Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware Pop-ups in Chrome Browser


  • This topic is locked This topic is locked
17 replies to this topic

#1 sandanista

sandanista

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 28 January 2016 - 05:43 AM

Hello,

I am getting adverts popping up in chrome browser for shopping related services on websites where I wouldn't normally expect popups, such as google.com, live.com, etc. Anti-virus software detects nothing.

 

I ran MBAM and 2 files were detected:

 

Files: 2
PUP.Optional.ReMarkit.PrxySvrRST, C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage, Delete-on-Reboot, [49b89ba4950454e2e32e3cc6c53fc040], 
PUP.Optional.ReMarkit.PrxySvrRST, C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal, Quarantined, [6e93bd82a2f769cd40d19270d92b9b65], 
 
As instructed I restarted my computer, I still have the problem, now MBAM says it detects 8 files, but 0 are quarantined and I can't get a log for them.
 
Here is the FRST log:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by ME (administrator) on WIN-8RTV1EUU18L (28-01-2016 10:34:02)
Running from C:\Users\ME\Desktop
Loaded Profiles: ME (Available Profiles: ME)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3874216 2016-01-08] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-07-14]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3B8D625E-1E37-40F3-AE33-9EBD18F46C96}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{61BE1086-B267-485A-917F-CBFB5AAC616D}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2459536500-2586855991-2858596570-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-01-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-20] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-01-20] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\ME\AppData\Roaming\Mozilla\Firefox\Profiles\ge5dxxm8.default-1439843171663
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2459536500-2586855991-2858596570-1000: @citrixonline.com/appdetectorplugin -> C:\Users\ME\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-04] (Citrix Online)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Webpage Screenshot) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-01-05]
CHR Extension: (Google Search) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (ShareMetric) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhnijlahkclijpefbcimahdcgcjbmnnp [2015-10-19]
CHR Extension: (Capture Webpage Screenshot Entirely. FireShot) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Responsive Web Design Tester) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\objclahbaimlfnbjdeobicmmlnbhamkg [2016-01-10]
CHR Extension: (Gmail) - C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [627544 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3906568 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [583936 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-20] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-29] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-05] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-05] (Ralink Technology, Corp.) [File not signed]
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-07] (Ralink) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [258480 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-28 10:34 - 2016-01-28 10:34 - 00016546 _____ C:\Users\ME\Desktop\FRST.txt
2016-01-28 10:33 - 2016-01-28 10:33 - 00000000 ____D C:\Users\ME\Desktop\FRST-OlderVersion
2016-01-28 10:27 - 2016-01-28 10:27 - 00001453 _____ C:\mbam.txt
2016-01-28 10:09 - 2016-01-28 10:09 - 01636314 _____ C:\Users\ME\Downloads\Monitoring Treatment.pdf
2016-01-28 10:09 - 2016-01-28 10:09 - 00335702 _____ C:\Users\ME\Downloads\IPR.pdf
2016-01-28 10:09 - 2016-01-28 10:09 - 00306633 _____ C:\Users\ME\Downloads\Impressions.pdf
2016-01-28 10:09 - 2016-01-28 10:09 - 00263097 _____ C:\Users\ME\Downloads\Pictures.pdf
2016-01-28 10:09 - 2016-01-28 10:09 - 00261225 _____ C:\Users\ME\Downloads\Placing Attachments.pdf
2016-01-28 10:08 - 2016-01-28 10:08 - 03333476 _____ C:\Users\ME\Downloads\10 key points for Effective Clincheck Software Communication.pdf
2016-01-26 21:26 - 2016-01-26 21:26 - 00002458 _____ C:\Windows\System32\Tasks\0116avzUpdateInfo
2016-01-26 21:26 - 2016-01-26 21:26 - 00000346 _____ C:\Windows\Tasks\0116avzUpdateInfo.job
2016-01-26 21:26 - 2016-01-26 21:26 - 00000000 ____D C:\ProgramData\Avg_Update_0116avz
2016-01-21 09:51 - 2016-01-21 09:51 - 00000150 _____ C:\Users\ME\Desktop\jf passes.txt
2016-01-21 07:42 - 2016-01-21 07:42 - 77152632 _____ C:\Users\ME\Downloads\backup-1.21.2016_07-41-26_johnfagb.tar.gz
2016-01-19 08:52 - 2016-01-19 08:52 - 04107109 _____ C:\Users\ME\Desktop\INV MC 2.pdf
2016-01-13 07:32 - 2016-01-13 07:32 - 00000000 ____D C:\Users\ME\AppData\Roaming\MPC-HC
2016-01-13 07:05 - 2015-12-23 23:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 07:05 - 2015-12-23 22:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 07:05 - 2015-12-12 18:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 07:05 - 2015-12-12 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 07:05 - 2015-12-12 18:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 07:05 - 2015-12-12 18:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 07:05 - 2015-12-12 18:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 07:05 - 2015-12-12 18:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 07:05 - 2015-12-12 18:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 07:05 - 2015-12-12 18:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 07:05 - 2015-12-12 18:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 07:05 - 2015-12-12 17:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 07:05 - 2015-12-12 17:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 07:05 - 2015-12-12 17:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 07:05 - 2015-12-12 17:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 07:05 - 2015-12-12 17:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 