Okay, before I download the Farbar scan, why am I downloading the 32-bit instead of the 64-bit?
Printable View
Okay, before I download the Farbar scan, why am I downloading the 32-bit instead of the 64-bit?
Download the version that's appropriate for your machine. 32 Bit for a 32 Bit machine or 64Bit For a 64Bit machine.
Ah. Good catch, Darryl. I should have looked at the AdwCleaner header where it displayed the OS version. See below:
Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
HiJackThis is misleading as it displays the x86 folder which is an indication of a 32-bit system.
Yes. Do as Joe points out and install the 64-bit version. If you had installed the 32-bit, nothing would have happened. It just wouldn't have ran.
Sorry about that.
Thanks Joe for jumping in... :)
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by Owner (administrator) on OWNER-PC on 09-12-2014 21:05:36
Running from C:\Users\Owner\Desktop
Loaded Profile: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Dell) C:\Users\Owner\AppData\Local\Apps\2.0\TX6V8N86.DD3\VB93Q1V6.HW7\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2013-01-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Run: [DellSystemDetect] => C:\Users\Owner\AppData\Local\Apps\2.0\TX6V8N86.DD3\VB93Q1V6.HW7\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-12-01] (Dell)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\RunOnce: [Adobe Speed Launcher] => 1418178547
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-170707502-607240467-3261361461-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
HKU\S-1-5-21-170707502-607240467-3261361461-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite....x/qtplugin.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/soft...02/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/soft...3/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/soft...0321/CTPID.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\s9xvr6t7.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.3.12\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn [2014-12-09]
Chrome:
=======
CHR HomePage: Default -> hxxp://att.yahoo.com/
CHR StartupUrls: Default -> "hxxp://att.yahoo.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-30]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-30]
CHR Extension: (Yahoo Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2013-12-19]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-30] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-03-28] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20141203.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [43664 2014-11-15] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20141208.001\IDSvia64.sys [637656 2014-11-17] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\ENG64.SYS [129752 2014-12-09] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\EX64.SYS [2137304 2014-12-09] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SRTSP; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 Svk2pl; C:\Windows\System32\DRIVERS\Svk2pl64.sys [97280 2010-04-01] (Gigaware)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2014-08-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-02] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2014-08-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-09 21:05 - 2014-12-09 21:06 - 00018613 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-12-09 21:05 - 2014-12-09 21:05 - 02119680 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-12-09 21:05 - 2014-12-09 21:05 - 00000000 ____D () C:\FRST
2014-12-09 18:54 - 2014-12-09 20:01 - 00000000 ____D () C:\AdwCleaner
2014-12-09 18:53 - 2014-12-09 18:53 - 02166272 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe
2014-12-09 14:20 - 2014-12-09 14:20 - 00010303 _____ () C:\Users\Owner\Downloads\hijackthis.log
2014-12-09 14:17 - 2014-12-09 14:17 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HijackThis.exe
2014-12-09 13:44 - 2014-12-09 18:16 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-09 13:43 - 2014-12-09 13:43 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-09 13:43 - 2014-12-09 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-09 13:43 - 2014-12-09 13:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-09 13:43 - 2014-12-09 13:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-09 13:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-09 13:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-12-09 13:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-12-09 13:41 - 2014-12-09 13:41 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-09 13:11 - 2014-12-09 13:11 - 00000000 ____D () C:\SUPERDelete
2014-12-09 13:06 - 2014-12-09 13:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2014-12-09 13:05 - 2014-12-09 13:06 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-09 13:05 - 2014-12-09 13:05 - 00001770 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-12-09 13:05 - 2014-12-09 13:05 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-09 13:05 - 2014-12-09 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-09 13:03 - 2014-12-09 13:03 - 20648488 _____ (SUPERAntiSpyware) C:\Users\Owner\Downloads\SUPERAntiSpyware.exe
2014-12-06 23:48 - 2014-12-06 23:48 - 00417064 _____ () C:\Users\Owner\Downloads\DellSystemDetect (1).exe
2014-12-05 18:16 - 2014-12-05 18:16 - 00065384 _____ () C:\Users\Owner\Downloads\Result (1).txt
2014-12-04 11:13 - 2014-12-04 11:15 - 00065384 _____ () C:\Users\Owner\Downloads\Result.txt
2014-12-04 11:11 - 2014-12-04 11:11 - 00401920 _____ (Farbar) C:\Users\Owner\Downloads\MiniToolBox.exe
2014-12-04 00:46 - 2014-12-09 02:54 - 00000017 _____ () C:\Users\Owner\Desktop\GJ bookmark.txt
2014-12-03 01:08 - 2014-08-25 20:26 - 00078936 ____R (Symantec Corporation) C:\windows\system32\Drivers\SymIMV.sys
2014-12-01 23:01 - 2014-12-01 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-12-01 23:01 - 2014-12-01 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-12-01 23:00 - 2014-12-01 23:00 - 00000000 ____D () C:\windows\system32\nn-NO
