Local\CleanerPro
Folder Deleted : C:\Users\BrendaB\AppData\Local\Taplika
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Gameo
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Nosibay
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Store
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\WTools
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Cleaner Pro
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\WSE_Taplika
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Taplika
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\omniboxes
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
Folder Deleted : C:\Users\BrendaB\Documents\CleanerPro
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\searchengine@gmail.com
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Folder Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea
Folder Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkjojacgdjkninepeghaamnapdjmlfn
File Deleted : C:\END
File Deleted : C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\searchplugins\safesearch.xml
File Deleted : C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\user.js
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.publikeco00.publikeco.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.publikeco00.publikeco.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\Guest\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Guest\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\BrendaB\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\BrendaB\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\Guest\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : driverupdate startup
Task Deleted : Optimizer Pro Schedule
Task Deleted : WindApp Update
Task Deleted : Selection Tools Update
Task Deleted : CleanerPro_Popup
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FE1CA8F7-B215-477B-A3EA-0E391ACE7F58}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\Store
Key Deleted : HKCU\Software\WTools
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\Cleaner Pro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\a2g-secure.com
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "Web Search");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("extensions.safesearch.ss_campaign", "wi");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("extensions.safesearch.ss_source", "wi");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("extensions.safesearch.ss_owner", "wi");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("extensions.safesearch.ss_engine", "true");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://www.safesearch.net/search?p=s&q={searchTerms}&m=ff&c=wi&s=wi");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://www.safesearch.net/search?p=s&q=");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.safesearch.net/?p=h&m=ff&c=wi&s=wi");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("extensions.safesearch.ss_home", "true");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.safesearch.net/?p=t&m=ff&c=wi&s=wi");
[m80i6pxe.default\prefs.js] - Line Deleted : user_pref("startup.homepage_override_url", "hxxp://www.safesearch.net/?p=h&m=ff&c=wi&s=wi");
 
-\\ Google Chrome v40.0.2214.115
 
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://taplika.com/results.php?f=4&q={searchTerms}&a=tlk_ggbg_15_08_ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzy0FtDzyyC0EtC0DtBtDtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFtBtFtDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StByB0A0F0AyE0E0AtG0AyDzyyDtGtAtD0EzztG0CtDtCyDtGyDyD0Azz0DyE0C0F0CzytCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0EtD0BzzzztA0CtGyByCtB0DtGyEtC0EzytGzz0FyByBtGyD0ByByD0C0FyEyCtDtCyEyB2Q&cr=1412306367&ir=
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://taplika.com/results.php?f=4&q={searchTerms}&a=tlk_ggbg_15_08_ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzy0FtDzyyC0EtC0DtBtDtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFtBtFtDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StByB0A0F0AyE0E0AtG0AyDzyyDtGtAtD0EzztG0CtDtCyDtGyDyD0Azz0DyE0C0F0CzytCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0EtD0BzzzztA0CtGyByCtB0DtGyEtC0EzytGzz0FyByBtGyD0ByByD0C0FyEyCtDtCyEyB2Q&cr=1412306367&ir=
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.safesearch.net/search?q={searchTerms}&p=s&m=ch&c=wi&s=wi
 
-\\ Opera v27.0.1689.76
 
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://taplika.com/results.php?f=4&q={searchTerms}&a=tlk_ggbg_15_08_ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzy0FtDzyyC0EtC0DtBtDtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFtBtFtDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StByB0A0F0AyE0E0AtG0AyDzyyDtGtAtD0EzztG0CtDtCyDtGyDyD0Azz0DyE0C0F0CzytCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0EtD0BzzzztA0CtGyByCtB0DtGyEtC0EzytGzz0FyByBtGyD0ByByD0C0FyEyCtDtCyEyB2Q&cr=1412306367&ir=
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://taplika.com/results.php?f=4&q={searchTerms}&a=tlk_ggbg_15_08_ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzy0FtDzyyC0EtC0DtBtDtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFtBtFtDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StByB0A0F0AyE0E0AtG0AyDzyyDtGtAtD0EzztG0CtDtCyDtGyDyD0Azz0DyE0C0F0CzytCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0EtD0BzzzztA0CtGyByCtB0DtGyEtC0EzytGzz0FyByBtGyD0ByByD0C0FyEyCtDtCyEyB2Q&cr=1412306367&ir=
[C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.safesearch.net/search?q={searchTerms}&p=s&m=ch&c=wi&s=wi
 
