Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot update malwarebytes, rogue killer, kaspersky, etc.


  • This topic is locked This topic is locked
3 replies to this topic

#1 jdlicciardello

jdlicciardello

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 30 December 2015 - 11:44 AM

I cannot even connect to kaspersky.com. Internet is working fine. I have been scouring these pages for days trying many different things, hard to remember everything I have tried but rkill, roguekiller, adwarecleaner, hitmanpro, and using various executable chameleon  programs, etc. Thanks in advance for any help.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-12-2015
Ran by jdl_000 (administrator) on VAIO (30-12-2015 11:31:05)
Running from C:\Users\jdl_000\Desktop
Loaded Profiles: jdl_000 (Available Profiles: jdl_000)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Users\jdl_000\Desktop\RogueKiller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-20] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-11-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [ATLauncher] => "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [ATUninstallIcon] => "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe [24256 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SecureW2 Tray] => C:\Program Files (x86)\SecureW2\sw2_tray.exe [262464 2015-06-03] (SecureW2 B.V.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII5E.EXE [293504 2012-08-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [168448 2014-10-06] (Fieldston Software)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [Google Update] => C:\Users\jdl_000\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [Spotify Web Helper] => C:\Users\jdl_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-10] (Spotify Ltd)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [WebDriveTray] => C:\Program Files\WebDrive\webdrive.exe [7665800 2015-05-11] (South River Technologies, Inc.)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-166654913-935638154-2365692726-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  WebDrive] -> {37D70BD3-073C-4180-ADD9-C032EA5A7204} => C:\WINDOWS\system32\wdShellExt.dll [2015-05-11] (South River Technologies, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2014-06-27] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2014-06-27] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2014-06-27] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll [2015-09-03] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2014-06-27] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2014-06-27] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2014-06-27] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2015-09-03] (Kaspersky Lab ZAO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-09-12]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 09 C:\ProgramData\System32\SafeGuard32.dll No File 
Winsock: Catalog5-x64 09 C:\ProgramData\System32\SafeGuard64.dll [3387320 2015-11-17] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BF9E8510-0690-493A-9A86-C41201BDFEF3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F2E749BB-EF9E-4726-8E2D-41D2B48F9DDD}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-166654913-935638154-2365692726-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
SearchScopes: HKLM -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-18] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-06-09] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-06-09] (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-05] (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-06-09] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-18] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-06-09] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-06-09] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-06-09] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-06-09] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-06-09] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\jdl_000\AppData\Roaming\Mozilla\Firefox\Profiles\dakhn99u.default-1448061577421
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-02] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-12] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-166654913-935638154-2365692726-1001: @citrixonline.com/appdetectorplugin -> C:\Users\jdl_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-10-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-166654913-935638154-2365692726-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\jdl_000\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-166654913-935638154-2365692726-1001: @talk.google.com/O1DPlugin -> C:\Users\jdl_000\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-166654913-935638154-2365692726-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jdl_000\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-166654913-935638154-2365692726-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jdl_000\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\jdl_000\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-08-21] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\jdl_000\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\jdl_000\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2015-02-18] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-14]
CHR Extension: (Google Drive) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (Google Search) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-09]
CHR Extension: (Google Docs Offline) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02]
CHR Extension: (Safe Money) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-06-09]
CHR Extension: (Content Blocker) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-09]
CHR Extension: (Virtual Keyboard) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-09]
CHR Extension: (SlingPlayer Web Plug-in) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lidgnhlbmoakdjkfhanbhfngcadpaiac [2015-10-14]
CHR Extension: (Skype) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-14]
CHR Extension: (Gmail) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-14]
CHR Extension: (Anti-Banner) - C:\Users\jdl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-06-09]
CHR HKU\S-1-5-21-166654913-935638154-2365692726-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [epiggbpnpeipncloelnecejhmipiohhh] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - hxxps://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations) [File not signed]
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
S2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107344 2012-11-20] (Condusiv Technologies)