2014-12-01 23:00 - 2014-12-01 23:00 - 00000000 ____D () C:\windows\Options
2014-12-01 23:00 - 2014-12-01 23:00 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-12-01 23:00 - 2012-03-08 17:37 - 00439296 ____N (Atheros) C:\windows\system32\athihvs.dll
2014-12-01 23:00 - 2012-03-08 17:37 - 00060416 ____N (Atheros) C:\windows\system32\athihvui.dll
2014-12-01 22:54 - 2014-12-01 22:57 - 160094208 _____ () C:\Users\Owner\Downloads\DW1703_W7_A00_Setup-W1GV9_ZPE.exe
2014-12-01 22:36 - 2014-12-06 23:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-12-01 22:36 - 2014-12-01 22:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-12-01 22:35 - 2014-12-01 22:35 - 00417064 _____ () C:\Users\Owner\Downloads\DellSystemDetect.exe
2014-11-30 16:27 - 2014-11-30 16:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\{C5E912C7-FD8D-4C5D-B893-4F2095FD9CA9}
2014-11-30 00:23 - 2014-11-30 00:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\{25A78C4A-8329-4C44-A844-FAEBC56B3E5F}
2014-11-27 15:24 - 2014-11-27 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{CEFB4CCE-52EC-4C7C-9DB2-E8332C285CB2}
2014-11-25 16:11 - 2014-11-25 16:11 - 00000000 ____D () C:\Users\Owner\AppData\Local\{4B6EEF52-F4C6-4911-B224-ACC63C15E84C}
2014-11-19 05:10 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 05:10 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 05:10 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 05:10 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-17 20:31 - 2014-11-17 20:32 - 05383573 _____ () C:\Users\Owner\Downloads\I think I saw Bigfoot!!.mp4
2014-11-15 20:15 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-11-15 20:15 - 2014-05-08 03:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-11-15 19:46 - 2014-11-15 19:46 - 00027638 _____ () C:\windows\system32\.crusader
2014-11-15 19:32 - 2014-11-15 20:02 - 00043664 _____ () C:\windows\system32\Drivers\hitmanpro37.sys
2014-11-15 19:32 - 2014-11-15 19:46 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-15 19:30 - 2014-11-15 19:31 - 11222744 _____ (SurfRight B.V.) C:\Users\Owner\Downloads\HitmanPro_x64.exe
2014-11-15 19:17 - 2014-11-15 19:17 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieBrowserModeList
2014-11-15 19:04 - 2014-11-15 19:04 - 01532224 _____ (LogMeIn, Inc.) C:\Users\Owner\Downloads\Support-LogMeInRescue (1).exe
2014-11-15 15:36 - 2012-08-23 08:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-11-15 15:36 - 2012-08-23 08:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-11-15 15:36 - 2012-08-23 05:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-11-15 15:36 - 2012-08-23 04:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-11-14 12:37 - 2014-11-14 12:37 - 00000000 ____D () C:\Users\Owner\AppData\Local\{0AD15000-9608-4487-A5D0-6D88BC43C455}
2014-11-11 16:58 - 2014-11-05 11:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-11 16:58 - 2014-11-05 11:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-11 16:58 - 2014-11-05 11:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-11 16:57 - 2014-11-07 13:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-11 16:57 - 2014-11-07 13:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-11 16:57 - 2014-11-05 22:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-11 16:57 - 2014-11-05 22:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-11 16:57 - 2014-11-05 22:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-11 16:57 - 2014-11-05 21:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-11 16:57 - 2014-11-05 21:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-11 16:57 - 2014-11-05 21:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-11 16:57 - 2014-11-05 21:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-11 16:57 - 2014-11-05 21:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-11 16:57 - 2014-11-05 21:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-11 16:57 - 2014-11-05 21:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-11 16:57 - 2014-11-05 21:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-11 16:57 - 2014-11-05 21:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-11 16:57 - 2014-11-05 21:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-11 16:57 - 2014-11-05 21:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-11 16:57 - 2014-11-05 21:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-11 16:57 - 2014-11-05 21:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-11 16:57 - 2014-11-05 21:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-11 16:57 - 2014-11-05 21:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-11 16:57 - 2014-11-05 21:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-11 16:57 - 2014-11-05 21:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-11 16:57 - 2014-11-05 21:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-11 16:57 - 2014-11-05 21:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-11 16:57 - 2014-11-05 21:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-11 16:57 - 2014-11-05 21:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 16:57 - 2014-11-05 21:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-11 16:57 - 2014-11-05 21:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-11 16:57 - 2014-11-05 21:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-11 16:57 - 2014-11-05 21:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-11 16:57 - 2014-11-05 21:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-11 16:57 - 2014-11-05 21:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-11 16:57 - 2014-11-05 20:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-11 16:57 - 2014-11-05 20:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-11 16:57 - 2014-11-05 20:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-11 16:57 - 2014-11-05 20:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-11 