07:05 - 2015-12-12 17:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 07:05 - 2015-12-12 17:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 07:05 - 2015-12-12 17:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 07:05 - 2015-12-12 17:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 07:05 - 2015-12-12 17:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 07:05 - 2015-12-12 17:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 07:05 - 2015-12-12 17:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 07:05 - 2015-12-12 17:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 07:05 - 2015-12-12 17:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 07:05 - 2015-12-12 17:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 07:05 - 2015-12-12 17:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 07:05 - 2015-12-12 17:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 07:05 - 2015-12-12 17:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 07:05 - 2015-12-12 17:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 07:05 - 2015-12-12 17:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 07:05 - 2015-12-12 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 07:05 - 2015-12-12 17:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 07:05 - 2015-12-12 17:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 07:05 - 2015-12-12 17:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 07:05 - 2015-12-12 17:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 07:05 - 2015-12-12 17:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 07:05 - 2015-12-12 17:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 07:05 - 2015-12-12 17:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 07:05 - 2015-12-12 17:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 07:05 - 2015-12-12 17:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 07:05 - 2015-12-12 16:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 07:05 - 2015-12-12 16:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 07:05 - 2015-12-11 18:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 07:05 - 2015-12-08 21:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 07:05 - 2015-12-08 21:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 07:05 - 2015-12-08 21:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 07:05 - 2015-12-08 21:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 07:05 - 2015-12-08 21:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 07:05 - 2015-12-08 21:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 07:05 - 2015-12-08 21:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 07:05 - 2015-12-08 21:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 07:05 - 2015-12-08 21:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 07:05 - 2015-12-08 21:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 07:05 - 2015-12-08 19:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 07:05 - 2015-12-08 19:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 07:05 - 2015-12-08 19:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 07:05 - 2015-12-08 19:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 07:05 - 2015-12-08 19:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 07:05 - 2015-12-08 19:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 07:05 - 2015-12-08 18:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 07:05 - 2015-12-08 18:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 07:05 - 2015-12-08 18:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 07:05 - 2015-12-08 17:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 07:05 - 2015-11-13 23:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 07:05 - 2015-11-13 23:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 07:05 - 2015-11-13 23:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 07:05 - 2015-11-13 22:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 07:05 - 2015-11-13 22:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 07:05 - 2015-11-13 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 07:04 - 2015-12-30 19:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 07:04 - 2015-12-30 19:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 07:04 - 2015-12-30 19:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 07:04 - 2015-12-30 19:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 07:04 - 2015-12-30 19:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 07:04 - 2015-12-30 19:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 07:04 - 2015-12-30 19:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 07:04 - 2015-12-30 19:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 07:04 - 2015-12-30 19:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 07:04 - 2015-12-30 19:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 07:04 - 2015-12-30 19:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 07:04 - 2015-12-30 19:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 07:04 - 2015-12-30 19:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 07:04 - 2015-12-30 19:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 07:04 - 2015-12-30 19:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 07:04 - 2015-12-30 19:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 07:04 - 2015-12-30 19:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 07:04 - 2015-12-30 19:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 07:04 - 2015-12-30 18:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 07:04 - 2015-12-30 18:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 07:04 - 2015-12-30 18:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 07:04 - 2015-12-30 18:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 07:04 - 2015-12-30 18:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 07:04 - 2015-12-30 18:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 07:04 - 2015-12-30 18:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 07:04 - 2015-12-30 18:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 07:04 - 2015-12-30 18:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 07:04 - 2015-12-30 18:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 07:04 - 2015-12-30 18:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 07:04 - 2015-12-30 18:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 07:04 - 2015-12-30 18:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 07:04 - 2015-12-30 18:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 07:04 - 2015-12-30 18:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 07:04 - 2015-12-30 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 07:04 - 2015-12-30 18:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 07:04 - 2015-12-30 18:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 07:04 - 2015-12-30 18:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 07:04 - 2015-12-30 18:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 07:04 - 2015-12-30 18:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 07:04 - 2015-12-30 18:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 17:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 07:04 - 2015-12-30 17:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 07:04 - 2015-12-30 17:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 07:04 - 2015-12-30 17:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 07:04 - 2015-12-30 17:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 07:04 - 2015-12-30 17:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 07:04 - 2015-12-30 17:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 07:04 - 2015-12-30 17:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 07:04 - 2015-12-30 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 07:04 - 2015-12-30 17:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 07:04 - 2015-12-30 17:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 07:04 - 2015-12-30 17:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 07:04 - 2015-12-30 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 07:04 - 2015-12-30 17:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 07:04 - 2015-12-30 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:04 - 2015-12-30 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:04 - 2015-12-12 18:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 07:04 - 2015-12-12 18:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 07:04 - 2015-12-12 18:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 07:04 - 2015-12-12 18:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 07:04 - 2015-12-12 18:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 07:04 - 2015-12-12 18:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 07:04 - 2015-12-12 18:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 07:04 - 2015-12-12 18:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 07:04 - 2015-12-12 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 07:04 - 2015-12-12 17:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 07:04 - 2015-12-12 17:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 07:04 - 2015-12-12 17:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 07:04 - 2015-12-12 17:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 07:04 - 2015-12-12 17:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 07:04 - 2015-12-12 17:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 07:04 - 2015-12-12 17:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 07:04 - 2015-12-12 17:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 07:04 - 2015-12-12 17:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 07:04 - 2015-12-12 16:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 07:04 - 2015-12-12 16:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 07:04 - 2015-12-12 16:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 07:04 - 2015-12-08 21:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 07:04 - 2015-12-08 21:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 07:04 - 2015-12-08 19:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 07:04 - 2015-12-08 19:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 07:04 - 2015-11-17 01:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 07:04 - 2015-11-17 01:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 07:04 - 2015-11-17 01:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 07:04 - 2015-11-17 01:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 07:04 - 2015-11-17 01:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 07:04 - 2015-11-17 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 07:04 - 2015-11-16 20:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-09 18:31 - 2016-01-09 18:31 - 00043240 _____ C:\Users\ME\Downloads\Varela_Round.zip
2016-01-09 18:31 - 2016-01-09 18:31 - 00000000 ____D C:\Users\ME\Downloads\Varela_Round
2016-01-09 18:20 - 2016-01-09 18:20 - 00000000 ____D C:\Users\ME\Downloads\codecanyon-2751380-slider-revolution-responsive-wordpress-plugin (1)
2016-01-09 18:17 - 2016-01-09 18:19 - 214666508 _____ C:\Users\ME\Downloads\codecanyon-2751380-slider-revolution-responsive-wordpress-plugin (1).zip
2016-01-07 08:34 - 2016-01-07 08:34 - 00000000 ____D C:\Users\ME\Downloads\JF Home - new hero image
2016-01-06 23:22 - 2016-01-06 23:22 - 00002547 _____ C:\Users\ME\Downloads\Receipt-221452253-511.html
2016-01-06 12:46 - 2016-01-06 12:47 - 07587412 _____ C:\Users\ME\Downloads\JF Home - new hero image.zip
2016-01-03 15:57 - 2016-01-03 15:57 - 04646952 _____ C:\Users\ME\Desktop\Queenswy_Orthodontics_treatment_guide.pdf
2015-12-30 23:46 - 2015-12-30 23:46 - 71236053 _____ C:\Users\ME\Downloads\backup-12.30.2015_19-05-30_johnfagb.tar.gz
2015-12-30 13:53 - 2015-12-30 13:53 - 07133153 _____ C:\Users\ME\Desktop\ALDentalGuide_2015.pdf
2015-12-30 12:14 - 2015-12-30 23:48 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{a053d0bf-aecd-11e5-a3ae-d43d7ef56bd1}.TMContainer00000000000000000002.regtrans-ms