S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S4 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [178608 2015-11-05] ()
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-19] (Sony Corporation) [File not signed]
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WebDriveService; C:\Program Files\WebDrive\wdService.exe [6541448 2015-05-11] (South River Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [238920 2013-12-02] (Xerox Corporation)
S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98504 2013-09-25] (Infowatch)
S1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67784 2013-09-25] (Infowatch)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows ® Win 7 DDK provider)
R0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25424 2012-11-20] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [111952 2012-11-20] (Condusiv Technologies)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [41080 2015-12-07] ()
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2013-11-11] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-09] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627264 2014-06-09] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-11-11] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-02-18] (Kaspersky Lab ZAO)
S3 Logi_Headset_DFU; C:\Windows\System32\Drivers\lhusbdfuamd64.sys [44136 2014-12-08] (CSR plc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-30] (Malwarebytes)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-10-12] ()
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-07-30] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-11-08] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2015-12-30] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 WebDriveFSD; C:\Program Files\WebDrive\wdfsd.sys [92808 2015-05-11] ()
U0 KL1; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-30 11:31 - 2015-12-30 11:31 - 00030581 _____ C:\Users\jdl_000\Desktop\FRST.txt
2015-12-30 11:30 - 2015-12-30 11:31 - 00000000 ____D C:\FRST
2015-12-30 11:29 - 2015-12-30 11:29 - 02370560 _____ (Farbar) C:\Users\jdl_000\Desktop\FRST64.exe
2015-12-30 11:02 - 2015-12-30 11:02 - 00006080 _____ C:\Users\jdl_000\Desktop\20151230110200_roguekiller_report.txt
2015-12-30 10:42 - 2015-12-30 10:42 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\jdl_000\Desktop\rkill.com
2015-12-30 10:40 - 2015-12-30 10:51 - 00002542 _____ C:\Users\jdl_000\Desktop\Rkill.txt
2015-12-30 10:40 - 2015-12-30 10:40 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\jdl_000\Desktop\iExplore.exe
2015-12-30 01:55 - 2015-12-30 02:30 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-30 01:33 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-30 01:31 - 2015-12-30 01:32 - 22908888 _____ (Malwarebytes ) C:\Users\jdl_000\Desktop\mbam-setup-org-2.2.0.1024.exe
2015-12-29 22:32 - 2015-12-29 22:32 - 00000000 _____ C:\WINDOWS\SysWOW64\REN55E9.tmp
2015-12-29 20:13 - 2015-12-29 20:15 - 20835400 _____ C:\Users\jdl_000\Desktop\RogueKiller.exe
2015-12-29 19:44 - 2015-12-29 19:44 - 05643545 _____ (Swearware) C:\Users\jdl_000\Desktop\ComboFix.exe
2015-12-29 19:42 - 2015-12-29 19:43 - 05643545 _____ (Swearware) C:\Users\jdl_000\Downloads\ComboFix (1).exe
2015-12-29 19:38 - 2015-12-29 19:38 - 05643545 _____ (Swearware) C:\Users\jdl_000\Downloads\ComboFix.exe
2015-12-29 19:31 - 2015-12-29 19:31 - 01743360 _____ C:\Users\jdl_000\Downloads\adwcleaner_5.026.exe
2015-12-29 17:14 - 2015-12-29 17:14 - 00000000 ___RD C:\Users\jdl_000\SkyDrive
2015-12-29 17:13 - 2015-12-29 17:15 - 00003092 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-166654913-935638154-2365692726-1001
2015-12-28 05:56 - 2015-12-29 17:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-16 17:58 - 2015-12-16 17:58 - 00000000 ____D C:\Users\jdl_000\AppData\Local\join.me
2015-12-12 19:10 - 2015-12-12 19:10 - 00002368 _____ C:\Users\jdl_000\Desktop\phillips.dta
2015-12-11 12:03 - 2015-12-11 12:03 - 02264048 _____ C:\Users\jdl_000\Desktop\vaccine record0001.pdf
2015-12-11 11:59 - 2015-12-11 11:59 - 00005060 _____ C:\Users\jdl_000\Desktop\detectedlog.txt
2015-12-10 11:09 - 2015-11-08 19:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-10 11:09 - 2015-11-08 17:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-10 11:09 - 2015-11-08 16:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-10 11:09 - 2015-11-08 16:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-10 11:09 - 2015-11-08 16:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-10 11:08 - 2015-11-22 01:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-10 11:08 - 2015-11-22 01:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-10 11:08 - 2015-11-22 01:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-10 11:08 - 2015-11-22 01:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-10 11:08 - 2015-11-22 01:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-10 11:08 - 2015-11-22 01:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-10 11:08 - 2015-11-22 01:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-10 11:08 - 2015-11-21 13:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-10 11:08 - 2015-11-21 12:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-10 11:08 - 2015-11-21 11:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-10 11:08 - 2015-11-21 11:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-10 11:08 - 2015-11-21 11:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-10 11:08 - 2015-11-21 11:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-10 11:08 - 2015-11-08 15:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-10 11:08 - 2015-11-08 15:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-10 11:08 - 2015-11-08 15:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-10 11:08 - 2015-11-05 03:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-10 11:06 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-10 11:06 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-10 11:06 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-10 11:06 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-10 11:06 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-10 11:06 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-10 11:06 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-10 11:06 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-10 11:06 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-10 11:06 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-10 11:06 - 2015-11-09 18:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-10 11:06 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-10 11:06 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-10 11:06 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-10 11:06 - 2015-11-09 18:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-10 