16:57 - 2014-11-05 20:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 16:57 - 2014-11-05 20:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-11 16:57 - 2014-11-05 20:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-11 16:57 - 2014-11-05 20:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-11 16:57 - 2014-11-05 20:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-11 16:57 - 2014-11-05 20:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-11 16:57 - 2014-11-05 20:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-11 16:57 - 2014-11-05 20:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-11 16:57 - 2014-11-05 20:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-11 16:57 - 2014-11-05 20:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-11 16:57 - 2014-11-05 20:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-11 16:57 - 2014-11-05 20:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-11 16:57 - 2014-11-05 20:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-11 16:57 - 2014-11-05 20:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-11 16:57 - 2014-11-05 20:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-11 16:57 - 2014-11-05 20:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-11 16:57 - 2014-11-05 19:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-11 16:57 - 2014-11-05 19:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-11 16:57 - 2014-11-05 19:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-11 16:57 - 2014-11-05 19:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-11 16:57 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-11 16:57 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-11 16:57 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-11 16:57 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-11 16:57 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-11 16:57 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-11 16:57 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-11 16:57 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-11 16:57 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-11 16:57 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-11 16:56 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-11 16:56 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-11 16:56 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-11 16:56 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-11 16:56 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-11 16:56 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-11 16:56 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-11 16:56 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-11 16:56 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-11 16:56 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-11 16:56 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-11 16:56 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-11 16:56 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-11 16:56 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-11 16:56 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-11 16:56 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-09 21:02 - 2012-03-30 15:35 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-09 20:55 - 2012-04-08 18:21 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-09 20:52 - 2013-05-13 21:23 - 00000338 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2014-12-09 20:36 - 2009-07-13 22:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-09 20:36 - 2009-07-13 22:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-09 20:32 - 2011-12-13 07:25 - 01307217 _____ () C:\windows\WindowsUpdate.log
2014-12-09 20:29 - 2012-03-30 15:34 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-09 20:28 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-09 20:28 - 2009-07-13 22:51 - 00117636 _____ () C:\windows\setupact.log
2014-12-09 20:03 - 2010-11-20 21:47 - 00254878 _____ () C:\windows\PFRO.log
2014-12-09 16:01 - 2012-02-08 10:05 - 00000422 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2014-12-09 16:00 - 2012-04-24 15:00 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-12-09 16:00 - 2012-02-08 10:05 - 00003448 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2014-12-09 14:29 - 2013-08-04 15:26 - 00000000 ____D () C:\Users\Owner\Documents\System Information
2014-12-09 14:18 - 2012-02-08 10:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2014-12-09 14:09 - 2012-05-16 08:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-09 14:09 - 2012-05-16 08:48 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-12-09 14:03 - 2011-12-13 08:19 - 00000000 ____D () C:\windows\PCHEALTH
2014-12-09 13:11 - 2013-05-13 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2014-12-03 23:18 - 2011-12-13 07:51 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-12-03 00:27 - 2009-07-13 23:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-01 23:00 - 2011-12-13 07:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-01 23:00 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-12-01 22:59 - 2011-12-13 07:46 - 00000000 ____D () C:\ProgramData\Dell
2014-12-01 22:58 - 2011-12-13 10:40 - 00000000 ____D () C:\Dell
2014-12-01 22:36 - 2014-01-14 20:21 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
2014-11-30 17:04 - 2013-05-07 14:51 - 00000000 ____D () C:\Users\Owner\Documents\Bigfoot
2014-11-26 03:03 - 2012-03-30 15:36 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 02:05 - 2009-07-13 23:08 - 00032600 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-11-25 20:10 - 2013-05-13 14:25 - 00000000 ____D () C:\FFOutput
2014-11-25 18:36 - 2013-07-28 08:45 - 00000000 ____D () C:\Users\Owner\Documents\Bills
2014-11-24 17:26 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\registration
