Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I still infected? Please HELP! 520 infections found.


  • This topic is locked This topic is locked
18 replies to this topic

#1 Lady5412

Lady5412

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 20 February 2015 - 03:01 PM

Greetings!!!
 
This morning I scanned my computer just for routine (I hadn't run a scan for some time already). And, the antivirus I use (AVAST!) found 520 infections (check the screenshot #1).

Attached File  Capture #1.JPG   101.9KB   0 downloads

 

It was a surprise for me since my computer was not slow and I don't understand how it happened because I do not download anything, but my little sisters use my computer as well so I guess that one of them had to do with it. Anyway, after removing the 520 infections I decided to check my computer and found this strange named folders. I want to know if I should worry about them? (check the screenshots #2, 3).

Attached File  Capture #2.JPG   125.95KB   0 downloads
Attached File  Capture #3.JPG   113.92KB   0 downloads

 

I also found an application called "OpenCandy" and according to google is malware so I'd like to know how to remove it.
 
Many thanks in advance for the help you can give me.

 

 



BC AdBot (Login to Remove)

 


m

#2 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 20 February 2015 - 03:02 PM

ALSO, here's the log from FRST

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Lady5412 at 2015-02-20 15:33:14
Running from C:\Users\Lady5412\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AMD Catalyst Install Manager (HKLM\...\{5AF0B1A8-1EF7-0FF7-5504-4983FB76F914}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Angry Birds Breakfast 2 (HKLM-x32\...\{862AEADD-3D02-4FAC-8C7C-07BD66A4B6D2}) (Version: 1.0.16 - Rovio Entertainment Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Best Buy Connect (HKLM-x32\...\{B435FD87-CA14-45E3-9D0B-A30F1F9F3866}) (Version: 3.00.68 - Best Buy)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Blio (HKLM-x32\...\{6DA891AB-4D45-4BA6-B656-F02391204661}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CodeBlocks (HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.1.9.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.10.1.3 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.130 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.0.55844 - Dell)
Dell System Detect (HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\9204f5692a8faf3b) (Version: 5.8.0.16 - Dell)
Dell System Detect Bootstrapper (HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\8e3135b376bd523e) (Version: 5.1.0.41 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.19 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileLab Plugin 1.1.33 (HKLM-x32\...\{6AC5F630-9453-433D-90FF-BB3A8E4F8960}) (Version: 1.1.33 - FileLab)
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel® Chipset Device Software (x32 Version: 10.0.24 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5C1DA3D9-F590-4317-A4FB-274F658E504B}) (Version: 6.05.0000 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LINE (HKLM-x32\...\LINE) (Version: 3.9.0.172 - LINE Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Nikon File Uploader 2 (HKLM-x32\...\{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}) (Version: 2.00.0001 - Nikon)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.0 - Nikon)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Spotify (HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.0.1 - Nikon)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Lady5412\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lady5412\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-565440801-3961977085-1236778343-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
16-11-2014 22:55:28 Installed Microsoft Camera Codec Pack
18-11-2014 19:24:17 Windows Update
19-11-2014 00:26:50 Windows Update
22-11-2014 14:55:22 Windows Update
22-11-2014 16:46:22 avast! antivirus system restore point
22-11-2014 16:55:22 Device Driver Package Install: Avast Network Service
25-11-2014 20:24:08 Windows Update
10-12-2014 19:20:24 Windows Update
11-12-2014 20:32:20 Windows Update
12-12-2014 02:11:30 Windows Update
12-12-2014 20:05:17 avast! antivirus system restore point
16-12-2014 20:34:20 Windows Update
18-12-2014 02:50:56 Windows Update
23-12-2014 06:15:56 Windows Update
26-12-2014 13:05:16 Windows Update
30-12-2014 15:40:31 Windows Update
04-01-2015 18:39:07 Windows Update
09-01-2015 13:23:17 Windows Update
13-01-2015 19:56:04 Windows Update
14-01-2015 01:26:53 Windows Update
18-01-2015 01:00:15 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
18-01-2015 01:05:10 Device Driver Package Install: Agnitum Network Service
18-01-2015 01:06:21 Device Driver Package Install: Agnitum Network adapters
27-01-2015 01:05:47 Scheduled Checkpoint
30-01-2015 03:20:45 Windows Update
03-02-2015 19:51:07 Windows Update
03-02-2015 21:17:44 Intel® Driver Update Utility
03-02-2015 21:44:21 Intel® PROSet/Wireless Software
10-02-2015 23:00:24 Windows Update
11-02-2015 03:07:17 Windows Update
12-02-2015 03:00:18 Windows Update
12-02-2015 14:46:17 Removed Java 8 Update 25
12-02-2015 14:48:03 Removed Java 8 Update 25 (64-bit)
17-02-2015 22:53:47 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09AD5A41-9C1A-44FF-B667-0B0F42902CE2} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-02-06] (Microsoft)
Task: {1E3ECC18-6036-4B60-912E-0078BF51F6A7} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {20B78681-B52C-47D7-8FBA-CD30C28C2452} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000Core => C:\Users\Lady5412\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {3467D531-8EC6-49C4-B1F5-40002FAF50ED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000Core => C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
Task: {3B1E0E9E-AD5E-4B9D-8E15-D61C27824CE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {538F8021-E497-4D9F-BD7C-89300AD27BB5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {58A72E03-6E62-45A6-AFDF-D3BBEEAB4B96} - System32\Tasks\{B259A5C6-0CEA-46FC-8F66-A0B094136ADC} => pcalua.exe -a "C:\Users\Lady5412\Downloads\Video_ATI_W7_A10_Setup-G22HG_ZPE.exe" -d "C:\Users\Lady5412\Downloads"
Task: {658B6103-BF8A-4A69-A035-0AA5E7D923AA} - System32\Tasks\{F7707769-8D0F-4BA9-9A66-74952692BC11} => pcalua.exe -a "C:\Users\Lady5412\Desktop\Video_AMD_W7W8_A01_Setup-HC6HJ_ZPE.exe" -d "C:\Users\Lady5412\Desktop"
Task: {65F0A973-43C5-45C7-8C79-BD734263A168} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {803870B9-F841-4DAF-B595-D72DAB7BFBF9} - System32\Tasks\Programa de actualización online de Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8DC68ECD-864F-4A66-AEE4-750CAE250D29} - System32\Tasks\{F0A00A55-9254-40E4-912D-B58E768BF879} => pcalua.exe -a "C:\Users\Lady5412\Downloads\AdobeAIRInstaller.exe" -d "C:\Users\Lady5412\Downloads"