11:06 - 2015-11-09 18:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-10 11:06 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-10 11:06 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-10 11:06 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-10 11:06 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-10 11:06 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-10 11:06 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-10 11:06 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-10 11:06 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-10 11:06 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-10 11:06 - 2015-11-08 16:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-10 11:06 - 2015-11-08 16:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-10 11:06 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-10 11:06 - 2015-11-08 16:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-10 11:06 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-10 11:06 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-10 11:06 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-10 11:06 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-10 11:06 - 2015-11-08 15:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-10 11:06 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-10 11:06 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-10 11:06 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-10 11:05 - 2015-11-11 10:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-10 11:05 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-10 10:59 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-10 10:59 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-10 10:59 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-10 10:59 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-10 10:59 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-10 10:59 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-10 10:59 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-10 10:59 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-10 10:59 - 2015-10-22 11:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-10 10:59 - 2015-10-22 11:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-10 10:59 - 2015-10-22 10:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-10 10:59 - 2015-10-22 10:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-10 10:59 - 2015-10-22 09:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-10 10:59 - 2015-10-22 09:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-10 10:59 - 2015-10-10 12:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-10 00:11 - 2015-10-28 10:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-10 00:11 - 2015-10-28 10:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-10 00:11 - 2015-10-11 01:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-10 00:11 - 2015-10-11 01:34 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-10 00:11 - 2015-10-11 01:34 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-10 00:11 - 2015-10-11 01:34 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-10 00:11 - 2015-10-11 01:34 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-10 00:11 - 2015-10-10 13:41 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-10 00:11 - 2015-10-10 13:41 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-10 00:11 - 2015-10-08 11:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-10 00:11 - 2015-10-08 10:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-10 00:11 - 2015-10-05 13:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-10 00:11 - 2015-10-05 13:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-10 00:11 - 2015-10-03 14:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-10 00:11 - 2015-10-03 14:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-10 00:10 - 2015-11-20 17:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-10 00:10 - 2015-11-20 13:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-10 00:10 - 2015-11-20 11:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-10 00:10 - 2015-11-20 11:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-10 00:10 - 2015-11-20 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-10 00:10 - 2015-11-20 11:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-10 00:10 - 2015-11-20 11:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-10 00:10 - 2015-11-20 11:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-10 00:10 - 2015-11-20 11:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-10 00:10 - 2015-11-20 11:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-10 00:10 - 2015-11-20 11:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-10 00:10 - 2015-11-20 11:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-10 00:10 - 2015-11-20 11:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-07 10:29 - 2015-12-07 10:29 - 00002786 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-07 00:14 - 2015-12-07 00:14 - 00041080 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-12-07 00:13 - 2015-12-07 00:13 - 00006864 _____ C:\WINDOWS\system32\.crusader
2015-12-07 00:03 - 2015-12-07 00:13 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-07 00:03 - 2015-12-07 00:03 - 11337112 _____ (SurfRight B.V.) C:\Users\jdl_000\Desktop\HitmanPro_x64.exe
2015-12-06 23:07 - 2015-12-30 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-06 23:07 - 2015-12-30 10:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-06 23:07 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-06 23:06 - 2015-12-06 23:07 - 22908888 _____ (Malwarebytes ) C:\Users\jdl_000\Downloads\mbam-setup.exe
2015-12-06 22:59 - 2015-12-30 10:41 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-06 22:59 - 2015-12-30 01:33 - 00000000 ____D C:\Users\jdl_000\AppData\Roaming\Malwarebytes
2015-12-06 22:59 - 2015-12-06 23:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-06 22:59 - 2015-12-06 22:59 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\jdl_000\Downloads\mbam-setup-1.75.0.1300.exe
2015-12-06 22:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-06 22:33 - 2015-12-06 22:33 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-06 22:33 - 2015-12-06 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-06 22:33 - 2015-12-06 22:33 - 00000000 ____D C:\Program Files\CCleaner
2015-12-06 22:29 - 2015-12-06 22:31 - 06801752 _____ (Piriform Ltd) C:\Users\jdl_000\Desktop\ccsetup512.exe
2015-12-06 21:18 - 2015-12-30 10:43 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-12-06 21:18 - 2015-12-06 21:18 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-06 21:16 - 2015-12-06 21:17 - 25023048 _____ C:\Users\jdl_000\Desktop\RogueKillerX64.exe
2015-12-06 21:15 - 2015-12-06 23:55 - 00000547 _____ C:\Users\jdl_000\Desktop\JRT.txt