2014-11-24 08:28 - 2014-10-14 17:38 - 00000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-11-24 08:27 - 2014-10-14 17:38 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-11-22 21:41 - 2013-05-13 21:23 - 00000000 ___RD () C:\Users\Owner\Documents\HP Photo Creations
2014-11-22 21:41 - 2013-05-13 20:36 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-11-22 21:40 - 2013-05-13 21:23 - 00003346 _____ () C:\windows\System32\Tasks\HP Photo Creations Communicator
2014-11-22 21:40 - 2013-05-13 20:36 - 00001953 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-11-18 17:46 - 2013-08-30 19:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-18 13:18 - 2012-02-08 10:05 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-11-18 05:32 - 2013-08-30 19:03 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client
2014-11-17 18:15 - 2012-03-30 15:26 - 00010752 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-17 11:49 - 2012-05-01 09:43 - 00000000 ____D () C:\Users\Owner\Documents\Work Documentation
2014-11-17 02:00 - 2012-02-08 10:05 - 00004268 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-11-16 20:59 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-11-15 20:08 - 2012-06-20 18:07 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-11-15 20:03 - 2009-07-13 23:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-11-15 19:05 - 2014-11-02 06:11 - 00000000 ____D () C:\Users\Owner\AppData\Local\LogMeIn Rescue Applet
2014-11-15 18:57 - 2012-03-30 15:35 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 18:57 - 2012-03-30 15:35 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 16:25 - 2012-02-08 10:06 - 00001375 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-15 15:39 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-11-12 18:35 - 2014-07-17 16:43 - 00000000 ___RD () C:\Users\Owner\Documents\Notes
2014-11-12 04:47 - 2013-06-15 21:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Audacity
2014-11-12 00:52 - 2009-07-13 22:45 - 00322016 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 00:50 - 2014-05-06 02:00 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-11 23:07 - 2013-08-15 02:01 - 00000000 ____D () C:\windows\system32\MRT
2014-11-11 23:01 - 2012-02-08 11:58 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-11 18:55 - 2012-04-08 18:21 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-11 18:55 - 2012-04-08 18:21 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 18:55 - 2011-12-13 07:38 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-06 19:17
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by Owner (administrator) on OWNER-PC on 09-12-2014 21:05:36
Running from C:\Users\Owner\Desktop
Loaded Profile: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Dell) C:\Users\Owner\AppData\Local\Apps\2.0\TX6V8N86.DD3\VB93Q1V6.HW7\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2013-01-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Run: [DellSystemDetect] => C:\Users\Owner\AppData\Local\Apps\2.0\TX6V8N86.DD3\VB93Q1V6.HW7\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-12-01] (Dell)
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\RunOnce: [Adobe Speed Launcher] => 1418178547
HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-170707502-607240467-3261361461-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
HKU\S-1-5-21-170707502-607240467-3261361461-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite....x/qtplugin.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/soft...02/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/soft...3/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/soft...0321/CTPID.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\s9xvr6t7.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.3.12\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn [2014-12-09]
Chrome:
=======
CHR HomePage: Default -> hxxp://att.yahoo.com/
CHR StartupUrls: Default -> "hxxp://att.yahoo.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-30]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-30]
CHR Extension: (Yahoo Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2013-12-19]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-30] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-03-28] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20141203.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [43664 2014-11-15] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20141208.001\IDSvia64.sys [637656 2014-11-17] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\ENG64.SYS [129752 2014-12-09] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\EX64.SYS [2137304 2014-12-09] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SRTSP; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 Svk2pl; C:\Windows\System32\DRIVERS\Svk2pl64.sys [97280 2010-04-01] (Gigaware)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2014-08-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-02] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2014-08-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-09 21:05 - 2014-12-09 21:06 - 00018613 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-12-09 21:05 - 2014-12-09 21:05 - 02119680 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-12-09 21:05 - 2014-12-09 21:05 - 00000000 ____D () C:\FRST
2014-12-09 18:54 - 2014-12-09 20:01 - 00000000 ____D () C:\AdwCleaner
2014-12-09 18:53 - 2014-12-09 18:53 - 02166272 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe
2014-12-09 14:20 - 2014-12-09 14:20 - 00010303 _____ () C:\Users\Owner\Downloads\hijackthis.log
2014-12-09 14:17 - 2014-12-09 14:17 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HijackThis.exe
