|
|||||||
| Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
 |
|
|
Topic Tools |
|
#1
September 30th, 2014, 04:41 PM
|
||||
|
||||
Win7 Home Premium Windows Update fails-moved by Murf
I have not been able to get windows updates, this seem to have started on April 1, 2014. My grandson downloaded a few programs which I have since deleted, and I am still getting errors, can't go back to that date in time to do a system recovery to an earlier time. The Windows Security System can't update either. I ran Belarc Advisor and there are three updates that still need to be fixed. I can't install some programs, and this driving me crazy. Can you please help me? I know a little about PC's and this has been baffling me for a little while now. The Microsoft Support site isn't much help either. I am open to suggestions and would like for someone there to walk me through on getting my updates to work. I also keep getting: "This page cannot be displayed", in Internet Explorer, which is very annoying... if I try a few times eventually it might open, but I may have a virus or something.
Last edited by sentee; September 30th, 2014 at 04:54 PM. 
|
|
#4
October 1st, 2014, 11:17 PM
|
||||
|
||||
|
Hello sentee (and thanks Murf),
Let's take a look. The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool. And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types" To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed. ------- Download RogueKiller from here to your desktop. Close all open programs Remember to right click -> run as administrator, and click the downloaded file. When RogueKiller finishes it's opening scan, press the Scan button. A RKreport.txt will be created in the same location as the RogueKiller file. If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe, and try again. Please post the contents of the RKreport.txt. ------ Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.
|
|
#5
October 3rd, 2014, 12:55 AM
|
||||
|
||||
|
The dload didn't work, I need to know how to disable the Microsoft Security Essentials. Then I'd like to try it again. Most of the files that I try to dload and open it's saying the file is invalid or corrupt.
Last edited by sentee; October 3rd, 2014 at 01:13 AM.
|
|
#6
October 3rd, 2014, 11:16 PM
|
||||
|
||||
|
Quote:
|
|
#7
October 6th, 2014, 04:09 PM
|
||||
|
||||
|
I can't dload Rkill, I even tried to open this file in safe mode, and still I can't open it. I temporarily turned off Microsoft Security Essentials. Is it possible that I should perhaps dload the programs you suggest onto a flash drive?
|
|
#8
October 6th, 2014, 05:13 PM
|
||||
|
||||
|
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014
Ran by Cynthia3 (administrator) on CYNTHIA3-HP on 06-10-2014 12:05:32 Running from C:\Users\Cynthia3\Desktop Loaded Profile: Cynthia3 (Available profiles: Cynthia3 & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe (WildTangent, Inc.) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe (Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl 64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\nacl 64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe (Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\FXSSVC.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\ytbb.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-12] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [(default)] => [X] HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-09-26] (Hewlett-Packard) HKU\S-1-5-21-2204247192-763932463-2249620297-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-09-23] (Microsoft Corporation) HKU\S-1-5-21-2204247192-763932463-2249620297-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-2204247192-763932463-2249620297-1000\...\Run: [GoogleChromeAutoLaunch_9EFD270FA9510B5BF82D0CBDCB1 E2535] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.) HKU\S-1-5-21-2204247192-763932463-2249620297-1000\...\MountPoints2: {51e387a3-ba58-11e3-a978-78acc0ac744c} - F:\LaunchU3.exe -a HKU\S-1-5-21-2204247192-763932463-2249620297-1000\...\MountPoints2: {fc026904-feec-11e3-95a0-78acc0ac744c} - F:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-02] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company) Startup: C:\Users\Cynthia3\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Startup\AutorunsDisabled () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPDTDF SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites02_14_ 24_ie&cd=2XzuyEtN2Y1L1QzuyB0C0D0DzytDyDtDyC0C0EyDt CtAtB0AtN0D0Tzu0SzzzytDtN1L2XzutBtFtBtDtFtCzytFtDt N1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBzyy DtAtC0D0EtDtGtA0AtCyCtGyB0A0B0FtGtB0B0A0CtGyC0DtDt CtDyDyCyDtD0EtDtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyDyCy CyE0DtDyEtG0F0D0CtAtGzytDyC0BtG0AyBzz0DtGyCyByE0At B0E0B0AtB0C0C0F2Q&cr=651053430&ir= SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPDTDF SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops SearchScopes: HKCU - DefaultScope {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP luginx64.dll (Hewlett-Packard) BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll (Hewlett-Packard) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.) Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_ 152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_ 152.