2015-12-06 21:13 - 2015-12-06 21:13 - 01599336 _____ (Malwarebytes) C:\Users\jdl_000\Desktop\JRT.exe
2015-12-06 21:11 - 2015-12-06 21:11 - 00852720 _____ C:\Users\jdl_000\Desktop\SecurityCheck.exe
2015-12-06 20:59 - 2015-12-06 20:59 - 00688992 _____ (Swearware) C:\Users\jdl_000\Desktop\dds.com
2015-12-06 20:58 - 2015-12-06 20:58 - 00688992 _____ (Swearware) C:\Users\jdl_000\Desktop\dds.exe
2015-12-06 20:57 - 2015-12-06 20:57 - 00688992 _____ (Swearware) C:\Users\jdl_000\Desktop\dds.scr
2015-12-06 20:48 - 2015-12-06 20:48 - 01736704 _____ C:\Users\jdl_000\Downloads\adwcleaner_5.023.exe
2015-12-02 22:46 - 2015-12-02 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-02 22:39 - 2015-12-02 22:39 - 00929872 _____ (Google Inc.) C:\Users\jdl_000\Downloads\ChromeSetup(1).exe
2015-11-30 23:01 - 2015-11-30 23:01 - 00015464 _____ C:\WINDOWS\DelYac64.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-30 11:30 - 2013-08-22 08:36 - 00000000 ____D C:\Windows
2015-12-30 02:28 - 2013-08-22 08:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-30 01:45 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-30 01:42 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Help
2015-12-30 01:42 - 2012-12-25 01:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-30 01:38 - 2013-05-16 19:41 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-166654913-935638154-2365692726-1001
2015-12-30 01:35 - 2014-11-25 11:58 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-166654913-935638154-2365692726-1001UA.job
2015-12-30 01:35 - 2013-05-16 20:50 - 00000000 ____D C:\Users\jdl_000\Documents\Outlook Files
2015-12-30 01:20 - 2013-10-07 16:00 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-30 01:11 - 2013-10-07 14:37 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-30 00:57 - 2015-02-15 13:55 - 00003610 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-166654913-935638154-2365692726-1001
2015-12-30 00:46 - 2014-02-09 17:39 - 00000584 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-166654913-935638154-2365692726-1001.job
2015-12-30 00:00 - 2014-08-13 19:35 - 00000000 ____D C:\Users\jdl_000\AppData\Roaming\gSyncit
2015-12-29 23:32 - 2013-05-21 21:25 - 00000000 ____D C:\Users\jdl_000\AppData\Local\ElevatedDiagnostics
2015-12-29 22:52 - 2013-05-16 21:09 - 00000000 ____D C:\Users\jdl_000\AppData\Local\CrashDumps
2015-12-29 22:37 - 2012-12-25 02:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-29 22:32 - 2015-01-27 13:28 - 00002336 _____ C:\Users\jdl_000\Desktop\Red Total.lnk
2015-12-29 22:30 - 2013-05-16 19:45 - 00000000 ___DO C:\Users\jdl_000\OneDrive
2015-12-29 22:25 - 2015-08-11 15:04 - 00000000 ___RD C:\Users\jdl_000\Google Drive
2015-12-29 19:51 - 2013-06-30 16:01 - 01514496 ___SH C:\Users\jdl_000\Desktop\Thumbs.db
2015-12-29 19:35 - 2015-11-20 17:53 - 00000000 ____D C:\AdwCleaner
2015-12-29 19:21 - 2014-10-02 13:47 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-29 19:21 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-29 17:14 - 2014-06-18 20:39 - 00000000 ____D C:\Users\jdl_000
2015-12-29 17:08 - 2013-11-08 23:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-29 16:21 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-29 15:49 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-29 11:11 - 2013-10-07 14:37 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-26 03:48 - 2013-08-22 10:38 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 03:48 - 2013-08-22 10:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-24 11:44 - 2013-08-22 10:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-24 11:43 - 2014-10-02 14:17 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-23 12:28 - 2013-05-16 19:33 - 00000000 ____D C:\Users\jdl_000\AppData\Local\Packages
2015-12-22 17:37 - 2013-10-07 16:00 - 00002288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-21 20:35 - 2014-11-25 11:58 - 00000874 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-166654913-935638154-2365692726-1001Core.job
2015-12-19 18:47 - 2015-05-30 13:31 - 00003676 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-166654913-935638154-2365692726-1001
2015-12-19 18:47 - 2014-02-09 17:39 - 00003580 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-166654913-935638154-2365692726-1001
2015-12-17 13:47 - 2015-04-06 16:59 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-17 13:47 - 2015-04-06 16:59 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-15 10:40 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-15 10:40 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-13 12:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-13 11:36 - 2013-08-22 09:44 - 00402920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-13 11:34 - 2013-12-01 20:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-13 11:34 - 2013-12-01 20:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 17:20 - 2014-03-18 05:03 - 00907320 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-11 11:34 - 2015-10-28 21:55 - 00000000 ____D C:\ProgramData\System32
2015-12-10 11:34 - 2013-12-01 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 11:32 - 2013-08-15 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 11:18 - 2013-05-22 19:58 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-07 12:56 - 2015-09-25 15:40 - 00000000 ____D C:\Users\jdl_000\Documents\My Scans
2015-12-06 22:39 - 2014-08-06 14:07 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2015-12-06 22:39 - 2014-08-06 13:54 - 00000000 ____D C:\Users\jdl_000\AppData\Roaming\TeamViewer
2015-12-06 22:36 - 2014-06-18 23:29 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-06 22:21 - 2013-05-16 19:34 - 00000000 ____D C:\WINDOWS\pss
2015-12-03 20:30 - 2014-11-25 11:58 - 00003876 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-166654913-935638154-2365692726-1001UA
2015-12-03 20:30 - 2014-11-25 11:58 - 00003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-166654913-935638154-2365692726-1001Core
2015-12-03 15:15 - 2013-10-07 16:00 - 00003888 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 15:15 - 2013-10-07 16:00 - 00003652 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 15:15 - 2013-10-07 16:00 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 10:12 - 2013-05-16 21:48 - 00000000 ____D C:\Users\jdl_000\AppData\Local\Google
2015-12-02 22:46 - 2013-06-04 19:18 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-30 14:19 - 2015-08-11 15:03 - 00002058 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-11-30 14:19 - 2015-08-11 15:03 - 00002056 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-11-30 14:19 - 2015-08-11 15:03 - 00002046 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-11-30 14:19 - 2015-08-11 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
 