Task: {99BF3BE2-96D0-4005-BB55-0EE1FA8855E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {9B2DE5C3-B560-4494-A807-C5B9C53EA6D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {9C49A1EA-93B4-4B9A-8B90-31E4D6A8C02A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000UA => C:\Users\Lady5412\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {9FE91839-DAEB-4967-BB1B-93862A2659DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A3ECA2FC-9C0C-4C32-A793-0C451A78934C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {AFF46C93-FB5F-4822-9A8B-7C385E65112A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B1287871-BAA9-4C67-BEB0-5D06C9485E93} - System32\Tasks\Google Updater and Installer => C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
Task: {BF4BDE6C-E335-4E9D-859D-687BB79C1655} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {C0A56C78-0555-4426-A6EE-FF01F56590BF} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {D0F5CBF0-2E45-498D-A95D-3007B5542F6A} - System32\Tasks\{A280C071-AA18-4EED-9EBB-F95F9E324613} => C:\Program Files (x86)\BatteryMonitor\BatteryMonitor.exe [2005-09-29] (Robert)
Task: {D2452FF7-CCC7-4A54-90CD-A9A1F903C06E} - System32\Tasks\{DD9DB9F8-449D-44F2-95A7-B2CF1F4FB2C2} => pcalua.exe -a "C:\Users\Lady5412\Downloads\BT_Intel_W74_A02_Setup-50PWW_ZPE.exe" -d "C:\Users\Lady5412\Downloads"
Task: {D2D8E251-9395-432A-865A-0B1EBF00597D} - System32\Tasks\{107BB02A-0A37-4F7B-AB92-B5091D1ECE56} => pcalua.exe -a "C:\Program Files (x86)\Creative Live! Cam\AudioFX\CtAfxApp.exe" -d "C:\Program Files (x86)\Creative Live! Cam\AudioFX"
Task: {D71C5B04-DE6A-4573-8A3F-AC68CD322654} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000UA => C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
Task: {D778E68C-FD03-4FF7-8B7B-EB9C2F9AF39A} - System32\Tasks\{4CD1B1D8-B972-4817-B6A8-25F980D24D42} => C:\Program Files (x86)\BatteryMonitor\BatteryMonitor.exe [2005-09-29] (Robert)
Task: {DF99CD96-E8A6-41A9-BD0E-B42BE6051E23} - System32\Tasks\{04ED71A5-168F-48B7-A6C3-148DA5279F84} => pcalua.exe -a "C:\Users\Lady5412\Downloads\Setup4.0.18.0.exe" -d "C:\Users\Lady5412\Downloads"
Task: {E2CA2B28-0BBE-4066-BD2E-5FAC5C7376BA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EEDF98D4-AD6D-4FF8-AC83-C69F53910E5F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {F711FD0E-3A10-4BB3-84CB-622A7A3CFE9E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-22] (AVAST Software)
Task: {FFA1E47E-3658-41E0-9B73-7E2C19DCB49E} - System32\Tasks\{FAA0D01A-8FC5-40C5-95BC-6D77A70A262F} => pcalua.exe -a "C:\Users\Lady5412\Downloads\AdobeAIRInstaller.exe" -d "C:\Users\Lady5412\Downloads"
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000Core.job => C:\Users\Lady5412\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000UA.job => C:\Users\Lady5412\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000Core.job => C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000UA.job => C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-03 09:32 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-01 11:50 - 2012-02-01 11:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-02-03 08:34 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2015-01-20 22:06 - 2015-01-20 22:06 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2014-11-22 16:53 - 2014-11-22 16:53 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-22 16:53 - 2014-11-22 16:53 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-20 11:04 - 2015-02-20 11:04 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15022000\algo.dll
2014-11-22 16:53 - 2014-11-22 16:53 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-09-24 22:15 - 2014-09-24 22:15 - 00081056 _____ () C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2015-02-10 17:00 - 2015-02-10 17:00 - 00750080 _____ () C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-20 14:17 - 2015-02-20 14:17 - 00043008 _____ () c:\Users\Lady5412\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfmt5kh.dll
2015-02-10 17:00 - 2015-02-10 17:00 - 00047616 _____ () C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 17:00 - 2015-02-10 17:00 - 00865280 _____ () C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 17:00 - 2015-02-10 17:00 - 00200704 _____ () C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-02-20 01:58 - 2015-02-17 18:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 01:58 - 2015-02-17 18:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-11-22 16:53 - 2014-11-22 16:53 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-20 01:58 - 2015-02-17 18:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2014-10-16 10:23 - 2014-10-16 10:23 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-02-03 08:02 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-02-04 19:57 - 2015-02-04 19:57 - 16852144 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\Users\Lady5412\Downloads\MPC-HC.1.7.7.x64.exe:com.dropbox.attributes
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lady5412\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BatteryMonitor => C:\PROGRA~2\BATTER~1\BATTER~1.EXE
MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Lady5412\AppData\Local\Apps\2.0\P205QRC4.MV0\76LYX63K.YCN\dell..tion_0f612f649c4a10af_0005.0008_b3168e842b9276ec\DellSystemDetect.exe
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Lady5412\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Rim.DesktopHelper.exe => "C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: SkyDrive => "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lady5412\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-565440801-3961977085-1236778343-500 - Administrator - Disabled)
Guest (S-1-5-21-565440801-3961977085-1236778343-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-565440801-3961977085-1236778343-1002 - Limited - Enabled)
Lady5412 (S-1-5-21-565440801-3961977085-1236778343-1000 - Administrator - Enabled) => C:\Users\Lady5412
 
==================== Faulty Device Manager Devices =============
 
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/20/2015 03:28:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/20/2015 02:17:10 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (02/20/2015 01:23:36 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (02/20/2015 11:02:56 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (02/19/2015 10:49:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/19/2015 10:31:05 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (02/19/2015 09:37:20 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./root/default namespace does not exist. The query will be ignored.
 