*************************
 
AdwCleaner[R0].txt - [10012 bytes] - [15/02/2015 19:34:31]
AdwCleaner[R1].txt - [10072 bytes] - [15/02/2015 21:16:45]
AdwCleaner[R2].txt - [11298 bytes] - [03/03/2015 15:34:43]
AdwCleaner[R3].txt - [11358 bytes] - [03/03/2015 15:44:09]
AdwCleaner[S0].txt - [10811 bytes] - [15/02/2015 21:28:58]
AdwCleaner[S1].txt - [12249 bytes] - [03/03/2015 15:49:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12309  bytes] ##########
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by BrendaB (administrator) on BRENDA on 03-03-2015 16:00:11
Running from C:\Users\BrendaB\Desktop
Loaded Profiles: BrendaB (Available profiles: BrendaB & Adult Admin Acc & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Spotify Ltd) C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
() C:\Program Files (x86)\Opera\27.0.1689.76\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.76\opera.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2014-02-26] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-30] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-03] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2014-03-11] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-02-05] (SUPERAntiSpyware)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Google Update] => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-26] (Google Inc.)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Spotify Web Helper] => C:\Users\BrendaB\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-27] (Spotify Ltd)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Run: [SlimCleaner Plus] => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26165568 2014-12-23] (SlimWare Utilities, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?PC=AV01
SearchScopes: HKLM -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\.DEFAULT -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-19 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-19 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-20 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-20 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {39118170-7B07-4BC5-8B47-C62B1DC1DC99} URL = http://www.bing.com/search?FORM=INCOH1&PC=IC02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {BA10A51A-167E-44CA-9362-8DCB9F7A6EBF} URL = 
SearchScopes: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> {CD8D7CA0-7D5E-4772-8DEF-860EB0874892} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10811
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - FindWide Toolbar - {0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED} - C:\Program Files (x86)\TNT2\Profiles\10811\passport64.dll No File
Toolbar: HKLM-x32 - FindWide Toolbar - {0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED} - C:\Program Files (x86)\TNT2\Profiles\10811\passport.dll No File
Toolbar: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001 -> FindWide Toolbar - {0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED} - C:\Program Files (x86)\TNT2\Profiles\10811\passport64.dll No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default
FF NewTab: hxxp://www.omniboxes.com/newtab/?type=nt&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261
FF Homepage: hxxp://www.omniboxes.com/?type=hp&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF DefaultSearchEngine: Search       
FF SearchEngineOrder.1: Search       
FF SelectedSearchEngine: Search       
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @talk.google.com/O1DPlugin -> C:\Users\BrendaB\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=3 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @tools.google.com/Google Update;version=9 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1465268432-4247279613-3226374191-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BrendaB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\BrendaB\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Media Hint - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\mediahint@jetpack.xpi [2014-04-12]
FF Extension: gate snapper 1.0.1 - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\Extensions\{fd10cee5-1b00-4433-a349-4c4d1226980a}.xpi [2015-02-19]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-26]
FF Extension: No Name - C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\extensions\toolbar10811@findwide.com.xpi [Not Found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.omniboxes.com/?type=hp&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261
CHR StartupUrls: Default -> "hxxp://www.omniboxes.com/?type=hp&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261"
CHR DefaultSearchKeyword: Default -> omniboxes
CHR DefaultNewTabURL: Default -> http://www.safesearch.net/?p=t
CHR Profile: C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-26]
CHR Extension: (Google Drive) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-26]
CHR Extension: (gate snapper) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjinmnllklljcmofdllbapdjgkbhnjc [2015-02-19]
CHR Extension: (Google Search) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-26]
CHR Extension: (Solution Real) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gajmlbhaikobfinipefjoonopbfdkpcl [2015-01-31]
CHR Extension: (Avast Online Security) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-03-11]
CHR Extension: (SnapMyScreen) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhimebnnaphjchlhcdgdlbfmlbbbaank [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-26]
CHR Extension: (CrushArcade) - C:\Users\BrendaB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol [2015-02-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-02-05] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-31] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-30] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [244544 2014-12-23] (SlimWare Utilities, Inc.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [126568 2015-02-17] (RaMMicHaeL)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-31] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-22] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-03] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2015-03-03] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-31] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-22] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-03 15:42 - 2015-03-03 15:42 - 02126848 _____ () C:\Users\BrendaB\Downloads\AdwCleaner (2).exe
2015-03-03 15:30 - 2015-03-03 15:30 - 02126848 _____ () C:\Users\BrendaB\Downloads\AdwCleaner (1).exe
2015-03-03 15:28 - 2015-03-03 15:28 - 02126848 _____ () C:\Users\BrendaB\Downloads\AdwCleaner.exe
2015-03-03 15:26 - 2015-03-03 15:26 - 02126848 _____ () C:\Users\BrendaB\Downloads\adwcleaner_4.111.exe
2015-03-03 13:53 - 2015-03-03 13:53 - 00000058 _____ () C:\mal.txt
2015-03-03 13:40 - 2015-03-03 14:55 - 00000247 _____ () C:\WINDOWS\system32\2015-03-03-13-40-42.094-aswFe.exe-5396.log
2015-03-03 13:40 - 2015-03-03 13:40 - 00000197 _____ () C:\WINDOWS\system32\2015-03-03-13-40-40.066-AvastVBoxSVC.exe-5508.log
2015-03-03 12:27 - 2015-03-03 12:27 - 00003414 _____ () C:\WINDOWS\System32\Tasks\{333DFD3E-4338-427F-B7E6-7953646F94A4}
2015-03-01 17:47 - 2015-03-01 17:48 - 00000197 _____ () C:\WINDOWS\system32\2015-03-01-17-47-46.039-AvastVBoxSVC.exe-2720.log
2015-03-01 17:47 - 2015-03-01 17:47 - 00000247 _____ () C:\WINDOWS\system32\2015-03-01-17-47-56.031-aswFe.exe-6140.log
2015-03-01 14:43 - 2015-03-01 14:43 - 00000247 _____ () C:\WINDOWS\system32\2015-03-01-14-43-39.047-aswFe.exe-7616.log
2015-03-01 14:43 - 2015-03-01 14:43 - 00000197 _____ () C:\WINDOWS\system32\2015-03-01-14-43-14.012-AvastVBoxSVC.exe-2188.log
2015-03-01 14:42 - 2015-03-01 14:42 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\EgisTec IPS
2015-03-01 14:41 - 2015-03-01 14:47 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1465268432-4247279613-3226374191-1002
2015-02-27 16:11 - 2015-02-27 16:11 - 00000000 ____D () C:\Users\Adult Admin Acc\Documents\Bluetooth Folder
2015-02-27 16:11 - 2015-02-27 16:11 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\BMExplorer
2015-02-27 16:10 - 2015-02-27 16:10 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Real
2015-02-27 16:10 - 2015-02-27 16:10 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\AVAST Software
2015-02-27 16:10 - 2015-02-27 16:10 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Atheros
2015-02-27 16:09 - 2015-03-01 15:44 - 00000000 ____D () C:\Users\Adult Admin Acc
2015-02-27 16:09 - 2015-03-01 14:41 - 00002283 _____ () C:\Users\Adult Admin Acc\Desktop\Google Chrome.lnk
2015-02-27 16:09 - 2015-02-27 16:11 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\Packages
2015-02-27 16:09 - 2015-02-27 16:09 - 00001450 _____ () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-27 16:09 - 2015-02-27 16:09 - 00000258 __RSH () C:\Users\Adult Admin Acc\ntuser.pol
2015-02-27 16:09 - 2015-02-27 16:09 - 00000020 ___SH () C:\Users\Adult Admin Acc\ntuser.ini
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\lm
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Adobe
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\VirtualStore
2015-02-27 16:09 - 2015-02-27 16:09 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Local\Google
2015-02-27 16:09 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-27 16:09 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-27 16:09 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-27 16:09 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-27 16:09 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-27 16:09 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Adult Admin Acc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-27 00:34 - 2015-02-27 00:34 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Opera Software