2014-12-09 13:44 - 2014-12-09 18:16 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-09 13:43 - 2014-12-09 13:43 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-09 13:43 - 2014-12-09 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-09 13:43 - 2014-12-09 13:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-09 13:43 - 2014-12-09 13:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-09 13:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-09 13:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-12-09 13:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-12-09 13:41 - 2014-12-09 13:41 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-09 13:11 - 2014-12-09 13:11 - 00000000 ____D () C:\SUPERDelete
2014-12-09 13:06 - 2014-12-09 13:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2014-12-09 13:05 - 2014-12-09 13:06 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-09 13:05 - 2014-12-09 13:05 - 00001770 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-12-09 13:05 - 2014-12-09 13:05 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-09 13:05 - 2014-12-09 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-09 13:03 - 2014-12-09 13:03 - 20648488 _____ (SUPERAntiSpyware) C:\Users\Owner\Downloads\SUPERAntiSpyware.exe
2014-12-06 23:48 - 2014-12-06 23:48 - 00417064 _____ () C:\Users\Owner\Downloads\DellSystemDetect (1).exe
2014-12-05 18:16 - 2014-12-05 18:16 - 00065384 _____ () C:\Users\Owner\Downloads\Result (1).txt
2014-12-04 11:13 - 2014-12-04 11:15 - 00065384 _____ () C:\Users\Owner\Downloads\Result.txt
2014-12-04 11:11 - 2014-12-04 11:11 - 00401920 _____ (Farbar) C:\Users\Owner\Downloads\MiniToolBox.exe
2014-12-04 00:46 - 2014-12-09 02:54 - 00000017 _____ () C:\Users\Owner\Desktop\GJ bookmark.txt
2014-12-03 01:08 - 2014-08-25 20:26 - 00078936 ____R (Symantec Corporation) C:\windows\system32\Drivers\SymIMV.sys
2014-12-01 23:01 - 2014-12-01 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-12-01 23:01 - 2014-12-01 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-12-01 23:00 - 2014-12-01 23:00 - 00000000 ____D () C:\windows\system32\nn-NO
2014-12-01 23:00 - 2014-12-01 23:00 - 00000000 ____D () C:\windows\Options
2014-12-01 23:00 - 2014-12-01 23:00 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-12-01 23:00 - 2012-03-08 17:37 - 00439296 ____N (Atheros) C:\windows\system32\athihvs.dll
2014-12-01 23:00 - 2012-03-08 17:37 - 00060416 ____N (Atheros) C:\windows\system32\athihvui.dll
2014-12-01 22:54 - 2014-12-01 22:57 - 160094208 _____ () C:\Users\Owner\Downloads\DW1703_W7_A00_Setup-W1GV9_ZPE.exe
2014-12-01 22:36 - 2014-12-06 23:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-12-01 22:36 - 2014-12-01 22:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-12-01 22:35 - 2014-12-01 22:35 - 00417064 _____ () C:\Users\Owner\Downloads\DellSystemDetect.exe
2014-11-30 16:27 - 2014-11-30 16:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\{C5E912C7-FD8D-4C5D-B893-4F2095FD9CA9}
2014-11-30 00:23 - 2014-11-30 00:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\{25A78C4A-8329-4C44-A844-FAEBC56B3E5F}
2014-11-27 15:24 - 2014-11-27 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{CEFB4CCE-52EC-4C7C-9DB2-E8332C285CB2}
2014-11-25 16:11 - 2014-11-25 16:11 - 00000000 ____D () C:\Users\Owner\AppData\Local\{4B6EEF52-F4C6-4911-B224-ACC63C15E84C}
2014-11-19 05:10 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 05:10 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 05:10 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 05:10 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-17 20:31 - 2014-11-17 20:32 - 05383573 _____ () C:\Users\Owner\Downloads\I think I saw Bigfoot!!.mp4
2014-11-15 20:15 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-11-15 20:15 - 2014-05-08 03:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-11-15 19:46 - 2014-11-15 19:46 - 00027638 _____ () C:\windows\system32\.crusader
2014-11-15 19:32 - 2014-11-15 20:02 - 00043664 _____ () C:\windows\system32\Drivers\hitmanpro37.sys
2014-11-15 19:32 - 2014-11-15 19:46 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-15 19:30 - 2014-11-15 19:31 - 11222744 _____ (SurfRight B.V.) C:\Users\Owner\Downloads\HitmanPro_x64.exe
2014-11-15 19:17 - 2014-11-15 19:17 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieBrowserModeList
2014-11-15 19:04 - 2014-11-15 19:04 - 01532224 _____ (LogMeIn, Inc.) C:\Users\Owner\Downloads\Support-LogMeInRescue (1).exe
2014-11-15 15:36 - 2012-08-23 08:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-11-15 15:36 - 2012-08-23 08:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-11-15 15:36 - 2012-08-23 05:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-11-15 15:36 - 2012-08-23 04:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-11-14 12:37 - 2014-11-14 12:37 - 00000000 ____D () C:\Users\Owner\AppData\Local\{0AD15000-9608-4487-A5D0-6D88BC43C455}
2014-11-11 16:58 - 2014-11-05 11:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-11 16:58 - 2014-11-05 11:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-11 16:58 - 2014-11-05 11:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-11 16:57 - 2014-11-07 13:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-11 16:57 - 2014-11-07 13:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-11 16:57 - 2014-11-05 22:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-11 16:57 - 2014-11-05 22:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-11 16:57 - 2014-11-05 22:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-11 16:57 - 2014-11-05 21:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-11 16:57 - 2014-11-05 21:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-11 16:57 - 2014-11-05 21:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-11 16:57 - 2014-11-05 21:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-11 16:57 - 2014-11-05 21:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-11 16:57 - 2014-11-05 21:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-11 16:57 - 2014-11-05 21:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-11 16:57 - 2014-11-05 21:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-11 16:57 - 2014-11-05 21:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-11 16:57 - 2014-11-05 21:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-11 