==================== Files in the root of some directories =======
 
2013-08-07 10:59 - 2013-11-06 14:37 - 0000288 _____ () C:\Users\jdl_000\AppData\Roaming\MSVdm.dat
2015-02-28 22:54 - 2015-02-28 22:54 - 0000000 _____ () C:\Users\jdl_000\AppData\Local\{0BB890A6-AD2F-4B8D-A278-0FFF179C45F5}
2014-12-30 17:13 - 2014-12-30 17:13 - 0000000 _____ () C:\Users\jdl_000\AppData\Local\{3FAD63D8-B1F7-4BB7-9459-70222E144B01}
2014-10-16 15:38 - 2014-10-16 15:38 - 0000000 _____ () C:\Users\jdl_000\AppData\Local\{475E6448-3EA0-48AA-9013-60DC0B7385AB}
2015-04-23 21:54 - 2015-04-23 21:54 - 0000000 _____ () C:\Users\jdl_000\AppData\Local\{A3215A80-7CF2-40F9-A5AE-6AE3EC89B5D0}
2015-09-12 15:56 - 2015-11-06 13:10 - 0001788 _____ () C:\ProgramData\hpzinstall.log
2013-08-07 10:59 - 2013-11-06 14:37 - 0000288 _____ () C:\ProgramData\PDF2XL-5-2.TrialData
 
Some files in TEMP:
====================
C:\Users\jdl_000\AppData\Local\Temp\dllnt_dump.dll
C:\Users\jdl_000\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-29 22:50
 
==================== End of FRST.txt ============================

 

Attached Files



BC AdBot (Login to Remove)

 


#2 jdlicciardello

jdlicciardello
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:04:01 AM

Posted 30 December 2015 - 11:58 AM

We can close this post because I accidentally made it twice. 



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 AM

Posted 30 December 2015 - 06:45 PM

Duplicate post. Being handled here: http://www.bleepingcomputer.com/forums/t/600859/pumproxy-blocking-kaspersky-and-malwarebytes-database-updates
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 AM

Posted 30 December 2015 - 06:45 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users