Error: (02/19/2015 09:37:20 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./root/default namespace does not exist. The query will be ignored.
 
Error: (02/19/2015 09:37:20 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelWLANEvent" whose target class "CIntelWLANEvent" in //./root/default namespace does not exist. The query will be ignored.
 
Error: (02/19/2015 08:44:02 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (02/20/2015 02:27:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (02/20/2015 02:22:27 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell DataSafe Online service hung on starting.
 
Error: (02/20/2015 02:16:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error: 
%%1053
 
Error: (02/20/2015 02:16:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
 
Error: (02/20/2015 02:00:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/20/2015 11:02:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error: 
%%1053
 
Error: (02/20/2015 11:02:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
 
Error: (02/19/2015 10:30:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error: 
%%1053
 
Error: (02/19/2015 10:30:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
 
Error: (02/19/2015 08:43:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 62%
Total physical RAM: 6050.05 MB
Available physical RAM: 2253.14 MB
Total Pagefile: 12098.3 MB
Available Pagefile: 7971.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:683.89 GB) (Free:442.34 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: BEA37AE5)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:08 PM

Posted 25 February 2015 - 10:32 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===


Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

I need to see the content of the FRST.TXT log that was created when you rna the Farbar tool.
Please post if on you next reply.

#4 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 26 February 2015 - 03:59 PM

Here the logs :)

 