16:57 - 2014-11-05 21:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-11 16:57 - 2014-11-05 21:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-11 16:57 - 2014-11-05 21:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-11 16:57 - 2014-11-05 21:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-11 16:57 - 2014-11-05 21:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-11 16:57 - 2014-11-05 21:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-11 16:57 - 2014-11-05 21:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-11 16:57 - 2014-11-05 21:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-11 16:57 - 2014-11-05 21:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-11 16:57 - 2014-11-05 21:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-11 16:57 - 2014-11-05 21:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 16:57 - 2014-11-05 21:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-11 16:57 - 2014-11-05 21:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-11 16:57 - 2014-11-05 21:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-11 16:57 - 2014-11-05 21:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-11 16:57 - 2014-11-05 21:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-11 16:57 - 2014-11-05 21:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-11 16:57 - 2014-11-05 20:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-11 16:57 - 2014-11-05 20:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-11 16:57 - 2014-11-05 20:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-11 16:57 - 2014-11-05 20:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-11 16:57 - 2014-11-05 20:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 16:57 - 2014-11-05 20:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-11 16:57 - 2014-11-05 20:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-11 16:57 - 2014-11-05 20:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-11 16:57 - 2014-11-05 20:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-11 16:57 - 2014-11-05 20:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-11 16:57 - 2014-11-05 20:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-11 16:57 - 2014-11-05 20:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-11 16:57 - 2014-11-05 20:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-11 16:57 - 2014-11-05 20:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-11 16:57 - 2014-11-05 20:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-11 16:57 - 2014-11-05 20:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-11 16:57 - 2014-11-05 20:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-11 16:57 - 2014-11-05 20:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-11 16:57 - 2014-11-05 20:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-11 16:57 - 2014-11-05 20:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-11 16:57 - 2014-11-05 19:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-11 16:57 - 2014-11-05 19:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-11 16:57 - 2014-11-05 19:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-11 16:57 - 2014-11-05 19:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-11 16:57 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-11 16:57 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-11 16:57 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-11 16:57 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-11 16:57 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-11 16:57 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-11 16:57 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-11 16:57 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-11 16:57 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-11 16:57 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-11 16:56 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-11 16:56 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-11 16:56 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-11 16:56 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-11 16:56 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-11 16:56 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-11 16:56 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-11 16:56 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-11 16:56 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-11 16:56 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-11 16:56 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-11 16:56 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-11 16:56 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-11 16:56 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-11 16:56 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-11 16:56 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-11 16:56 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-11 16:56 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-11 16:56 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-09 21:02 - 2012-03-30 15:35 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-09 20:55 - 2012-04-08 18:21 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-09 20:52 - 2013-05-13 21:23 - 00000338 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2014-12-09 20:36 - 2009-07-13 22:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-09 20:36 - 2009-07-13 22:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-09 20:32 - 2011-12-13 07:25 - 01307217 _____ () C:\windows\WindowsUpdate.log
2014-12-09 20:29 - 2012-03-30 15:34 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-09 20:28 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-09 20:28 - 2009-07-13 22:51 - 00117636 _____ () C:\windows\setupact.log
2014-12-09 20:03 - 2010-11-20 21:47 - 00254878 _____ () C:\windows\PFRO.log