2015-02-27 00:34 - 2015-02-27 00:34 - 00000000 ____D () C:\Users\Guest\AppData\Local\Opera Software
2015-02-27 00:33 - 2015-02-27 00:33 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\SUPERAntiSpyware.com
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieBrowserModeList
2015-02-27 00:29 - 2015-02-27 00:29 - 00000000 ____D () C:\Users\Guest\Documents\Add-in Express
2015-02-27 00:28 - 2015-03-01 20:58 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrimeWatch
2015-02-27 00:26 - 2015-02-27 00:26 - 00001446 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-27 00:25 - 2015-02-27 00:25 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2015-02-27 00:15 - 2015-02-27 00:15 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-24 20:03 - 2015-02-24 20:03 - 00000247 _____ () C:\WINDOWS\system32\2015-02-24-20-03-32.040-aswFe.exe-7068.log
2015-02-24 20:03 - 2015-02-24 20:03 - 00000197 _____ () C:\WINDOWS\system32\2015-02-24-20-03-14.029-AvastVBoxSVC.exe-2932.log
2015-02-24 19:51 - 2015-02-24 19:51 - 00000247 _____ () C:\WINDOWS\system32\2015-02-24-19-51-52.036-aswFe.exe-2956.log
2015-02-24 19:51 - 2015-02-24 19:51 - 00000197 _____ () C:\WINDOWS\system32\2015-02-24-19-51-47.005-AvastVBoxSVC.exe-7272.log
2015-02-23 20:10 - 2015-02-23 20:10 - 01285312 _____ () C:\ProgramData\Setup.exe
2015-02-22 00:35 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-22 00:35 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-22 00:33 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-22 00:33 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-22 00:33 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-22 00:33 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-22 00:30 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-22 00:30 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-22 00:27 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-22 00:27 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-22 00:21 - 2015-02-03 23:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-22 00:21 - 2015-02-03 23:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-22 00:21 - 2015-02-03 23:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-22 00:21 - 2015-02-02 23:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-22 00:21 - 2015-02-02 23:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-22 00:21 - 2015-02-02 23:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-22 00:21 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-22 00:21 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-02-21 12:57 - 2015-02-23 19:21 - 00000247 _____ () C:\WINDOWS\system32\2015-02-21-12-57-49.007-aswFe.exe-7988.log
2015-02-21 12:57 - 2015-02-21 12:57 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-12-57-46.045-AvastVBoxSVC.exe-6428.log
2015-02-21 11:53 - 2015-02-21 11:55 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-11-53-50.066-AvastVBoxSVC.exe-3184.log
2015-02-21 11:53 - 2015-02-21 11:53 - 00001315 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Online Backup.lnk
2015-02-21 11:41 - 2015-02-21 11:43 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-11-41-33.084-AvastVBoxSVC.exe-2976.log
2015-02-21 11:29 - 2015-02-21 11:31 - 00000197 _____ () C:\WINDOWS\system32\2015-02-21-11-29-02.035-AvastVBoxSVC.exe-4380.log
2015-02-20 11:17 - 2015-02-20 11:19 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-11-17-58.056-AvastVBoxSVC.exe-1840.log
2015-02-20 10:58 - 2015-02-20 11:02 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-10-58-35.031-AvastVBoxSVC.exe-3828.log
2015-02-20 10:32 - 2015-02-20 10:33 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-10-32-01.059-AvastVBoxSVC.exe-3748.log
2015-02-20 10:09 - 2015-02-20 10:12 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-10-09-54.065-AvastVBoxSVC.exe-3796.log
2015-02-20 00:56 - 2015-02-20 00:57 - 00000197 _____ () C:\WINDOWS\system32\2015-02-20-00-56-45.032-AvastVBoxSVC.exe-4620.log
2015-02-19 23:13 - 2015-02-19 23:15 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-23-13-29.065-AvastVBoxSVC.exe-4484.log
2015-02-19 22:30 - 2015-02-19 22:32 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-22-30-23.038-AvastVBoxSVC.exe-3532.log
2015-02-19 22:29 - 2015-02-19 22:29 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-02-19 22:29 - 2015-02-19 22:29 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-19 22:17 - 2015-02-19 22:17 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-19 22:08 - 2015-02-27 16:02 - 00000000 ___DO () C:\Users\BrendaB\OneDrive
2015-02-19 22:04 - 2015-03-03 12:48 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39BF4D1A-6E3F-46A2-8BC2-B41FBD5753FE}
2015-02-19 22:04 - 2015-02-19 22:04 - 00000000 __SHD () C:\Users\BrendaB\AppData\Local\EmieUserList
2015-02-19 22:04 - 2015-02-19 22:04 - 00000000 __SHD () C:\Users\BrendaB\AppData\Local\EmieSiteList
2015-02-19 22:04 - 2015-02-19 22:04 - 00000000 __SHD () C:\Users\BrendaB\AppData\Local\EmieBrowserModeList
2015-02-19 21:56 - 2015-02-19 21:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-02-19 21:49 - 2015-02-27 16:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-19 21:46 - 2015-02-19 21:46 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-19 21:45 - 2015-03-01 15:22 - 00000258 __RSH () C:\Users\BrendaB\ntuser.pol
2015-02-19 21:45 - 2015-02-19 21:45 - 00000020 ___SH () C:\Users\BrendaB\ntuser.ini
2015-02-19 21:42 - 2015-03-03 15:36 - 01836743 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-19 21:41 - 2015-02-19 21:41 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-19 21:30 - 2015-02-19 21:30 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-21-30-47.065-AvastVBoxSVC.exe-2964.log
2015-02-19 21:21 - 2015-02-19 21:21 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-19 21:16 - 2015-02-19 21:16 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-19 21:13 - 2015-03-01 15:22 - 00000000 ____D () C:\Users\BrendaB
2015-02-19 21:13 - 2015-02-27 00:26 - 00000000 ____D () C:\Users\Guest
2015-02-19 21:13 - 2015-02-19 21:42 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2015-02-19 21:13 - 2015-02-19 21:42 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2015-02-19 21:13 - 2015-02-19 21:15 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 21:13 - 2015-02-19 21:14 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 21:13 - 2015-02-19 21:14 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 21:13 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 21:13 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 21:13 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 21:13 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 21:13 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 21:13 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 21:05 - 2015-02-19 21:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-19 21:05 - 2015-02-19 21:06 - 00000000 ____D () C:\Program Files\Elantech
2015-02-19 21:05 - 2015-02-19 21:05 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-19 21:05 - 2015-02-19 21:05 - 00000000 ____D () C:\Program Files\Realtek
2015-02-19 21:04 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-02-19 21:04 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-02-19 21:00 - 2015-02-21 11:06 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-19 21:00 - 2015-02-19 21:00 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-19 21:00 - 2015-02-19 21:00 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-19 21:00 - 2015-02-19 21:00 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-19 20:59 - 2015-02-19 20:59 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-19 20:59 - 2015-02-19 20:59 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-19 20:59 - 2015-02-19 20:59 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-19 20:59 - 2015-02-19 20:59 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-19 20:58 - 2015-02-19 20:58 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-19 20:58 - 2015-02-19 20:58 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-19 20:58 - 2015-02-19 20:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-19 20:58 - 2015-02-19 20:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-19 20:58 - 2015-02-19 20:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-19 20:57 - 2015-02-19 20:57 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-19 20:57 - 2015-02-19 20:57 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-19 20:57 - 2015-02-19 20:57 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-19 20:57 - 2015-02-19 20:57 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-19 20:57 - 2015-02-19 20:57 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-19 20:57 - 2015-02-19 20:57 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-19 20:57 - 2015-02-19 20:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-19 20:57 - 2015-02-19 20:57 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-19 20:56 - 2015-02-19 20:56 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-19 20:56 - 2015-02-19 20:56 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-19 20:56 - 2015-02-19 20:56 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-19 20:55 - 2015-02-19 20:55 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-19 20:53 - 2015-02-19 20:53 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-19 20:52 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-19 20:52 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-19 20:52 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-19 20:52 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-19 18:55 - 2015-02-19 18:55 - 00001856 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-02-19 12:46 - 2015-02-19 12:46 - 00003976 _____ () C:\WINDOWS\System32\Tasks\SafeSearchUpdate