2015-12-30 12:14 - 2015-12-30 23:48 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{a053d0bf-aecd-11e5-a3ae-d43d7ef56bd1}.TMContainer00000000000000000001.regtrans-ms
2015-12-30 12:14 - 2015-12-30 23:48 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{a053d0bf-aecd-11e5-a3ae-d43d7ef56bd1}.TM.blf
2015-12-29 22:47 - 2015-12-29 22:47 - 00000228 _____ C:\Users\ME\Desktop\urls dental.txt
2015-12-29 16:39 - 2015-12-29 16:39 - 00170813 _____ C:\Users\ME\Downloads\republish-old-posts-pro.zip
2015-12-29 08:19 - 2015-12-29 09:27 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{548923b8-ae04-11e5-a0bc-d43d7ef56bd1}.TMContainer00000000000000000002.regtrans-ms
2015-12-29 08:19 - 2015-12-29 09:27 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{548923b8-ae04-11e5-a0bc-d43d7ef56bd1}.TMContainer00000000000000000001.regtrans-ms
2015-12-29 08:19 - 2015-12-29 09:27 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{548923b8-ae04-11e5-a0bc-d43d7ef56bd1}.TM.blf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-28 10:34 - 2015-11-01 17:21 - 00000000 ____D C:\FRST
2016-01-28 10:33 - 2015-11-05 22:28 - 02370560 _____ (Farbar) C:\Users\ME\Desktop\FRST64.exe
2016-01-28 10:31 - 2015-08-26 19:01 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-28 10:00 - 2014-08-06 22:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-28 09:41 - 2014-09-04 13:01 - 00000532 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2459536500-2586855991-2858596570-1000.job
2016-01-28 09:37 - 2014-07-14 12:48 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 09:14 - 2009-07-14 04:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-28 09:14 - 2009-07-14 04:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-28 09:10 - 2014-07-16 04:10 - 00000000 ____D C:\ProgramData\MFAData
2016-01-28 08:43 - 2015-06-05 15:08 - 00000628 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2459536500-2586855991-2858596570-1000.job
2016-01-28 07:53 - 2014-08-11 11:29 - 00000000 ____D C:\Users\ME\AppData\Local\Adobe
2016-01-28 07:41 - 2014-07-14 12:48 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-28 07:41 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-22 14:33 - 2009-07-14 05:13 - 00803274 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-22 14:33 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2016-01-22 11:07 - 2014-07-16 04:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-01-21 13:17 - 2014-08-11 11:03 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-01-21 13:17 - 2014-08-11 11:03 - 00001178 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-01-21 13:17 - 2014-08-11 11:03 - 00000000 ____D C:\Program Files\paint.net
2016-01-21 13:13 - 2013-10-15 12:34 - 00795396 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-01-21 12:12 - 2014-08-19 08:31 - 00000000 ____D C:\Users\ME\AppData\Roaming\vlc
2016-01-21 00:22 - 2015-03-09 10:20 - 00001789 _____ C:\Users\Public\Desktop\Blue Sky Plan 3.lnk
2016-01-20 20:07 - 2015-06-05 15:08 - 00003666 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2459536500-2586855991-2858596570-1000
2016-01-20 20:07 - 2014-09-04 13:01 - 00003570 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2459536500-2586855991-2858596570-1000
2016-01-20 19:45 - 2014-09-21 20:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-20 19:44 - 2014-09-21 20:24 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-20 19:32 - 2014-08-06 03:39 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1407296349
2016-01-20 19:32 - 2014-08-06 03:39 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-20 19:27 - 2015-07-14 22:24 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-20 11:00 - 2015-07-14 22:24 - 00003894 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-20 11:00 - 2014-08-06 22:01 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 11:00 - 2014-08-06 22:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 11:00 - 2014-08-06 22:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 07:48 - 2014-07-14 12:48 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-19 07:35 - 2014-07-16 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Sky Plan 3
2016-01-19 07:35 - 2014-07-16 03:46 - 00000000 ____D C:\Program Files\BlueSkyPlan3
2016-01-13 22:00 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2016-01-13 20:39 - 2009-07-14 04:45 - 00516152 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-13 20:36 - 2015-04-16 07:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 20:36 - 2015-04-16 07:06 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-13 08:40 - 2013-10-15 13:44 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 08:36 - 2013-10-15 13:44 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 00:00 - 2015-03-15 23:44 - 00001456 _____ C:\Users\ME\AppData\Local\Adobe Save for Web 12.0 Prefs
2016-01-10 10:33 - 2014-07-16 04:20 - 00000000 ____D C:\Users\ME\AppData\Local\ElevatedDiagnostics
2016-01-09 19:13 - 2013-10-16 08:31 - 00115504 _____ C:\Users\ME\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-09 16:16 - 2015-08-19 12:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-09 16:16 - 2015-08-19 12:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-09 08:49 - 2015-08-19 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-06 22:16 - 2015-11-24 09:10 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-01-06 22:16 - 2015-11-24 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-02 15:30 - 2015-12-21 10:19 - 00000000 ____D C:\Users\ME\AppData\Roaming\Anvsoft
2015-12-30 11:23 - 2015-02-21 13:18 - 00000000 ____D C:\Users\ME\Desktop\Life Life
2015-12-29 00:21 - 2015-12-28 16:41 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{31696039-ad81-11e5-a409-d43d7ef56bd1}.TMContainer00000000000000000002.regtrans-ms
2015-12-29 00:21 - 2015-12-28 16:41 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{31696039-ad81-11e5-a409-d43d7ef56bd1}.TMContainer00000000000000000001.regtrans-ms
2015-12-29 00:21 - 2015-12-28 16:41 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{31696039-ad81-11e5-a409-d43d7ef56bd1}.TM.blf
 