FRST.TXT

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01

Ran by Lady5412 (administrator) on LADY on 20-02-2015 15:30:13
Running from C:\Users\Lady5412\Downloads
Loaded Profiles: Lady5412 (Available profiles: Lady5412 & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\Run: [Google Update] => C:\Users\Lady5412\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-06] (Google Inc.)
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\Run: [GoogleChromeAutoLaunch_E8FAAA7DB0DCAE8CCA4EC92BC9A0C496] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\RunOnce: [Uninstall C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lady5412\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714"
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\...\Policies\Explorer: [] 
Startup: C:\Users\Lady5412\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lady5412\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CHR HKU\S-1-5-21-565440801-3961977085-1236778343-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
URLSearchHook: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = 
SearchScopes: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKLM-x32 - No Name - {eec0f710-38b5-4aba-99bf-ec87564a4e13} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ASC/FileLabPlugin;version=1.1.33 -> C:\ProgramData\FileLab\Plugin\Framework\npFlPluginS.dll (FileLab)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Lady5412\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @talk.google.com/O1DPlugin -> C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lady5412\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lady5412\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-17]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-22]
CHR Extension: (Angry Birds) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-10-22]
CHR Extension: (Google Docs) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-22]
CHR Extension: (Google Drive) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-22]
CHR Extension: (YouTube) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-22]
CHR Extension: (Google Search) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-22]
CHR Extension: (Avast SafePrice) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-22]
CHR Extension: (Google Sheets) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-22]
CHR Extension: (avast! Ad Blocker) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2014-10-22]
CHR Extension: (AdBlock) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-25]
CHR Extension: (Avast Online Security) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-22]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-01-05]
CHR Extension: (Cuevana Stream) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg [2014-10-22]
CHR Extension: (Google Maps) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-10-22]
CHR Extension: (Google Wallet) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-22]
CHR Extension: (zate.tv) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohbfcalhonopbkinbhdgdkgbjddgadon [2014-10-22]
CHR Extension: (Auto Refresh Plus) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-10-22]
CHR Extension: (Instagram for Chrome) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-12-25]
CHR Extension: (Gmail) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-05-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-22] (Avast Software)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [498688 2011-06-14] (Red Bend Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-06] (Dell Inc.)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [986112 2011-06-14] (Intel® Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2011-05-13] (Google Inc) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-22] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [85224 2012-06-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows ® Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-22] (Avast Software)
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 XHCIPort; system32\DRIVERS\XHCIPort.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-20 15:30 - 2015-02-20 15:31 - 00030830 _____ () C:\Users\Lady5412\Downloads\FRST.txt
2015-02-20 15:30 - 2015-02-20 15:30 - 00000000 ____D () C:\FRST
2015-02-20 15:27 - 2015-02-20 15:28 - 02086912 _____ (Farbar) C:\Users\Lady5412\Downloads\FRST64.exe
2015-02-20 14:20 - 2015-02-20 14:20 - 00000197 _____ () C:\windows\system32\2015-02-20-18-20-01.001-AvastVBoxSVC.exe-5096.log
2015-02-20 13:25 - 2015-02-20 13:25 - 00000197 _____ () C:\windows\system32\2015-02-20-17-25-57.089-AvastVBoxSVC.exe-3624.log
2015-02-20 11:04 - 2015-02-20 11:04 - 00000197 _____ () C:\windows\system32\2015-02-20-15-04-13.008-AvastVBoxSVC.exe-2516.log
2015-02-19 22:34 - 2015-02-19 22:34 - 00000197 _____ () C:\windows\system32\2015-02-20-02-34-08.070-AvastVBoxSVC.exe-4344.log
2015-02-19 20:45 - 2015-02-19 20:46 - 00000197 _____ () C:\windows\system32\2015-02-20-00-45-55.077-AvastVBoxSVC.exe-3856.log
2015-02-18 21:51 - 2015-02-18 21:52 - 00000197 _____ () C:\windows\system32\2015-02-19-01-51-23.034-AvastVBoxSVC.exe-2184.log
2015-02-17 22:49 - 2015-02-17 22:50 - 00000197 _____ () C:\windows\system32\2015-02-18-02-49-56.086-AvastVBoxSVC.exe-696.log
2015-02-16 21:39 - 2015-02-16 21:40 - 00000197 _____ () C:\windows\system32\2015-02-17-01-39-49.043-AvastVBoxSVC.exe-5484.log
2015-02-15 13:24 - 2015-02-15 13:25 - 00000197 _____ () C:\windows\system32\2015-02-15-17-24-45.089-AvastVBoxSVC.exe-3332.log
2015-02-13 19:11 - 2015-02-13 19:11 - 00000197 _____ () C:\windows\system32\2015-02-13-23-11-06.056-AvastVBoxSVC.exe-5796.log
2015-02-12 14:41 - 2015-02-12 14:41 - 00000197 _____ () C:\windows\system32\2015-02-12-18-41-20.027-AvastVBoxSVC.exe-5240.log
2015-02-12 13:54 - 2015-02-12 13:54 - 00000197 _____ () C:\windows\system32\2015-02-12-17-54-39.086-AvastVBoxSVC.exe-4292.log
2015-02-11 23:02 - 2015-02-19 23:40 - 00000426 _____ () C:\windows\Tasks\Dell SupportAssistAgent AutoUpdate.job
2015-02-11 23:02 - 2015-02-11 23:02 - 00003258 _____ () C:\windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-02-11 23:02 - 2015-02-11 23:02 - 00000000 __HDC () C:\ProgramData\{7417E72F-E156-403E-9DFA-EB0ED1DB06F1}
2015-02-11 23:01 - 2015-02-12 00:02 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-02-11 22:51 - 2015-01-23 00:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-11 22:51 - 2015-01-23 00:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-11 22:51 - 2015-01-22 23:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-11 22:51 - 2015-01-22 23:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 22:45 - 2015-02-11 22:45 - 00000197 _____ () C:\windows\system32\2015-02-12-02-45-09.035-AvastVBoxSVC.exe-5240.log
2015-02-11 04:02 - 2015-02-11 04:02 - 00000197 _____ () C:\windows\system32\2015-02-11-08-02-18.046-AvastVBoxSVC.exe-3848.log
2015-02-10 23:49 - 2015-02-10 23:49 - 00000197 _____ () C:\windows\system32\2015-02-11-03-49-06.018-AvastVBoxSVC.exe-3880.log
2015-02-10 23:17 - 2015-02-19 21:36 - 00003484 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2015-02-10 23:17 - 2015-02-10 23:17 - 00004056 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-10 23:17 - 2015-02-10 23:17 - 00003246 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2015-02-10 23:17 - 2015-02-10 23:17 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-10 23:17 - 2015-02-10 23:17 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-10 23:04 - 2015-01-08 23:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-02-10 23:04 - 2015-01-08 23:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-02-10 23:04 - 2015-01-08 23:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-02-10 23:04 - 2015-01-08 22:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-02-10 23:03 - 2015-01-14 01:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-10 23:03 - 2015-01-14 01:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-10 23:03 - 2015-01-11 23:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-10 23:03 - 2015-01-11 23:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-10 23:03 - 2015-01-11 23:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-10 23:03 - 2015-01-11 22:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-10 23:03 - 2015-01-11 22:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-10 23:03 - 2015-01-11 22:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-10 23:03 - 2015-01-11 22:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-10 23:03 - 2015-01-11 22:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-10 23:03 - 2015-01-11 22:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-10 23:03 - 2015-01-11 22:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-10 23:03 - 2015-01-11 22:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-10 23:03 - 