2015-02-19 12:46 - 2015-02-19 12:46 - 00003204 _____ () C:\WINDOWS\System32\Tasks\SafeSearchVerify
2015-02-19 12:40 - 2015-02-19 12:40 - 00000197 _____ () C:\WINDOWS\system32\2015-02-19-12-40-24.080-AvastVBoxSVC.exe-3160.log
2015-02-19 12:02 - 2015-02-19 12:02 - 01167680 _____ (Elex do Brasil Participações Ltda) C:\Users\BrendaB\Downloads\yet_another_cleaner_mat_setup_152743.exe
2015-02-19 11:55 - 2015-03-01 20:59 - 00000000 ____D () C:\Program Files (x86)\gate snapper
2015-02-19 00:04 - 2015-03-01 20:58 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\CrimeWatch
2015-02-19 00:02 - 2015-03-01 20:58 - 00000000 ____D () C:\ProgramData\CrimeWatch
2015-02-19 00:01 - 2015-03-01 16:17 - 00000000 ____D () C:\ProgramData\cODWExc
2015-02-19 00:01 - 2015-02-22 01:59 - 00000000 ____D () C:\Users\BrendaB\Documents\Add-in Express
2015-02-19 00:00 - 2015-03-01 20:58 - 00000000 ____D () C:\Program Files\SafeSearch
2015-02-18 18:59 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-02-18 18:59 - 2015-02-18 18:59 - 00001461 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-02-18 18:59 - 2015-02-18 18:59 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NSSx64
2015-02-18 18:59 - 2015-02-18 18:59 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2015-02-18 18:55 - 2015-03-01 18:55 - 00000370 _____ () C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB).job
2015-02-18 18:55 - 2015-02-18 18:55 - 00003016 _____ () C:\WINDOWS\System32\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB)
2015-02-18 18:54 - 2015-02-18 18:56 - 00000197 _____ () C:\WINDOWS\system32\2015-02-18-18-54-53.057-AvastVBoxSVC.exe-3284.log
2015-02-17 12:15 - 2015-03-03 12:45 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2015-02-17 12:15 - 2015-03-03 12:15 - 00000490 _____ () C:\WINDOWS\Tasks\DriverUpdate Scan.job
2015-02-17 12:15 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2015-02-17 12:15 - 2015-02-18 18:54 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\SlimWare Utilities Inc
2015-02-17 12:15 - 2015-02-17 12:15 - 00003346 _____ () C:\WINDOWS\System32\Tasks\DriverUpdate Scan
2015-02-17 12:15 - 2015-02-17 12:15 - 00002465 _____ () C:\Users\Public\Desktop\SlimCleaner Plus.lnk
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Downloaded Installers
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\Program Files\SlimService
2015-02-17 12:15 - 2015-02-17 12:15 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2015-02-17 12:14 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2015-02-17 12:14 - 2015-02-17 12:14 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-02-17 12:14 - 2015-02-17 12:14 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2015-02-17 12:06 - 2015-02-19 22:42 - 00000000 ____D () C:\ProgramData\Unchecky
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\ProgramData\{AF3347F0-FFB1-9676-4E37-E6F49EB5357A}
2015-02-17 12:06 - 2015-02-17 12:06 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2015-02-17 12:05 - 2015-02-17 12:05 - 00355310 _____ () C:\Users\BrendaB\Downloads\MinecraftSetup.exe
2015-02-17 10:25 - 2015-01-29 08:30 - 00011056 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-02-17 00:53 - 2015-02-19 21:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2015-02-17 00:45 - 2015-02-17 00:46 - 00000197 _____ () C:\WINDOWS\system32\2015-02-17-00-45-22.062-AvastVBoxSVC.exe-6644.log
2015-02-17 00:30 - 2015-02-17 00:30 - 00000280 _____ () C:\WINDOWS\system32\2015-02-17-00-30-48.053-aswFe.exe-12736.log
2015-02-16 23:41 - 2015-03-01 16:24 - 00000000 ____D () C:\ProgramData\{1d3dcf2a-82b1-0be8-1d3d-dcf2a82b3caa}
2015-02-16 22:53 - 2015-02-16 22:53 - 00941921 _____ ( ) C:\Users\BrendaB\Downloads\minecraft (2).exe
2015-02-16 22:02 - 2015-02-16 22:02 - 00941921 _____ ( ) C:\Users\BrendaB\Downloads\minecraft (1).exe
2015-02-16 22:01 - 2015-02-16 22:01 - 00263186 _____ () C:\Users\BrendaB\Downloads\Minecraft.exe
2015-02-15 23:55 - 2015-03-03 00:13 - 00000000 ____D () C:\Users\BrendaB\Desktop\FRST-OlderVersion
2015-02-15 23:25 - 2015-02-15 23:25 - 00000747 _____ () C:\Users\BrendaB\Desktop\JRT.txt
2015-02-15 23:08 - 2015-02-15 23:08 - 01388274 _____ (Thisisu) C:\Users\BrendaB\Desktop\JRT.exe
2015-02-15 21:33 - 2015-02-15 21:34 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-21-33-22.010-AvastVBoxSVC.exe-2880.log
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v4.html
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v3.html
2015-02-15 19:31 - 2015-02-15 19:31 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015v2.html
2015-02-15 19:30 - 2015-02-15 19:30 - 01110041 _____ () C:\Users\BrendaB\Documents\bookmarks_15_02_2015.html
2015-02-15 19:29 - 2015-03-03 15:50 - 00000000 ____D () C:\AdwCleaner
2015-02-15 17:40 - 2015-02-24 17:30 - 00003826 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1424022019
2015-02-15 17:40 - 2015-02-24 17:30 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-15 17:40 - 2015-02-19 11:54 - 00001315 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-15 17:40 - 2015-02-15 17:40 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Opera Software
2015-02-15 17:40 - 2015-02-15 17:40 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Opera Software
2015-02-15 17:39 - 2015-03-01 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-15 16:36 - 2015-02-15 16:37 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-16-36-15.078-AvastVBoxSVC.exe-3036.log
2015-02-15 11:45 - 2015-03-03 00:18 - 00043053 _____ () C:\Users\BrendaB\Desktop\Addition.txt
2015-02-15 11:44 - 2015-03-03 16:00 - 00027267 _____ () C:\Users\BrendaB\Desktop\FRST.txt
2015-02-15 11:43 - 2015-03-03 16:00 - 00000000 ____D () C:\FRST
2015-02-15 11:41 - 2015-03-03 00:13 - 02092544 _____ (Farbar) C:\Users\BrendaB\Desktop\FRST64.exe
2015-02-15 11:21 - 2015-02-15 11:23 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-11-21-48.002-AvastVBoxSVC.exe-3436.log
2015-02-15 10:53 - 2015-02-15 10:54 - 00000197 _____ () C:\WINDOWS\system32\2015-02-15-10-53-13.011-AvastVBoxSVC.exe-3656.log
2015-02-14 19:53 - 2015-02-14 19:53 - 08503296 _____ () C:\Users\BrendaB\Documents\main.db
2015-02-14 18:13 - 2015-02-14 18:14 - 00000197 _____ () C:\WINDOWS\system32\2015-02-14-18-13-21.046-AvastVBoxSVC.exe-2152.log
2015-02-14 17:10 - 2015-02-14 17:12 - 00000197 _____ () C:\WINDOWS\system32\2015-02-14-17-10-32.097-AvastVBoxSVC.exe-2292.log
2015-02-13 14:14 - 2015-02-15 10:44 - 00000000 ____D () C:\410ded665ceef920ed1a
2015-02-10 20:43 - 2015-02-10 20:43 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Unity
2015-02-05 23:32 - 2015-02-05 23:34 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-23-32-35.061-AvastVBoxSVC.exe-3012.log
2015-02-05 21:27 - 2015-02-05 21:27 - 00000000 ____D () C:\WINDOWS\pss
2015-02-05 20:39 - 2015-02-05 20:39 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-20-39-00.031-AvastVBoxSVC.exe-2868.log
2015-02-05 18:47 - 2015-02-05 18:47 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-18-47-35.054-AvastVBoxSVC.exe-3532.log
2015-02-05 18:03 - 2015-02-05 18:06 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-18-03-20.051-AvastVBoxSVC.exe-3004.log
2015-02-05 17:28 - 2015-02-05 17:29 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-17-28-55.008-AvastVBoxSVC.exe-2876.log
2015-02-04 10:45 - 2015-02-04 10:45 - 00003278 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-1465268432-4247279613-3226374191-1001
2015-02-04 10:41 - 2015-02-04 10:41 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-10-41-07.048-AvastVBoxSVC.exe-3320.log
2015-02-03 19:13 - 2015-03-01 15:42 - 00002396 _____ () C:\Users\BrendaB\Desktop\chrome.lnk
2015-02-03 19:09 - 2015-02-03 19:09 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-19-09-10.042-AvastVBoxSVC.exe-3020.log
2015-02-03 13:01 - 2015-02-03 13:01 - 00000247 _____ () C:\WINDOWS\system32\2015-02-03-13-01-55.009-aswFe.exe-1924.log
2015-02-03 12:53 - 2015-02-03 13:01 - 00000247 _____ () C:\WINDOWS\system32\2015-02-03-12-53-40.021-aswFe.exe-3568.log
2015-02-03 12:53 - 2015-02-03 12:53 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-12-53-34.055-AvastVBoxSVC.exe-5716.log
2015-02-03 12:33 - 2015-02-19 22:25 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-03 12:26 - 2015-03-03 12:52 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-03 12:25 - 2015-02-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2015-02-15 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-03 12:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-03 12:25 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-03 10:59 - 2015-02-03 10:59 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-03 10:59 - 2015-01-31 09:39 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-02-03 10:52 - 2015-02-03 10:52 - 05006864 _____ (AVAST Software) C:\Users\BrendaB\Downloads\avast_free_antivirus_setup_online.exe
2015-02-03 10:49 - 2015-03-01 16:11 - 00000000 ____D () C:\Program Files (x86)\dab2ae2d-a46a-4825-8298-8c6b2d194993
2015-02-02 19:06 - 2015-02-02 19:07 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-19-06-25.033-AvastVBoxSVC.exe-2880.log
2015-02-02 17:36 - 2015-02-02 17:36 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-17-36-29.014-AvastVBoxSVC.exe-2856.log
2015-02-02 17:20 - 2015-02-02 17:22 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-17-20-06.010-AvastVBoxSVC.exe-2880.log