==================== Files in the root of some directories =======
 
2015-10-29 10:31 - 2015-10-29 10:31 - 0000132 _____ () C:\Users\ME\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-15 23:44 - 2016-01-13 00:00 - 0001456 _____ () C:\Users\ME\AppData\Local\Adobe Save for Web 12.0 Prefs
 
Some files in TEMP:
====================
C:\Users\ME\AppData\Local\Temp\avguirn_08101931225.exe
C:\Users\ME\AppData\Local\Temp\avguirn_08483342806.exe
C:\Users\ME\AppData\Local\Temp\paint.net.4.0.9.install.exe
C:\Users\ME\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-19 19:55
 
==================== End of FRST.txt ============================
 
And the Addition log:
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by ME (2016-01-28 10:34:24)
Running from C:\Users\ME\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-07-14 19:59:08)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2459536500-2586855991-2858596570-500 - Administrator - Disabled)
Guest (S-1-5-21-2459536500-2586855991-2858596570-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2459536500-2586855991-2858596570-1002 - Limited - Enabled)
ME (S-1-5-21-2459536500-2586855991-2858596570-1000 - Administrator - Enabled) => C:\Users\ME
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.31.7357 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.31.7357 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Blue Sky Plan 3.29.28 (HKLM\...\{654872EF-14DC-4937-A849-4BC06163A896}_is1) (Version:  - Blue Sky Bio, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version:  - Canon Inc.)
CDT2STL 1.0 (HKLM-x32\...\{931F4005-1CF8-435A-AE78-652E75F75B03}_is1) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson User's Guide Epson Perfection V550 Photo (HKLM-x32\...\Epson Perfection V550 Photo Useg) (Version:  - )
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GoToMeeting 7.9.0.4288 (HKU\S-1-5-21-2459536500-2586855991-2858596570-1000\...\GoToMeeting) (Version: 7.9.0.4288 - CitrixOnline)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
K-Lite Mega Codec Pack 10.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4787.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2459536500-2586855991-2858596570-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-GB)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Opera Stable 34.0.2036.50 (HKLM-x32\...\Opera 34.0.2036.50) (Version: 34.0.2036.50 - Opera Software)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.24.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2459536500-2586855991-2858596570-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2459536500-2586855991-2858596570-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0FB17C92-6719-4871-8D44-C4A0DF898DBA} - System32\Tasks\AdobeAAMUpdater-1.0-WIN-8RTV1EUU18L-ME => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {1C0A332B-4337-45BF-ADB3-C64C6D32BAE3} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: {1CA55ECF-4C1A-4948-821F-2E7CE667F715} - System32\Tasks\G2MUploadTask-S-1-5-21-2459536500-2586855991-2858596570-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\4288\g2mupload.exe [2016-01-20] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {25566534-4FF6-4E49-B40B-85473833FEF8} - System32\Tasks\0614aUpdateInfo => C:\ProgramData\Avg_Update_0614a\0614a_AVG-Secure-Search-Update.exe [2014-06-19] ()
Task: {28E69B9D-664C-43F2-A728-DF72A7F363C2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-01-20] (Microsoft Corporation)
Task: {3A4CF503-525F-453E-A7AD-CCBBB5A41F94} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {3BE786A7-B9A1-41C5-828A-08FCBAFFD296} - System32\Tasks\0915avUpdateInfo => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: {4570D6C2-856C-4B82-89A5-72C594286C0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5CC32A3C-8F6A-409C-8E25-70DB9FE8CFE7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {64209501-953B-4FCE-8138-459F72C8EF46} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {72E27848-2C9C-4D25-9C19-8A9D66E40A58} - System32\Tasks\1214avUpdateInfo => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: {81E1BAA7-908A-4FC7-9BAE-F42D448F3741} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {94DE6AD0-7947-43BA-86D9-39EF7A2B659D} - System32\Tasks\0215avUpdateInfo => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe
Task: {9941F1E5-B016-4524-B6DA-528DBC8E44D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {B65356FA-1512-4129-B108-DF0DB21B16B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {BC09513F-0539-416F-9859-0D48CBBD08BB} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: {BE0A4558-C616-435C-A190-5D8E50634AD5} - System32\Tasks\0715avUpdateInfo => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: {BFA8317E-3941-4C92-949E-340CBC33A907} - System32\Tasks\0615pizUpdateInfo => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe [2015-11-03] ()
Task: {C93FB847-C759-4D8A-8801-16DF91CE8BEF} - System32\Tasks\G2MUpdateTask-S-1-5-21-2459536500-2586855991-2858596570-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\4288\g2mupdate.exe [2016-01-20] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E86EF156-E80D-41CE-A88E-C1A6A70F436A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {EC458DF4-2CC3-436B-B1F1-B5EEEDFC9884} - System32\Tasks\0116avzUpdateInfo => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe [2016-01-10] ()