2015-01-11 22:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-10 23:03 - 2015-01-11 22:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-10 23:03 - 2015-01-11 22:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-10 23:03 - 2015-01-11 22:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-10 23:03 - 2015-01-11 22:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-10 23:03 - 2015-01-11 22:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-10 23:03 - 2015-01-11 22:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 23:03 - 2015-01-11 22:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-10 23:03 - 2015-01-11 22:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-10 23:03 - 2015-01-11 22:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-10 23:03 - 2015-01-11 22:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-10 23:03 - 2015-01-11 22:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-10 23:03 - 2015-01-11 22:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-10 23:03 - 2015-01-11 22:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-10 23:03 - 2015-01-11 22:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-10 23:03 - 2015-01-11 22:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-10 23:03 - 2015-01-11 21:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-10 23:03 - 2015-01-11 21:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-10 23:03 - 2015-01-11 21:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-10 23:03 - 2015-01-11 21:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-10 23:03 - 2015-01-11 21:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-10 23:03 - 2015-01-11 21:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-10 23:03 - 2015-01-11 21:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-10 23:03 - 2015-01-11 21:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-10 23:03 - 2015-01-11 21:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-10 23:03 - 2015-01-11 21:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 23:03 - 2015-01-11 21:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-10 23:03 - 2015-01-11 21:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-10 23:03 - 2015-01-11 21:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-10 23:03 - 2015-01-11 21:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-10 23:03 - 2015-01-11 21:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-10 23:03 - 2015-01-11 21:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-10 23:03 - 2015-01-11 21:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-10 23:03 - 2015-01-11 21:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-10 23:03 - 2015-01-11 21:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-10 23:03 - 2015-01-11 21:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-10 23:03 - 2015-01-11 21:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-10 23:03 - 2015-01-11 20:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-10 23:03 - 2015-01-11 20:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-10 23:03 - 2015-01-10 02:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-10 23:03 - 2015-01-10 02:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-10 23:03 - 2015-01-10 02:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-10 23:03 - 2015-01-10 02:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-10 23:03 - 2015-01-10 02:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-10 23:03 - 2015-01-10 02:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-10 23:03 - 2015-01-10 02:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-10 23:03 - 2015-01-10 02:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-10 23:03 - 2015-01-10 02:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-10 23:03 - 2015-01-10 02:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-10 23:03 - 2015-01-10 02:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-10 23:03 - 2015-01-10 02:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-10 23:03 - 2015-01-10 02:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-10 23:03 - 2015-01-10 02:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-10 23:01 - 2015-01-15 04:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-10 23:01 - 2015-01-15 04:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-10 23:01 - 2015-01-15 04:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-10 23:01 - 2015-01-15 04:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-10 23:01 - 2015-01-15 04:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-10 23:01 - 2015-01-15 04:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-10 23:01 - 2015-01-15 04:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-10 23:01 - 2015-01-15 04:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-10 23:01 - 2015-01-15 04:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-10 23:01 - 2015-01-15 04:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-10 23:01 - 2015-01-15 04:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-10 23:01 - 2015-01-15 03:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-10 23:01 - 2015-01-15 03:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-10 23:01 - 2015-01-15 03:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-10 23:01 - 2015-01-15 03:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-10 23:01 - 2015-01-15 03:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-10 23:01 - 2015-01-15 03:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-10 23:01 - 2015-01-15 00:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-10 23:01 - 2015-01-12 23:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-10 23:01 - 2015-01-12 22:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-10 23:01 - 2014-12-12 01:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-10 23:01 - 2014-12-12 01:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-10 23:01 - 2014-11-25 23:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-10 23:01 - 2014-11-25 23:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-10 23:01 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-10 23:01 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-10 23:01 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-10 23:01 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-10 23:00 - 2015-01-14 02:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-10 23:00 - 2015-01-14 02:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-10 23:00 - 2015-01-14 02:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-10 23:00 - 2015-01-14 02:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-10 23:00 - 2015-01-14 01:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-10 23:00 - 2015-01-14 01:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-10 23:00 - 2015-01-14 01:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-10 23:00 - 2015-01-08 22:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-10 23:00 - 2014-12-07 23:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-10 23:00 - 2014-12-07 22:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-10 22:40 - 2015-02-10 22:41 - 00000197 _____ () C:\windows\system32\2015-02-11-02-40-50.007-AvastVBoxSVC.exe-3896.log
2015-02-09 22:13 - 2015-02-09 22:14 - 00000197 _____ () C:\windows\system32\2015-02-10-02-13-26.035-AvastVBoxSVC.exe-2988.log
2015-02-08 22:45 - 2015-02-08 22:45 - 00000197 _____ () C:\windows\system32\2015-02-09-02-45-48.072-AvastVBoxSVC.exe-5024.log
2015-02-08 22:40 - 2015-02-20 14:15 - 00001008 _____ () C:\windows\setupact.log
2015-02-08 22:40 - 2015-02-08 22:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-06 13:02 - 2015-02-06 13:02 - 00000197 _____ () C:\windows\system32\2015-02-06-17-02-17.047-AvastVBoxSVC.exe-4572.log
2015-02-05 21:36 - 2015-02-05 21:36 - 00000197 _____ () C:\windows\system32\2015-02-06-01-36-03.033-AvastVBoxSVC.exe-3628.log
2015-02-04 22:33 - 2015-02-04 22:33 - 00000197 _____ () C:\windows\system32\2015-02-05-02-33-06.024-AvastVBoxSVC.exe-4832.log
2015-02-04 18:39 - 2015-02-04 18:39 - 00000197 _____ () C:\windows\system32\2015-02-04-22-39-02.024-AvastVBoxSVC.exe-3664.log
2015-02-04 06:30 - 2015-02-08 16:22 - 00000000 ____D () C:\Users\Lady5412\Desktop\Current Tri
2015-02-03 21:55 - 2015-02-03 21:55 - 00000197 _____ () C:\windows\system32\2015-02-04-01-55-39.097-AvastVBoxSVC.exe-3376.log
2015-02-03 21:35 - 2015-02-03 21:35 - 00000000 ____D () C:\ProgramData\IntelDLM
2015-02-03 21:19 - 2015-02-03 21:19 - 00000000 ____D () C:\Users\Lady5412\AppData\Local\Intel
2015-02-03 21:18 - 2015-02-03 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-02-03 21:18 - 2015-02-03 21:18 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-02-03 21:16 - 2015-02-03 21:17 - 02333416 _____ (Intel) C:\Users\Lady5412\Downloads\Intel Driver Update Utility Installer.exe