2015-02-02 17:04 - 2015-02-02 17:05 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-17-04-52.044-AvastVBoxSVC.exe-2848.log
2015-02-02 16:27 - 2015-02-02 16:27 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-16-27-26.024-AvastVBoxSVC.exe-3428.log
2015-02-02 03:15 - 2015-02-02 03:15 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-03-15-16.061-AvastVBoxSVC.exe-3024.log
2015-02-02 02:22 - 2015-02-02 02:22 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-02-22-24.036-AvastVBoxSVC.exe-2932.log
2015-02-02 02:16 - 2015-02-02 02:16 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-02-16-18.080-AvastVBoxSVC.exe-2784.log
2015-02-02 01:34 - 2015-02-02 01:34 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair (1).exe
2015-02-02 01:32 - 2015-02-02 01:32 - 00775968 _____ (Reimage®) C:\Users\BrendaB\Downloads\ReimageRepair.exe
2015-02-01 13:50 - 2015-02-01 13:52 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-13-50-21.054-AvastVBoxSVC.exe-3896.log
2015-02-01 13:29 - 2015-02-01 13:29 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-13-29-58.048-AvastVBoxSVC.exe-4428.log
2015-02-01 13:11 - 2015-02-01 13:11 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-13-11-16.066-AvastVBoxSVC.exe-2920.log
2015-02-01 12:19 - 2015-02-01 12:19 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-12-19-21.016-AvastVBoxSVC.exe-2868.log
2015-02-01 11:37 - 2015-02-01 11:37 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-11-37-01.035-AvastVBoxSVC.exe-5080.log
2015-02-01 11:09 - 2015-02-01 11:09 - 00000197 _____ () C:\WINDOWS\system32\2015-02-01-11-09-53.078-AvastVBoxSVC.exe-2848.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-03 16:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-03 15:58 - 2014-02-26 01:07 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1465268432-4247279613-3226374191-1001
2015-03-03 15:57 - 2014-02-26 01:31 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Skype
2015-03-03 15:57 - 2014-02-26 01:07 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-03 15:51 - 2013-08-22 14:46 - 00328883 _____ () C:\WINDOWS\setupact.log
2015-03-03 15:51 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-03 15:29 - 2014-03-02 18:37 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA.job
2015-03-03 15:29 - 2014-02-26 01:07 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-03 13:40 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-03 13:38 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-03 12:29 - 2014-03-02 18:37 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core.job
2015-03-01 19:01 - 2014-03-01 17:04 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-01 16:10 - 2014-12-29 11:18 - 00000000 ____D () C:\Program Files (x86)\Brackets
2015-03-01 15:42 - 2014-02-26 01:19 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-01 15:38 - 2012-07-26 05:26 - 00000226 _____ () C:\WINDOWS\win.ini
2015-03-01 15:21 - 2014-11-21 16:51 - 00009068 _____ () C:\WINDOWS\PFRO.log
2015-02-27 16:11 - 2014-03-01 16:58 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-27 00:30 - 2014-11-22 01:01 - 00005384 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-27 00:26 - 2015-01-31 00:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\Packages
2015-02-27 00:19 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-27 00:15 - 2014-11-22 05:25 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-27 00:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-24 19:39 - 2014-03-01 18:30 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-23 18:33 - 2014-02-28 13:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-23 17:21 - 2014-02-28 13:11 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-23 17:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-22 01:37 - 2014-02-26 01:00 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Packages
2015-02-19 22:08 - 2014-03-01 18:56 - 00000000 ___RD () C:\Users\BrendaB\OneDrive.old
2015-02-19 21:56 - 2013-08-22 14:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2015-02-19 21:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-19 21:42 - 2015-01-31 17:02 - 00009700 _____ () C:\WINDOWS\comsetup.log
2015-02-19 21:42 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-19 21:37 - 2013-08-22 15:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-19 21:36 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-19 21:25 - 2013-08-22 14:44 - 00481880 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-19 21:23 - 2015-01-31 09:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-02-19 21:23 - 2015-01-31 09:44 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-02-19 21:23 - 2015-01-31 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-19 21:23 - 2014-12-29 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-19 21:23 - 2014-12-29 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2015-02-19 21:23 - 2014-04-12 14:09 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-19 21:23 - 2014-04-05 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-19 21:23 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-02-19 21:23 - 2014-03-04 14:26 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-02-19 21:23 - 2014-03-01 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-19 21:23 - 2014-02-26 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-19 21:23 - 2014-02-26 02:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-19 21:23 - 2014-02-26 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-19 21:23 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-19 21:23 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-19 21:23 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-19 21:23 - 2012-08-27 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-19 21:23 - 2012-08-27 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-02-19 21:23 - 2012-08-03 02:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-19 21:23 - 2012-08-03 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-19 21:23 - 2012-08-03 02:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-19 21:23 - 2012-08-03 02:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-19 21:21 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-19 21:21 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-19 21:21 - 2013-08-22 15:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2015-02-19 21:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-02-19 21:21 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-19 21:21 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-19 21:20 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-19 21:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-02-19 21:20 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-19 21:19 - 2013-08-22 15:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-19 21:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Resources
2015-02-19 21:19 - 2012-08-03 02:24 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-19 21:18 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-19 21:18 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-19 21:18 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-19 21:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-19 21:16 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-02-19 21:02 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2015-02-19 21:00 - 2015-01-31 18:35 - 00000000 __SHD () C:\Recovery
2015-02-19 21:00 - 2013-08-22 15:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-19 20:59 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-19 20:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-19 20:43 - 2014-02-26 01:00 - 02096067 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-19 20:43 - 2012-07-26 08:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-19 12:42 - 2014-03-06 14:29 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\CrashDumps
2015-02-19 11:54 - 2014-04-12 21:53 - 00001351 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-19 11:53 - 2014-04-12 21:53 - 00001363 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-19 11:53 - 2014-02-26 01:01 - 00001646 _____ () C:\Users\BrendaB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-18 18:59 - 2012-08-27 19:08 - 00000000 ____D () C:\ProgramData\Norton
2015-02-17 00:38 - 2014-04-10 12:07 - 00000000 ____D () C:\Users\BrendaB\AppData\Local\Unity
2015-02-15 21:49 - 2014-03-01 17:12 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-15 11:15 - 2014-04-12 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-15 11:12 - 2014-03-11 22:00 - 00000000 ____D () C:\ProgramData\Real
2015-02-10 12:24 - 2014-03-02 18:37 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA
2015-02-10 12:24 - 2014-03-02 18:37 - 00003500 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core
2015-02-10 12:24 - 2014-02-26 01:07 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 12:24 - 2014-02-26 01:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 19:31 - 2014-11-22 05:29 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2014-11-22 05:29 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 18:28 - 2014-12-29 11:09 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2015-02-03 12:26 - 2014-03-01 17:12 - 00000000 ____D () C:\Users\BrendaB\AppData\Roaming\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-03 12:25 - 2014-03-01 17:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-02-03 10:59 - 2014-02-26 01:19 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-02-02 17:47 - 2014-02-26 02:07 - 00000000 ____D () C:\Users\BrendaB\Documents\Bluetooth Folder
2015-02-02 16:20 - 2012-08-27 18:42 - 00000000 ____D () C:\Program Files\Intel
 