Task: {F3EB6FDD-ADE0-4844-BD72-1837B0E775E9} - System32\Tasks\0415avUpdateInfo => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: {F5137DD7-85C2-4D02-9686-AD930EC8919E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {FE6D16B2-A1DD-4078-82E5-1D9722E9A3F6} - System32\Tasks\Opera scheduled Autoupdate 1407296349 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {FED951F2-1D88-48DC-B792-5D922F9AD4F8} - System32\Tasks\0615avUpdateInfo => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\0116avzUpdateInfo.job => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0215avUpdateInfo.job => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0614aUpdateInfo.job => C:\ProgramData\Avg_Update_0614a\0614a_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615pizUpdateInfo.job => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1214avUpdateInfo.job => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2459536500-2586855991-2858596570-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\4288\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2459536500-2586855991-2858596570-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\4288\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-28 14:35 - 2015-09-01 16:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-21 20:24 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-14 13:00 - 2012-11-27 18:12 - 01210256 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2015-11-24 09:09 - 2015-11-24 09:09 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-01-19 07:48 - 2016-01-12 16:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-19 07:48 - 2016-01-12 16:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
2016-01-20 01:05 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\ME\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll
2014-07-14 12:49 - 2013-05-16 23:06 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2015-11-05 22:32 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2459536500-2586855991-2858596570-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ME\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{1B05D1F2-3423-492C-B685-8D59C66D5711}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{1D5D272E-CBEF-462B-988D-F3DABA3EC794}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{96F1D73D-5DE9-4002-82F8-3C498818F141}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{7F75B7A3-2F08-4D48-85AE-270CB0C4D8CB}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{358A63C8-4114-4660-884E-5AE191C83F90}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{5A66EFB2-5EF0-4AC0-9132-6B69ECDC8F6E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{9E4D7DC6-ADD9-4842-961D-D24EC56263B5}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{22DDCBD5-7B4F-4D55-A1D0-3C9A85955EDE}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{02FB0E2A-3606-46F3-AB23-17F39AE089E1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{0B2B8086-C5F9-4BA1-AE9F-1363BB8D04EC}] => (Allow) C:\Users\ME\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{E5A567E3-C477-4431-862F-4E9B1308D051}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{236DDB62-AE6D-4CDA-8005-9FB25B24B232}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{749599A7-2338-4717-A1D3-CE46BBB59747}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{42941589-0091-4175-B28F-2C5361953B26}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{61EF2C66-6421-428A-AD55-EA8F59E219D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FC195048-0A15-41C4-9B09-CE1FE5DDB825}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{91D5E284-7BC8-4609-816D-D776D4492375}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3701EEDF-E1AC-46EC-8357-93ED28BF4017}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{493B9C9B-F358-410D-A8FC-94A885BE929F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{38274AEB-2359-4301-8F13-DB478FDD8700}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{B7D4E51D-4D14-4C02-B3BA-A2F1903A8D6D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{04FC7AAF-CF09-401F-99E9-01AE75D452ED}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{1A8DC1D7-0D79-4F81-A7C2-377D436FA5F3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{594C4BA3-3C91-4212-AD81-7C77BB4C1A8F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6803FFCB-42EC-4E55-BB9C-BAF33CBF4898}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9446897-206E-41B4-B8C4-118C3ADA0130}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{696E309D-DF78-4E01-887D-88402F751358}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{103FEAF5-DF77-4FE4-9978-57749DCCC1F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F79BB25F-579F-4F48-8A83-517E60BA77C0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B19AFC1E-570D-49C4-B4D5-A11B5A771563}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BA515A71-75F8-432F-8D2F-E0AC8533B469}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{72A0970F-5F25-47C6-B54E-3FA2C5FDF61D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5F0D06B6-DAC2-4E2E-9640-1A7EAD873FD0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{C679778A-5B91-43DE-AC8D-652CA433288F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{B348850D-9E0F-4A36-AC0D-FF8A7E330435}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{8BC76ED3-A05F-48D2-A565-B579D0354D36}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
 
==================== Restore Points =========================
 
26-01-2016 22:13:47 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/28/2016 07:42:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/28/2016 07:22:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/27/2016 07:14:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/26/2016 09:23:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/26/2016 09:19:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/25/2016 09:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/25/2016 08:08:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/25/2016 11:08:30 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7092.  Message ID: [0x2509].
 