2015-02-02 20:34 - 2015-02-02 20:34 - 00000197 _____ () C:\windows\system32\2015-02-03-00-34-30.092-AvastVBoxSVC.exe-2528.log
2015-02-02 15:12 - 2015-02-02 15:12 - 00000197 _____ () C:\windows\system32\2015-02-02-19-12-06.030-AvastVBoxSVC.exe-4764.log
2015-02-02 09:57 - 2015-02-02 09:57 - 00000197 _____ () C:\windows\system32\2015-02-02-13-57-15.096-AvastVBoxSVC.exe-2484.log
2015-02-02 09:33 - 2015-02-02 09:33 - 00000197 _____ () C:\windows\system32\2015-02-02-13-33-51.025-AvastVBoxSVC.exe-3472.log
2015-01-31 08:59 - 2015-01-31 09:00 - 00000197 _____ () C:\windows\system32\2015-01-31-12-59-56.063-AvastVBoxSVC.exe-3412.log
2015-01-30 23:03 - 2015-01-30 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-30 23:00 - 2015-01-30 23:03 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-30 23:00 - 2015-01-30 23:03 - 00000000 ____D () C:\Program Files\iTunes
2015-01-30 23:00 - 2015-01-30 23:00 - 00000000 ____D () C:\Program Files\iPod
2015-01-30 23:00 - 2015-01-30 23:00 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-30 18:36 - 2015-01-30 18:36 - 00023760 _____ (Dell Computer Corporation) C:\windows\system32\Drivers\DDDriver64Dcsa.sys
2015-01-30 18:36 - 2015-01-30 18:36 - 00023312 _____ (Dell Computer Corporation) C:\windows\system32\Drivers\DellProf.sys
2015-01-30 17:57 - 2015-01-30 17:57 - 00000197 _____ () C:\windows\system32\2015-01-30-21-57-15.099-AvastVBoxSVC.exe-2124.log
2015-01-30 10:18 - 2015-01-30 10:18 - 00000197 _____ () C:\windows\system32\2015-01-30-14-18-00.019-AvastVBoxSVC.exe-4580.log
2015-01-29 23:49 - 2015-01-29 23:49 - 00000197 _____ () C:\windows\system32\2015-01-30-03-49-00.084-AvastVBoxSVC.exe-4260.log
2015-01-29 19:01 - 2015-01-29 19:01 - 00000512 _____ () C:\windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2015-01-29 18:26 - 2015-01-29 18:26 - 00000197 _____ () C:\windows\system32\2015-01-29-22-26-43.095-AvastVBoxSVC.exe-5856.log
2015-01-28 18:05 - 2015-01-28 18:05 - 00000197 _____ () C:\windows\system32\2015-01-28-22-05-34.010-AvastVBoxSVC.exe-5164.log
2015-01-28 09:31 - 2015-01-28 09:32 - 00000197 _____ () C:\windows\system32\2015-01-28-13-31-42.070-AvastVBoxSVC.exe-4984.log
2015-01-27 22:33 - 2015-01-27 22:33 - 00434712 _____ () C:\Users\Lady5412\Documents\SUPERWOMAN.pptx
2015-01-27 22:05 - 2015-01-27 22:05 - 00746280 _____ () C:\Users\Lady5412\Documents\El modernismo en la Republica Dominicana e Hispanoamerica.pptx
2015-01-27 16:34 - 2015-01-27 16:34 - 00000197 _____ () C:\windows\system32\2015-01-27-20-34-23.081-AvastVBoxSVC.exe-380.log
2015-01-26 20:05 - 2015-01-26 20:05 - 00000000 ____D () C:\ProgramData\Sun
2015-01-26 19:32 - 2015-01-26 19:33 - 00000197 _____ () C:\windows\system32\2015-01-26-23-32-47.049-AvastVBoxSVC.exe-4044.log
2015-01-24 11:45 - 2015-01-24 11:45 - 00000197 _____ () C:\windows\system32\2015-01-24-15-45-39.016-AvastVBoxSVC.exe-5720.log
2015-01-24 11:38 - 2015-01-24 11:38 - 00000000 _____ () C:\windows\SysWOW64\shoB470.tmp
2015-01-24 11:36 - 2015-01-24 11:36 - 00000197 _____ () C:\windows\system32\2015-01-24-15-36-13.034-AvastVBoxSVC.exe-5088.log
2015-01-21 23:37 - 2015-01-21 23:37 - 00000197 _____ () C:\windows\system32\2015-01-22-03-37-11.054-AvastVBoxSVC.exe-4200.log
2015-01-21 09:58 - 2015-01-21 09:58 - 00000197 _____ () C:\windows\system32\2015-01-21-13-58-07.011-AvastVBoxSVC.exe-4868.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-20 15:04 - 2013-10-28 23:37 - 06249472 ___SH () C:\Users\Lady5412\Desktop\Thumbs.db
2015-02-20 14:56 - 2012-06-05 23:53 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-20 14:55 - 2014-10-22 14:40 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 14:44 - 2012-05-06 22:55 - 00000944 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000UA.job
2015-02-20 14:36 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 14:36 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 14:32 - 2013-05-17 22:52 - 01468993 _____ () C:\windows\WindowsUpdate.log
2015-02-20 14:23 - 2009-07-14 01:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-20 14:20 - 2013-10-25 01:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-20 14:18 - 2012-05-06 23:22 - 00000000 ___RD () C:\Users\Lady5412\Dropbox
2015-02-20 14:17 - 2012-05-06 23:19 - 00000000 ____D () C:\Users\Lady5412\AppData\Roaming\Dropbox
2015-02-20 14:17 - 2012-02-03 08:34 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-02-20 14:16 - 2014-10-22 14:40 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 14:15 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-20 14:14 - 2012-09-05 21:59 - 02882567 _____ () C:\windows\system32\Drivers\Cat.DB
2015-02-20 11:03 - 2013-05-16 03:16 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-02-20 06:55 - 2012-05-27 09:45 - 00000964 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000UA.job
2015-02-20 02:44 - 2012-05-06 22:55 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000Core.job
2015-02-17 05:52 - 2012-07-16 15:27 - 00001249 _____ () C:\Users\Lady5412\Documents\Regla.txt
2015-02-15 18:55 - 2012-05-27 09:45 - 00000942 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000Core.job
2015-02-14 11:45 - 2012-11-08 01:59 - 12933632 ___SH () C:\Users\Lady5412\Downloads\Thumbs.db
2015-02-13 19:16 - 2012-05-06 23:19 - 00000000 ____D () C:\Users\Lady5412\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-13 15:43 - 2014-09-20 09:59 - 00000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-02-13 15:43 - 2014-09-20 09:59 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-02-13 01:55 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2015-02-12 22:00 - 2012-11-07 09:00 - 00207872 ___SH () C:\Users\Lady5412\Documents\Thumbs.db
2015-02-11 23:02 - 2012-02-03 08:07 - 00000000 ____D () C:\Program Files\Dell
2015-02-11 23:01 - 2012-02-03 08:16 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-02-11 03:56 - 2009-07-14 00:45 - 00616632 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 03:50 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\tracing
2015-02-11 03:35 - 2013-06-14 21:45 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 03:33 - 2012-04-26 17:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 03:21 - 2013-07-29 19:08 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 03:11 - 2012-05-08 18:41 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-10 23:17 - 2012-02-03 08:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-08 18:18 - 2012-08-08 01:23 - 00000000 ____D () C:\Users\Lady5412\AppData\Roaming\SoftGrid Client
2015-02-08 17:10 - 2014-03-23 21:44 - 00000000 ____D () C:\Users\Lady5412\AppData\Local\CrashDumps
2015-02-08 11:34 - 2014-11-13 23:00 - 00000000 ____D () C:\Users\Lady5412\AppData\Roaming\Spotify
2015-02-06 06:29 - 2014-11-13 23:06 - 00000000 ____D () C:\Users\Lady5412\AppData\Local\Spotify
2015-02-06 02:50 - 2014-10-22 14:40 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 02:50 - 2014-10-22 14:40 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 02:39 - 2012-05-06 22:55 - 00003932 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000UA
2015-02-06 02:39 - 2012-05-06 22:55 - 00003536 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-565440801-3961977085-1236778343-1000Core
2015-02-04 22:21 - 2014-10-28 17:40 - 00000000 ____D () C:\Users\Lady5412\Desktop\Eileen
2015-02-04 19:57 - 2012-06-05 23:53 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 19:57 - 2012-06-04 20:39 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 19:57 - 2012-02-03 08:03 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 06:32 - 2013-12-01 16:13 - 00000000 ____D () C:\Users\Lady5412\Desktop\Trimestres
2015-02-03 21:54 - 2013-04-17 23:29 - 00000000 ____D () C:\Users\Lady5412\Documents\E&N♥
2015-02-03 21:42 - 2012-02-03 08:07 - 00000000 ____D () C:\Program Files\Intel
2015-02-02 15:10 - 2012-02-03 08:19 - 00000000 ____D () C:\ProgramData\Sonic
2015-02-02 09:35 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2015-01-30 23:00 - 2012-07-21 10:52 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-30 17:57 - 2012-05-06 23:14 - 00102400 _____ () C:\Users\Lady5412\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-30 01:23 - 2012-05-08 15:53 - 00000000 ____D () C:\Users\Lady5412\AppData\Roaming\Skype
2015-01-29 19:02 - 2015-01-18 03:07 - 00000356 _____ () C:\windows\system32\config\afw_hm.conf
2015-01-29 19:02 - 2015-01-18 03:07 - 00000004 _____ () C:\windows\system32\config\afw_db.conf
2015-01-29 01:44 - 2012-05-12 15:34 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-26 20:18 - 2014-08-22 22:21 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-01-26 20:17 - 2012-02-03 08:03 - 00000000 ____D () C:\Program Files\Java
2015-01-26 20:04 - 2014-08-04 23:42 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-26 20:03 - 2014-01-18 19:48 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-23 12:22 - 2013-05-30 11:13 - 00000000 ____D () C:\Users\Lady5412\Downloads\What a girl wants, what a girl needs ♪
 