2014-12-09 16:01 - 2012-02-08 10:05 - 00000422 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2014-12-09 16:00 - 2012-04-24 15:00 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-12-09 16:00 - 2012-02-08 10:05 - 00003448 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2014-12-09 14:29 - 2013-08-04 15:26 - 00000000 ____D () C:\Users\Owner\Documents\System Information
2014-12-09 14:18 - 2012-02-08 10:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2014-12-09 14:09 - 2012-05-16 08:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-09 14:09 - 2012-05-16 08:48 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-12-09 14:03 - 2011-12-13 08:19 - 00000000 ____D () C:\windows\PCHEALTH
2014-12-09 13:11 - 2013-05-13 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2014-12-03 23:18 - 2011-12-13 07:51 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-12-03 00:27 - 2009-07-13 23:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-01 23:00 - 2011-12-13 07:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-01 23:00 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-12-01 22:59 - 2011-12-13 07:46 - 00000000 ____D () C:\ProgramData\Dell
2014-12-01 22:58 - 2011-12-13 10:40 - 00000000 ____D () C:\Dell
2014-12-01 22:36 - 2014-01-14 20:21 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
2014-11-30 17:04 - 2013-05-07 14:51 - 00000000 ____D () C:\Users\Owner\Documents\Bigfoot
2014-11-26 03:03 - 2012-03-30 15:36 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 02:05 - 2009-07-13 23:08 - 00032600 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-11-25 20:10 - 2013-05-13 14:25 - 00000000 ____D () C:\FFOutput
2014-11-25 18:36 - 2013-07-28 08:45 - 00000000 ____D () C:\Users\Owner\Documents\Bills
2014-11-24 17:26 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\registration
2014-11-24 08:28 - 2014-10-14 17:38 - 00000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-11-24 08:27 - 2014-10-14 17:38 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-11-22 21:41 - 2013-05-13 21:23 - 00000000 ___RD () C:\Users\Owner\Documents\HP Photo Creations
2014-11-22 21:41 - 2013-05-13 20:36 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-11-22 21:40 - 2013-05-13 21:23 - 00003346 _____ () C:\windows\System32\Tasks\HP Photo Creations Communicator
2014-11-22 21:40 - 2013-05-13 20:36 - 00001953 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-11-18 17:46 - 2013-08-30 19:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-18 13:18 - 2012-02-08 10:05 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-11-18 05:32 - 2013-08-30 19:03 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\SoftGrid Client
2014-11-17 18:15 - 2012-03-30 15:26 - 00010752 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-17 11:49 - 2012-05-01 09:43 - 00000000 ____D () C:\Users\Owner\Documents\Work Documentation
2014-11-17 02:00 - 2012-02-08 10:05 - 00004268 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-11-16 20:59 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-11-15 20:08 - 2012-06-20 18:07 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-11-15 20:03 - 2009-07-13 23:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-11-15 19:05 - 2014-11-02 06:11 - 00000000 ____D () C:\Users\Owner\AppData\Local\LogMeIn Rescue Applet
2014-11-15 18:57 - 2012-03-30 15:35 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 18:57 - 2012-03-30 15:35 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 16:25 - 2012-02-08 10:06 - 00001375 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-15 15:39 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-11-12 18:35 - 2014-07-17 16:43 - 00000000 ___RD () C:\Users\Owner\Documents\Notes
2014-11-12 04:47 - 2013-06-15 21:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Audacity
2014-11-12 00:52 - 2009-07-13 22:45 - 00322016 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 00:50 - 2014-05-06 02:00 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-11 23:07 - 2013-08-15 02:01 - 00000000 ____D () C:\windows\system32\MRT
2014-11-11 23:01 - 2012-02-08 11:58 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-11 18:55 - 2012-04-08 18:21 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-11 18:55 - 2012-04-08 18:21 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 18:55 - 2011-12-13 07:38 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-06 19:17
==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2014
Ran by Owner at 2014-12-09 21:07:01
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Applian Director (HKLM-x32\...\Applian Director3.01) (Version: 3.01 - Applian Technologies Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5803.11 - Dell Inc.)
Dell Support Center (Version: 3.1.5803.11 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKU\S-1-5-21-170707502-607240467-3261361461-1001\...\73f463568823ebbe) (Version: 5.12.0.3 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.18 - Creative Technology Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{FB555BCF-9202-4886-9203-88C9A210D727}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{710D4D91-1924-4A6B-8659-9CDE02DC7207}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP Photo Creations)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.6.15 - Symantec Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.1) (Version: 7.1 - Applian Technologies Inc.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.61 - NCH Software)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.2 - Nikon)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
15-11-2014 21:36:19 Windows Update
16-11-2014 01:27:33 Creating Restore Point. This may take several minutes...
16-11-2014 01:44:35 Checkpoint by HitmanPro
16-11-2014 01:45:17 Checkpoint by HitmanPro
16-11-2014 04:03:51 Windows Update
19-11-2014 14:41:52 Windows Update
27-11-2014 23:11:32 Scheduled Checkpoint
07-12-2014 01:24:09 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0C1AC47D-7172-4AC1-955F-3AF30853848A} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-06-08] (Hewlett-Packard Co.)