Error: (01/25/2016 10:56:15 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 6272.  Message ID: [0x2509].
 
Error: (01/25/2016 10:44:15 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7564.  Message ID: [0x2509].
 
 
System errors:
=============
Error: (01/26/2016 10:14:44 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{3B8D625E-1E37-40F3-AE33-9EBD18F46C96}.
The backup browser is stopping.
 
Error: (01/25/2016 08:09:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Security Center service terminated with the following error: 
%%1747
 
Error: (01/25/2016 09:01:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MSI_Trigger_Service service failed to start due to the following error: 
%%1053
 
Error: (01/25/2016 09:01:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MSI_Trigger_Service service to connect.
 
Error: (01/25/2016 01:17:02 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVG WatchDog service did not shut down properly after receiving a preshutdown control.
 
Error: (01/24/2016 05:13:31 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (01/24/2016 03:45:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
%%1053
 
Error: (01/24/2016 03:45:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (01/22/2016 11:08:00 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
 
Error: (01/21/2016 01:23:36 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 30%
Total physical RAM: 16262.06 MB
Available physical RAM: 11296.48 MB
Total Virtual: 32522.33 MB
Available Virtual: 28302.88 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:931.41 GB) (Free:124.32 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
Drive f: (Lexar) (Removable) (Total:29.24 GB) (Free:5.81 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 16396F3E)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 29.3 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=29.2 GB) - (Type=0C)
 
==================== End of Addition.txt ============================

 

 

Thank you for your help/



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:15 AM

Posted 28 January 2016 - 06:44 PM

Greetings sandanista and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Just confirming your issues are only with Chrome and other browsers work fine?

Please do this.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed youi will see Pending. Please check elements you don't want to remove above the progress bar
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

Junkware Removal Tool

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
  • Check the performance of Chrome before moving onto the next step
===================================================

Launching Chrome Without Plugins or Extensions

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type in chrome --incognito and press Enter
  • Check the browser behavior
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Chrome behavior before and after incognito
  • Other browser performance?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 sandanista

sandanista
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 30 January 2016 - 05:43 AM

Hi Gary,

Thanks so much for your help on this one. Yes to date I have only experienced this issue in Chrome Browser as this is my default browser, I stopped using this machine as much as possible when I noticed the problem, although I did not experience any problems when I briefly used Opera and IE.

 

I ran both programs and the logs are pasted below. Chrome seems fine in Incognito and also seems OK in normal mode too. The issue I was getting previously wasn't constant but every now and again I would get a strange pop-up or advert. I have tried to test Chrome as much as possible and I think it is OK now. I have tested Opera, IE and Firefox and they seem OK too.

 

Here are the logs.

 

AdwCleaner:

 

# AdwCleaner v5.031 - Logfile created 30/01/2016 at 10:12:56
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : ME - WIN-8RTV1EUU18L
# Running from : C:\Users\ME\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage
[-] File Deleted : C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal
[-] File Deleted : C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage
[-] File Deleted : C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
 
***** [ Web browsers ] *****
 
[-] [C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\ME\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1575 bytes] ##########
 
 
 
 
Junkware:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64 
Ran by ME (Administrator) on 30/01/2016 at 10:15:11.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 32 
 
Successfully deleted: C:\Windows\system32\Tasks\0215avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\0415avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\0615avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\0715avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\0814avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\0915avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\1114avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\1214avUpdateInfo (Task)
Successfully deleted: C:\Windows\Tasks\0215avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\Tasks\0415avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\Tasks\0615avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\Tasks\0715avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\Tasks\0814avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\Tasks\0915avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\Tasks\1114avUpdateInfo.job (Task) 
Successfully deleted: C:\Windows\Tasks\1214avUpdateInfo.job (Task) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2QTKYZJY (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\333X7R3E (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\366FEBON (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\44EPBMV6 (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KDS7U16 (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8SWG1K0F (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8X2DH731 (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98SIEXAC (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLLVOOH4 (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CUY5NFRO (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DMMG659X (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E869TCZK (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HMHJC800 (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MJYCVM0N (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V408282V (Folder) 
Successfully deleted: C:\Users\ME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKX3UVRO (Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/01/2016 at 10:19:34.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:15 AM