==================== Files in the root of some directories =======
 
2014-12-29 11:31 - 2014-12-29 20:14 - 0000127 _____ () C:\Users\BrendaB\AppData\Roaming\Camdata.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamLayout.ini
2014-12-29 11:31 - 2014-12-29 20:14 - 0000408 _____ () C:\Users\BrendaB\AppData\Roaming\CamShapes.ini
2014-12-29 11:30 - 2014-12-29 11:30 - 0004535 _____ () C:\Users\BrendaB\AppData\Roaming\CamStudio.cfg
2014-12-29 11:10 - 2014-12-29 12:10 - 0000096 _____ () C:\Users\BrendaB\AppData\Roaming\version2.xml
2014-12-29 11:52 - 2014-12-29 12:04 - 0005632 _____ () C:\Users\BrendaB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-27 18:40 - 2012-08-27 18:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-29 11:10 - 2014-12-29 11:10 - 0001150 _____ () C:\ProgramData\FavIcon.ico
2015-02-23 20:10 - 2015-02-23 20:10 - 1285312 _____ () C:\ProgramData\Setup.exe
 
Files to move or delete:
====================
C:\ProgramData\Setup.exe
 
 
Some content of TEMP:
====================
C:\Users\BrendaB\AppData\Local\Temp\Quarantine.exe
C:\Users\BrendaB\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-01 18:07
 
==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2015
Ran by BrendaB at 2015-03-03 16:01:20
Running from C:\Users\BrendaB\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}) (Version: 1.00.3012 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Cleaner Pro (HKLM-x32\...\{25FBF79F-83C6-4243-B149-C6050AB71B72}) (Version: 2.6.2 - Cleaner Pro)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrimeWatch (HKLM-x32\...\CrimeWatch) (Version: 3.0.40 - Mathematical Applications)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
DriverUpdate (HKLM-x32\...\{B2B04F8B-6444-4364-89C8-F3088D4E8D02}) (Version: 2.2.43335 - SlimWare Utilities, Inc.)
Dropbox (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 7.1.0.17 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Minecraft Packages (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\Minecraft Packages) (Version:  - ) <==== ATTENTION
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimCleaner Plus (HKLM\...\{BA219F82-20BF-49AD-A279-E2D69D3B9D3F}) (Version: 1.0.26102 - SlimWare Utilities, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Unchecky v0.3.6 (HKLM-x32\...\Unchecky) (Version: 0.3.6 - RaMMicHaeL)
Unity Web Player (HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.7 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{0549D8D9-F270-4AC9-9BD4-5A6FD01AAEED}\InprocServer32 -> C:\Program Files (x86)\TNT2\Profiles\10811\passport64.dll No File
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BrendaB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1465268432-4247279613-3226374191-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\BrendaB\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
23-02-2015 17:15:05 Windows Update
01-03-2015 18:08:41 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 05:26 - 2015-03-03 15:52 - 00001993 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
 