==================== Files in the root of some directories =======
 
2012-09-23 22:10 - 2012-09-23 22:10 - 4096000 _____ () C:\Program Files (x86)\GUT5FB4.tmp
2014-09-20 09:59 - 2014-09-20 09:59 - 0000268 ___RH () C:\Users\Lady5412\AppData\Roaming\Chorus
2014-09-20 09:59 - 2014-09-20 09:59 - 0000268 ___RH () C:\Users\Lady5412\AppData\Roaming\Classic Thick
2014-09-20 09:59 - 2014-09-20 09:59 - 0000268 ___RH () C:\Users\Lady5412\AppData\Roaming\Classical
2012-05-07 22:00 - 2014-11-27 07:55 - 0015764 _____ () C:\Users\Lady5412\AppData\Roaming\Rim.Desktop.Exception.log
2012-05-07 21:59 - 2013-04-08 19:58 - 0006673 _____ () C:\Users\Lady5412\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-05-07 22:00 - 2013-04-08 19:17 - 0007238 _____ () C:\Users\Lady5412\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-06-11 23:11 - 2014-11-27 07:55 - 0001540 _____ () C:\Users\Lady5412\AppData\Roaming\Rim.Transcoder.Exception.log
2012-11-11 18:24 - 2012-12-29 20:11 - 0000579 _____ () C:\Users\Lady5412\AppData\Local\cookies.ini
2012-05-06 23:14 - 2015-01-30 17:57 - 0102400 _____ () C:\Users\Lady5412\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-14 23:11 - 2013-06-14 23:11 - 0002457 _____ () C:\Users\Lady5412\AppData\Local\IWDAudHelper.20130614.231144.txt
2012-09-12 22:16 - 2012-09-12 22:16 - 0007597 _____ () C:\Users\Lady5412\AppData\Local\Resmon.ResmonCfg
2013-06-14 23:10 - 2013-06-14 23:13 - 0032511 _____ () C:\Users\Lady5412\AppData\Local\WiDiSetupLog.20130614.231018.wdl
2013-11-30 23:05 - 2013-11-30 23:10 - 0028525 _____ () C:\Users\Lady5412\AppData\Local\WiDiSetupLog.20131130.230544.wdl
2014-09-20 09:59 - 2014-09-20 09:59 - 0000268 ___RH () C:\ProgramData\Clips
2014-09-20 09:59 - 2014-09-20 09:59 - 0000268 ___RH () C:\ProgramData\Cocoa
2014-09-20 09:59 - 2014-09-20 09:59 - 0000268 ___RH () C:\ProgramData\ColorSync
2014-02-21 02:21 - 2014-02-21 02:21 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-09-20 09:59 - 2014-10-16 19:02 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-09-20 09:59 - 2015-02-13 15:43 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-09-20 09:59 - 2015-02-13 15:43 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
 
Some content of TEMP:
====================
C:\Users\Lady5412\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfmt5kh.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-13 01:46
 
==================== End Of Log ============================
 
 
 
AdwCleaner
 
# AdwCleaner v4.111 - Logfile created 26/02/2015 at 16:48:53
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : lady5412 - LADY
# Running from : C:\Users\lady5412\Desktop\adwcleaner_4.111.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Users\lady5412\AppData\Local\CrashRpt
Folder Deleted : C:\Users\lady5412\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd
Folder Deleted : C:\Users\lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\lady5412\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\lady5412\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
 
-\\ Google Chrome v40.0.2214.115
 
[C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fplhdcjmbpfkejbhngmlngaecbjmoimd
 
*************************
 
AdwCleaner[R0].txt - [5208 bytes] - [26/02/2015 16:40:41]
AdwCleaner[S0].txt - [5077 bytes] - [26/02/2015 16:48:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5136  bytes] ##########


#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:08 PM

Posted 27 February 2015 - 08:25 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

CloseProcesses:

HKLM-x32\...\Run: [] => [X]
CHR HKU\S-1-5-21-565440801-3961977085-1236778343-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO-x32: No Name -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKLM-x32 - No Name - {eec0f710-38b5-4aba-99bf-ec87564a4e13} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @talk.google.com/O1DPlugin -> C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
CHR Extension: (Avast SafePrice) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-22]
CHR Extension: (avast! Ad Blocker) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2014-10-22]
CHR Extension: (Avast Online Security) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-05-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 XHCIPort; system32\DRIVERS\XHCIPort.sys [X]
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\Users\Lady5412\Downloads\MPC-HC.1.7.7.x64.exe:com.dropbox.attributes


End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Now is the computer running now?