Posted 30 January 2016 - 09:05 AM

Excellent, let's monitor your machine for a day and in the meantime please do this.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click Run ESET Online Scanner.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check YES, I accept the Terms of Use.
  • Click the Start button.
  • Click Enable detection of potentially unwanted applications
  • Accept any security warnings from your browser.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Check Uninstall application on close and Delete quarantined files
  • Click the Finish button.
  • Close the ESET window and reboot your computer
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Check log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 sandanista

sandanista
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 01 February 2016 - 07:17 PM

Hi Gary,

Thanks for the reply, sorry for the delay, I am running those scans now.



#6 sandanista

sandanista
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 02 February 2016 - 04:07 AM

Hello,

 

ESET found no malware so did not produce a log.

 

Here is the security check log:

 

 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
AVG AntiVirus Free Edition   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 20.0.0.286  
 Mozilla Firefox (41.0.1) 
 Google Chrome (47.0.2526.111) 
 Google Chrome (48.0.2564.97) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 
Computer seems to be running fine now.
Thanks.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:15 AM

Posted 02 February 2016 - 09:03 AM

Thank you, please do this.

===================================================

Troubleshooting Through Device Manager

----------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type devmgmt.msc and press Enter
  • Expand the Disk drives section by clicking + sign
  • Please list all the entries located under this category
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Drive information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 sandanista

sandanista
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 02 February 2016 - 03:05 PM

Hello,

It says:

 

ST1000DM003-1ER162 ATA Device

 

There is only 1 entry,

Thanks



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:15 AM

Posted 02 February 2016 - 04:02 PM

Thanks, I needed to verify that information before posting this.

===================================================

Checking Disk Fragmentation Level

--------------------
  • Click Start, then type Disk Defragmenter
  • Click Disk Defragmenter and allow the window to appear
  • Under Current status select the C: drive
  • Click Analyze disk
  • If recommended click Defragment disk
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did the defrag complete successfully?
  • Any remaining issues?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 sandanista

sandanista
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 03 February 2016 - 04:04 AM

Hello, Everything seems OK. I ran disk defrag and it seems to have completed however it says C drive is 1% fragmented still. Should I run it again? Thanks.

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:15 AM

Posted 03 February 2016 - 11:49 AM

No, 1% shouldn't affect anything. Looks like we are all set.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and you may delete any programs or logs on your computer as a result of our efforts. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder. For everything else you simply delete the log files or desktop icons.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:I will leave this topic open for just a brief period of time in case you have any further issues then it will be closed shortly thereafter.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 sandanista

sandanista
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 03 February 2016 - 06:08 PM

Hi,

Thank you so much for all your help. I don't know if this is even an issue but my browser started running really slow today, no popups or anything, but I ran MBAM again and this is what it gave me:

 

Threat Scan: 0 threat(s) successfully quarantined 
Time to Complete Scan: 00:04:11
Items Scanned: 349,492
Threats Identified: 4 
 
Can you give me some advice on this please?
Thanks again for everything


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:15 AM

Posted 03 February 2016 - 06:13 PM

It depends on what the "threats" are. Can you click the Logs tab and look at the report? Let me know what was detected.

In addition, please repeat the Chrome incognito step and let me know if it is any better.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 sandanista

sandanista
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 03 February 2016 - 06:44 PM

Everything works great in Incognito. For some reason in normal Chrome I can't submit anything in web forms. For example, I can't reply to this topic, only in Incognito mode.
 
Here is the MBAM log. I think things are clean.
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 03/02/2016
Scan Time: 22:56
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.02.03.06
Rootkit Database: v2016.01.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ME
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349492
Time Elapsed: 4 min, 11 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Disabled
Heuristics: Disabled
PUP: Disabled
PUM: Disabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:15 AM

Posted 03 February 2016 - 08:31 PM

That looks like a new scan. However it appears you have a corruption in Chrome. Please do this.

===================================================

Manually Troubleshooting Google Chrome Plug-ins and Extensions

--------------------
  • Launch Chrome normally
  • In the address bar type chrome://plugins and press Enter
  • Click Disable on all plugins
  • Enable one plugin at a time, restart Chrome and check the performance
  • In the address bar type chrome://extensions and press Enter
  • Uncheck any checked items
  • Enable one extension at a time, restart Chrome and check the performance
  • Identify and report any plugins or extensions causing problems
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users