There are 4 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {005A65DC-E055-4F72-97F0-6447FC121CEB} - System32\Tasks\{333DFD3E-4338-427F-B7E6-7953646F94A4} => pcalua.exe -a "C:\Users\BrendaB\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z\Minecraft Packages\uninstaller.exe" -c /Uninstall /NM="Minecraft Packages" /AN="1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z" /MBN="Minecraft Packages"
Task: {10B87867-0074-4F97-810F-49ABB65F024B} - \111702df-71a6-401a-950f-be860a6ab76d-5_user No Task File <==== ATTENTION
Task: {15E071EC-58C6-4A6B-9528-52CCBB1EE11C} - System32\Tasks\Opera scheduled Autoupdate 1424022019 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software)
Task: {22B4C7E8-72C9-4E09-BD9E-44BB671A410D} - System32\Tasks\SafeSearchUpdate => C:\Program Files\SafeSearch\1_7\se.exe
Task: {2908927B-FA1F-4534-95BF-74F63F2CF895} - System32\Tasks\DriverUpdate Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2014-12-11] (SlimWare Utilities, Inc.)
Task: {2A1753E7-E104-4BA2-9F0F-ED2357E88460} - \111702df-71a6-401a-950f-be860a6ab76d-5 No Task File <==== ATTENTION
Task: {2B5AA756-B52F-45BB-86C6-3772357B90C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {30CEEB46-ADA8-4F25-B110-FBD88206A6F9} - \111702df-71a6-401a-950f-be860a6ab76d-1-7 No Task File <==== ATTENTION
Task: {357A410B-DD04-4405-8F1C-F45D33AF27AE} - \111702df-71a6-401a-950f-be860a6ab76d-6 No Task File <==== ATTENTION
Task: {3B00A1D6-9FBE-4ABB-B7C3-67B974B75E0E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {41D7949E-B659-4F93-833A-5E01E5F838B9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {42CE8862-B65F-4F84-9DA2-2A541A888354} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {442AA615-92D8-46C4-A0DA-5ABBA0239B98} - \Taplika No Task File <==== ATTENTION
Task: {55997012-9B97-44F4-BDFD-0AD9CBFB97BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {58D5E164-790F-4B0A-AFD3-93B76393AF7D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-31] (AVAST Software)
Task: {63BEF037-FED5-4446-B17C-8936242354E7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {77D50B6F-D6BB-47B7-AFAA-9C53184C514F} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {891CE9D9-4829-4971-8265-604AA2720FBA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1465268432-4247279613-3226374191-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {8945E50E-53DE-4A56-AA52-A202FEE4442C} - \111702df-71a6-401a-950f-be860a6ab76d-11 No Task File <==== ATTENTION
Task: {8C042187-F5FA-4382-BB35-BDD45CF01BC8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-23] (Microsoft Corporation)
Task: {94EA158F-FA27-41BB-AF2C-9CBF20927675} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {99207698-4A79-4399-9DA5-07E5BB635AC5} - \111702df-71a6-401a-950f-be860a6ab76d-4 No Task File <==== ATTENTION
Task: {9ED32C6B-1544-4B98-9098-99B228E2955E} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-07-12] ()
Task: {A052D890-18FD-4AE5-8D8A-CAAD77F46C20} - \111702df-71a6-401a-950f-be860a6ab76d-7 No Task File <==== ATTENTION
Task: {A1D04B2E-E0EF-4A03-80A9-70A3325C651A} - \111702df-71a6-401a-950f-be860a6ab76d-10_user No Task File <==== ATTENTION
Task: {A2F18105-6B72-4E83-A71B-2210CD98026E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {A535F8BE-2BC3-4103-8FA4-10778DDDB29B} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [2014-12-23] (SlimWare Utilities, Inc.)
Task: {A59EC215-70A5-44FD-820E-F99ECC7D97A1} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-07-12] ()
Task: {A9D1759E-8146-4D85-BA4D-FFE47776014F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {AB8AB1BF-0DE8-4024-9887-8E6229F489D3} - System32\Tasks\SafeSearchVerify => C:\Program Files\SafeSearch\1_7\se.exe
Task: {C26AFDC6-3194-49C8-B59B-AF36B2088100} - System32\Tasks\avastBCLRestartS-1-5-21-1465268432-4247279613-3226374191-1001 => Chrome.exe 
Task: {C74B3221-63F3-4874-9C97-243A36A8EF90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {CECDDD4C-8065-4E4D-9916-9054EC4ED2DA} - \111702df-71a6-401a-950f-be860a6ab76d-1-6 No Task File <==== ATTENTION
Task: {F1C3869E-155D-4BC8-A5C2-168980F9F817} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-14] (Microsoft Corporation)
Task: {F3802FB0-A723-42DB-A912-6C075DA019FB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1465268432-4247279613-3226374191-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {FD5869C3-622D-447F-966D-D1203F1AB49C} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\WINDOWS\Tasks\DriverUpdate Scan.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001Core.job => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1465268432-4247279613-3226374191-1001UA.job => C:\Users\BrendaB\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - BrendaB).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-03-01 18:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-24 19:37 - 2014-12-23 19:53 - 08898728 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-06-22 01:12 - 2012-06-22 01:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 14:47 - 2013-01-28 14:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-23 08:11 - 2014-12-23 08:11 - 00756032 _____ () C:\Program Files\SlimService\MyDefragDll.dll
2012-07-12 23:01 - 2012-07-12 23:01 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-07-12 23:01 - 2012-07-12 23:01 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-02-24 17:30 - 2015-02-24 17:28 - 00552056 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\opera_crashreporter.exe
2015-03-03 12:49 - 2015-03-03 12:49 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15030300\algo.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-17 12:06 - 2015-02-17 12:06 - 00058880 _____ () C:\Program Files (x86)\Unchecky\bin\collector.dll
2012-08-27 18:42 - 2012-06-25 17:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-07-30 23:04 - 2012-07-30 23:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2015-01-31 09:39 - 2015-01-31 09:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-24 17:29 - 2015-02-24 17:28 - 00157816 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\message_center_win8.dll
2015-02-24 17:29 - 2015-02-24 17:28 - 01408632 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\libglesv2.dll
2015-02-24 17:29 - 2015-02-24 17:28 - 00219256 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\libegl.dll
2015-02-24 17:30 - 2015-02-24 17:28 - 09510520 _____ () C:\Program Files (x86)\Opera\27.0.1689.76\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\BrendaB\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1465268432-4247279613-3226374191-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1465268432-4247279613-3226374191-500 - Administrator - Disabled)
Adult Admin Acc (S-1-5-21-1465268432-4247279613-3226374191-1002 - Administrator - Enabled) => C:\Users\Adult Admin Acc
BrendaB (S-1-5-21-1465268432-4247279613-3226374191-1001 - Administrator - Enabled) => C:\Users\BrendaB
Guest (S-1-5-21-1465268432-4247279613-3226374191-501 - Limited - Enabled) => C:\Users\Guest
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/03/2015 02:55:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: aswFe.exe, version: 10.0.0.69, time stamp: 0x545b6853
Faulting module name: ntdll.dll, version: 6.3.9600.17630, time stamp: 0x54b0e17a
Exception code: 0xc0000374
Fault offset: 0x00000000000f1240
Faulting process ID: 0x1514
Faulting application start time: 0xaswFe.exe0
Faulting application path: aswFe.exe1
Faulting module path: aswFe.exe2
Report ID: aswFe.exe3
Faulting package full name: aswFe.exe4
Faulting package-relative application ID: aswFe.exe5
 