Task: {10442C49-A423-4CA3-B775-4D56FD40C947} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1C6ECEB3-D5C2-4907-A536-AFFE43C8D2DA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {25BFFD0E-A220-41CD-9F2E-5F29E795BD35} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {26E516C6-1764-4467-85A6-C4B19FBE0F84} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2DA4B6DD-57FD-4BA3-AF6F-0493551F6F44} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe
Task: {2E4B539D-0889-4977-BBAC-3D69B4F257BB} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-05-13] ()
Task: {4F7346A6-1AE8-4AF2-9B30-7307C948BBDD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {4FC4E54F-8547-460F-8A97-97882DF6E776} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {5BDFEC70-3DE5-494F-9376-ED2CC97A048F} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe
Task: {60DCF6C5-4261-4B66-AEA3-C94CF607869F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6D40F2BC-C87F-437E-B9A8-EFDD6376DF3A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7710E6ED-643A-4004-9642-985C39DECD6D} - System32\Tasks\PCDEventLauncher => c:\Program Files\Dell Support Center\sessionchecker.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {8B1ACFEA-7A14-4558-BF9D-B421360135B8} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL Product Registration | Microsoft Hardware
Task: {A18FCEDE-E0F6-4B39-AC8C-A41AA45DA105} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AC1F634E-2666-4D0E-AF80-79385A026DD4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {C464A482-4461-4E8F-8C6F-618E6EA58666} - System32\Tasks\SystemToolsDailyTest => c:\Program Files\Dell Support Center\pcdrcui.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {C5D0F304-B4A5-4220-8C61-005A124F4C27} - System32\Tasks\PCDoctorBackgroundMonitorTask => c:\Program Files\Dell Support Center\uaclauncher.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {D8800DF8-A3C2-4A9A-8343-0254B9817EB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {D9D14206-850A-4D51-9D98-EC127E2D4244} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {E163A2FA-29D8-4E55-BB36-A627A05E0BF1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-11] (Adobe Systems Incorporated)
Task: {FB4E703E-17D5-4FFB-802A-FC3631D49916} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => c:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => c:\Program Files\Dell Support Center\pcdrcui.exe
==================== Loaded Modules (whitelisted) =============
2011-06-08 15:57 - 2011-06-08 15:57 - 02812776 _____ () C:\windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2011-12-13 09:02 - 2011-03-25 19:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2014-11-26 03:03 - 2014-11-25 00:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 03:03 - 2014-11-25 00:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 03:03 - 2014-11-25 00:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 03:03 - 2014-11-25 00:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NCO => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: RoxMediaDB12OEM => 3
MSCONFIG\Services: RoxWatch12 => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-170707502-607240467-3261361461-500 - Administrator - Disabled)
Guest (S-1-5-21-170707502-607240467-3261361461-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-170707502-607240467-3261361461-1006 - Limited - Enabled)
Owner (S-1-5-21-170707502-607240467-3261361461-1001 - Administrator - Enabled) => C:\Users\Owner
==================== Faulty Device Manager Devices =============
Name: Norton Identity Safe Settings Manager
Description: Norton Identity Safe Settings Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ccSet_NST
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/09/2014 08:29:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 08:05:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 02:40:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 02:32:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 02:05:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 01:33:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/07/2014 05:11:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/06/2014 03:17:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/06/2014 01:19:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 05:21:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/09/2014 08:29:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (12/09/2014 08:29:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ccSet_NST
Error: (12/09/2014 08:29:22 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (12/09/2014 08:05:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (12/09/2014 08:04:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ccSet_NST
Error: (12/09/2014 08:04:09 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (12/09/2014 08:02:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\system32\athihvs.dll
Error: (12/09/2014 08:02:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\system32\athihvs.dll
Error: (12/09/2014 08:02:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\system32\athihvs.dll
Error: (12/09/2014 08:02:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (12/09/2014 08:29:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 08:05:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 02:40:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 02:32:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 02:05:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 01:33:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/07/2014 05:11:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/06/2014 03:17:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/06/2014 01:19:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 05:21:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 45%
Total physical RAM: 3894.68 MB
Available physical RAM: 2115.51 MB
Total Pagefile: 7787.55 MB
Available Pagefile: 5867.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:327.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9F925738)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
==================== End Of Log ============================
What issues are you experiencing? Still the slow to connect to the internet?
I don't see anything of the malicious nature.
Ok mrick?
Here are a few items to fix. They're just leftovers, orphans as we call them. Please follow the instructions below and let us know what issues you are experiencing.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
Code:start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [Not Found]
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
Hosts:
Emptytemp:
reboot:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
Other than my browser opening up in a 1/4 window, everything seems fine. Network connection is not instantaneous, but it is tolerable.
Thanks for your help DonnaB!
Can I just come back here and repeat the process if I run across the problems again?
Why of course you can!! :) Our door is always open for you, mrick.Quote:
Can I just come back here and repeat the process if I run across the problems again?
Sounds like it might be minimized. Touch the edges with your cursor till the single arrow becomes a double arrow, left click and drag the edges on all four sides. Does that help any?Quote:
Other than my browser opening up in a 1/4 window,
Did you follow the instructions above? It should have created a fixlog.txt and placed it on your desktop. I would like to see that if you could post it in a reply.
There was one more scan that I was going to have you run to ensure nothing of the malicious nature is lurking in the shadows, but if you feel that everything is fine, we don't have to run the scan. That particular scan could take hours and is very thorough. We usually suggest to let it run overnight when you are sleeping since it takes so long. I'll leave that decision up to you.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2014
Ran by Owner at 2014-12-09 21:41:28 Run:1
Running from C:\Users\Owner\Desktop
Loaded Profile: Owner (Available profiles: Owner)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [Not Found]
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
Hosts:
Emptytemp:
reboot:
end
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob" => Key deleted successfully.
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 2.7 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Eeeeeeeeeeeeeew! What scan is that? I have to redownload FRST whenever I use it, cuz Norton keeps deleting it.