#6 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 27 February 2015 - 09:17 AM

All doneeeeeeee!

 

Here's the log. The computer is running well!

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01

Ran by lady5412 at 2015-02-27 10:07:41 Run:1
Running from C:\Users\lady5412\Downloads
Loaded Profiles: lady5412 (Available profiles: lady5412 & Guest)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
 
HKLM-x32\...\Run: [] => [X]
CHR HKU\S-1-5-21-565440801-3961977085-1236778343-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-565440801-3961977085-1236778343-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO-x32: No Name -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKLM-x32 - No Name - {eec0f710-38b5-4aba-99bf-ec87564a4e13} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
FF Plugin HKU\S-1-5-21-565440801-3961977085-1236778343-1000: @talk.google.com/O1DPlugin -> C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
CHR Extension: (Avast SafePrice) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-22]
CHR Extension: (avast! Ad Blocker) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2014-10-22]
CHR Extension: (Avast Online Security) - C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-05-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 XHCIPort; system32\DRIVERS\XHCIPort.sys [X]
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\Users\Lady5412\Downloads\MPC-HC.1.7.7.x64.exe:com.dropbox.attributes
 
 
End
*****************
 
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-565440801-3961977085-1236778343-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-565440801-3961977085-1236778343-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKU\S-1-5-21-565440801-3961977085-1236778343-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKU\S-1-5-21-565440801-3961977085-1236778343-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Key deleted successfully.
HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} => Key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{472734EA-242A-422B-ADF8-83D1E48CC825} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => Key not found. 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKU\S-1-5-21-565440801-3961977085-1236778343-1000\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin" => Key deleted successfully.
C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll not found.
"HKU\S-1-5-21-565440801-3961977085-1236778343-1000\Software\MozillaPlugins\@talk.google.com/O1DPlugin" => Key deleted successfully.
C:\Users\Lady5412\AppData\Roaming\Mozilla\plugins\npo1d.dll not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => value deleted successfully.
C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck directory not found.
C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd directory not found.
C:\Users\Lady5412\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => Key not found. 
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx" => Scheduled to move on reboot.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd => Key not found. 
Could not move "C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => Key deleted successfully.
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
btmaudio => Service deleted successfully.
cleanhlp => Service deleted successfully.
PcdrNdisuio => Service deleted successfully.
XHCIPort => Service deleted successfully.
C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
C:\ProgramData\Temp => ":430C6D84" ADS removed successfully.
C:\ProgramData\Temp => ":A1EDB939" ADS removed successfully.
C:\ProgramData\Temp => ":DFC5A2B2" ADS removed successfully.
"C:\Users\Lady5412\Downloads\MPC-HC.1.7.7.x64.exe" => ":com.dropbox.attributes" ADS not found.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-27 10:12:40)<=
 
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx" => File could not move.
"C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx" => File could not move.
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => File could not move.
 
==== End of Fixlog 10:12:40 ====


#7 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 27 February 2015 - 09:21 AM

I have a questioooonnnnn.

 

Why there are so many Mozilla Firefox data when I don't have that browser installed in my computer???

 

I only have Chrome and IE that comes with the computer.

 

And also, what's that "guest" profile? 



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:08 PM

Posted 27 February 2015 - 02:09 PM

Why there are so many Mozilla Firefox data when I don't have that browser installed in my computer???

These entries in the Registry are added by the programs you install.
The entries will be activated if ever you install Firefox.

===

what's that "guest" profile?

Why is was created is unknown to me.

Why there are so many Mozilla Firefox data when I don't have that browser installed in my computer???

These entries in the Registry are added by the programs you install.
The entries will be activated if ever you install Firefox.

===

what's that "guest" profile?

Why is was created is unknown to me.

Guest (S-1-5-21-565440801-3961977085-1236778343-501 - Limited - Disabled) => C:\Users\Guest

Keep it If ever you want to use it for a temporary guest you can enable it.
===

#9 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 27 February 2015 - 02:20 PM

Ooooh, I get it!

 

Thank you for answering!!! 

 

And so, what's the conclusion? Is my computer clean?? Do I need to do something else??

 

Thank you in advance for everything!  :thumbsup:  



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:08 PM

Posted 27 February 2015 - 02:38 PM

Your logs are clean.

One last scan.

Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

======

#11 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 27 February 2015 - 03:13 PM

Log

 

 Results of screen317's Security Check version 0.99.97  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 JavaFX 2.1.1    
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Adobe Reader XI  
 Google Chrome (40.0.2214.111) 
 Google Chrome (40.0.2214.115) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
 
 
 
The computer is running well so far!


#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:08 PM

Posted 28 February 2015 - 08:13 AM

You have the latest java version in Java 8 Update 31 what you should remove is this old version JavaFX 2.1.1 delete if using the Add/Remove Programs.

===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#13 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 28 February 2015 - 09:06 AM

Just did what you commanded and yes everything is working fine.

 

If you don't mind I have another question... Why every time (emphasis in there)  I run CCleaner, the results show temporary files (thousands of it) and some times history browsing (no more than 3 entries) from IE? I don't know why. I'm the owner of this PC and I know myself that I never even click on the IE icon. I never use it. So, don't know why I always run CCleaner it shows that results.... (always) Is it normal?

 

Thank you for the guide btw! My appreciations! 



#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:08 PM

Posted 28 February 2015 - 10:18 AM

Open Internet Explorer.
Tools menu > Internet Options > General Tab
Under browser history.
Set the box to clear the history when you close the browser.

That should help in eliminatiing some of the items that Ccleaner finds.

Check you Chrome history.
https://support.google.com/chrome/answer/95607?hl=en

There is also all the various Cookies that ccleaner may remove.

Goodle this string clear cookies clean them on all browsers or use Ccleaner.

#15 Lady5412

Lady5412
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 28 February 2015 - 11:31 AM

Nononononononono. You don't understand.

 

What I'm saying is that I do not use IE at all. Seriously at all.

 

If I never use it, how come CCleaner always show thousands of temporary files from it?? As if I was actually using it, which I'm not.

 

That's my question. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users