Error: (03/03/2015 00:34:11 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (03/01/2015 06:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (03/01/2015 06:46:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
 
Error: (03/01/2015 06:38:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
 
Error: (03/01/2015 06:35:15 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (03/01/2015 05:47:39 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000463C994B40).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 03:42:48 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000001150EA8400).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 02:43:08 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000078B80C67F0).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (02/27/2015 00:59:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
 
System errors:
=============
Error: (03/03/2015 03:56:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application User Notification Service service did not respond on starting.
 
Error: (03/03/2015 03:50:38 PM) (Source: DCOM) (EventID: 10010) (User: Brenda)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dritek RF Button Command Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 3000 milliseconds: Restart the service.
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SlimWare Utility Service Launcher service terminated unexpectedly. It has done this 1 time(s).
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Unchecky service terminated unexpectedly. It has done this 1 time(s).
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ePower Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (03/03/2015 03:50:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly. It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (03/03/2015 02:55:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: aswFe.exe10.0.0.69545b6853ntdll.dll6.3.9600.1763054b0e17ac000037400000000000f1240151401d055b7a3e31fbfC:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exeC:\WINDOWS\SYSTEM32\ntdll.dll5b33f2a9-c1b5-11e4-beff-083e8e139ed2
 
Error: (03/03/2015 00:34:11 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (03/01/2015 06:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\ProgramData\Browser\prompt.exeC:\ProgramData\Browser\prompt.exe.Config0
 
Error: (03/01/2015 06:46:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\Users\BrendaB\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe
 
Error: (03/01/2015 06:38:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestc:\Users\BrendaB\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe
 
Error: (03/01/2015 06:35:15 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\safesearch\1_7\ie\adxloader.dll.Manifestc:\program files\safesearch\1_7\ie\adxloader.dll.Manifest2
 
Error: (03/01/2015 05:47:39 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000463C994B40)
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 03:42:48 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000001150EA8400)
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (03/01/2015 02:43:08 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000078B80C67F0)
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (02/27/2015 00:59:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-17 10:18:11.038
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:18:10.788
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:18:10.570
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:18:10.367
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:48.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:48.087
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:47.978
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:17:47.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:02:06.156
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-17 10:02:05.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\SHCore.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 27%
Total physical RAM: 5959.27 MB
Available physical RAM: 4311.74 MB
Total Pagefile: 10823.27 MB
Available Pagefile: 8987.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:441.75 GB) (Free:378.96 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A0DE79BE)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

Edited by Zaria, 03 March 2015 - 11:08 AM.


#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:53 AM

Posted 03 March 2015 - 02:06 PM

Please repeat the scan with Malwarebytes and post the log.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 Zaria

Zaria
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 05 March 2015 - 02:27 PM

One of the logs looked just like this:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
And the rest of the page was blank. Whenever I tried to copy to clipboard it wouldn't work I had to export it each time. Here are 2 other logs. 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 03/03/2015
Scan Time: 22:03:51
Logfile: malbyteslog.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.03.03.03
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: BrendaB
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 425581
Time Elapsed: 45 min, 47 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 04/03/2015
Scan Time: 22:46:11
Logfile: mal log.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.03.04.07
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: BrendaB
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 427027
Time Elapsed: 39 min, 56 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 8
PUP.Optional.GateSnapper.A, C:\Program Files (x86)\gate snapper, Quarantined, [bbee6db521691f171712e4b3e22132ce], 
PUP.Optional.GateSnapper.A, C:\Program Files (x86)\gate snapper\bin, Quarantined, [bbee6db521691f171712e4b3e22132ce], 
PUP.Optional.GateSnapper.A, C:\Program Files (x86)\gate snapper\bin\plugins, Quarantined, [bbee6db521691f171712e4b3e22132ce], 
PUP.Optional.GateSnapper.A, C:\Program Files (x86)\gate snapper\bin\TEMP, Quarantined, [bbee6db521691f171712e4b3e22132ce], 
PUP.Optional.SafeSearch.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofpbgmibkabhhihnomcmmijlkhaeilm, Quarantined, [3c6df82a49412313acc8cfca7a892bd5], 
PUP.Optional.SafeSearch.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofpbgmibkabhhihnomcmmijlkhaeilm\2.8_0, Quarantined, [3c6df82a49412313acc8cfca7a892bd5], 
PUP.Optional.SafeSearch.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofpbgmibkabhhihnomcmmijlkhaeilm\2.8_0\icons, Quarantined, [3c6df82a49412313acc8cfca7a892bd5], 
PUP.Optional.SafeSearch.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofpbgmibkabhhihnomcmmijlkhaeilm\2.8_0\_metadata, Quarantined, [3c6df82a49412313acc8cfca7a892bd5], 
 
Files: 3
PUP.Optional.Omniboxes.A, C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.omniboxes.com/?type=hp&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261");), Replaced,[e9c0c35f800a58dedef24fc5e026e818]
PUP.Optional.Omniboxes.A, C:\Users\BrendaB\AppData\Roaming\Mozilla\Firefox\Profiles\m80i6pxe.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://www.omniboxes.com/newtab/?type=nt&ts=1424346834&from=tti&uid=ST500LM012XHN-M500MBB_S2TYJ9CC605261");), Replaced,[5356031fe8a2b77f1eb3898bcc3a48b8]
PUP.Optional.SafeSearch.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "new_tab_url": "http://www.safesearch.net/?p=t",), Replaced,[3079fd258a00e4522b1266af07ff49b7]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:53 AM

Posted 05 March 2015 - 04:05 PM

Let's do a final check up:

Step 1


Don't remove on your own anything that Hitman Pro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.
hitman.gif


Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.
lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users