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Simple Pool Game) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjijhekaonkmkedfdabbageic fhhlgo [2014-09-08] CHR Extension: (USA TODAY) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aggljnipbdiebhbmadknfbjlhe hbohbn [2014-09-08] CHR Extension: (Angry Birds) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmg eghloj [2014-09-08] CHR Extension: (Google Docs) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2014-07-22] CHR Extension: (Google Drive) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2014-07-22] CHR Extension: (Mahjong) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\beoldljceodklpdmkgelhbdllh hciinh [2014-09-21] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmn hjmhfn [2014-07-23] CHR Extension: (YouTube) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2014-07-22] CHR Extension: (Math Mahjong) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbcfbhpnngegochhbdlanodnmi jfplal [2014-09-08] CHR Extension: (Google Search) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2014-07-22] CHR Extension: (Netflix) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeoh mmeldh [2014-09-08] CHR Extension: (Google+) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdi dnckmm [2014-09-08] CHR Extension: (Home - New Tab Page) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehhkfhegcenpfoanmgfpfhnmdm flkbgk [2014-09-08] CHR Extension: (*******) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihg feikcl [2014-09-08] CHR Extension: (AdBlock) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2014-09-08] CHR Extension: (Crackle) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgla dlinic [2014-09-08] CHR Extension: (Kindle Cloud Reader) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjj eneebd [2014-09-08] CHR Extension: (Pool Mania) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\icojacdaddlajldkicfacgcjnc bkieen [2014-09-08] CHR Extension: (The Weather Channel for Chrome) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhl kdopop [2014-09-08] CHR Extension: (TWC TV) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipljanaingoikffobmmjmifihm cljnbj [2014-09-24] CHR Extension: (Google Play) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdi abikfi [2014-09-08] CHR Extension: (Google Maps) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbea pigfbh [2014-09-08] CHR Extension: (Google Wallet) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2014-04-01] CHR Extension: (FREE TV) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofddcjfikfghkmoapnjnmmflbc johbic [2014-09-08] CHR Extension: (Gmail) - C:\Users\Cynthia3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2014-07-22] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc) S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider) S4 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] () R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [61016 2014-06-06] (StdLib) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-06 11:56 - 2014-10-06 11:57 - 00036975 _____ () C:\Users\Cynthia3\Desktop\Addition.txt 2014-10-06 11:54 - 2014-10-06 12:05 - 00020998 _____ () C:\Users\Cynthia3\Desktop\FRST.txt 2014-10-06 11:53 - 2014-10-06 12:05 - 00000000 ____D () C:\FRST 2014-10-06 11:53 - 2014-10-06 11:53 - 02109952 _____ (Farbar) C:\Users\Cynthia3\Desktop\FRST64.exe 2014-10-06 09:54 - 2014-10-06 09:54 - 16553160 _____ () C:\Users\Cynthia3\Documents\heating.tif 2014-10-02 20:34 - 2014-10-02 20:35 - 43980089 _____ () C:\Users\Cynthia3\Downloads\IE10-Windows6.1-KB2977629-x64.msu 2014-10-02 20:20 - 2014-10-02 20:20 - 00002984 _____ () C:\Windows\System32\Tasks\{89179D46-CEBB-4B0C-B5F2-DB6516FF4A16} 2014-10-02 20:10 - 2014-10-02 20:10 - 17292760 _____ () C:\Users\Cynthia3\Downloads\mbam-setup-2.0.2.1012.exe 2014-10-02 19:50 - 2014-10-02 19:50 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Cynthia3\Desktop\rkill.exe 2014-10-02 09:26 - 2014-10-02 09:26 - 00602112 _____ (OldTimer Tools) C:\Users\Cynthia3\Desktop\OTL (1).exe 2014-10-02 09:10 - 2014-10-02 09:10 - 00000000 ____D () C:\Users\Cynthia3\Desktop\Autoruns 2014-10-02 09:09 - 2014-10-02 09:09 - 00511633 _____ () C:\Users\Cynthia3\Desktop\Autoruns.zip 2014-10-02 08:53 - 2014-10-02 08:54 - 00602565 _____ () C:\Users\Cynthia3\Desktop\OTL.exe 2014-10-01 15:09 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 15:09 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-30 09:56 - 2014-09-30 09:56 - 00000020 ___SH () C:\Users\DefaultAppPool.IIS APPPOOL.000\ntuser.ini 2014-09-30 09:56 - 2014-09-30 09:56 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.000 2014-09-30 09:56 - 2011-04-12 02:49 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.000\AppData\Roaming\Macromedia 2014-09-30 09:56 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\DefaultAppPool.IIS APPPOOL.000\AppData\Roaming\Microsoft\Windows\Star t Menu\Programs\Accessories 2014-09-30 09:56 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\DefaultAppPool.IIS APPPOOL.000\AppData\Roaming\Microsoft\Windows\Star t Menu\Programs\Maintenance 2014-09-26 21:57 - 2013-10-01 22:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-09-26 21:57 - 2013-10-01 22:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyCon trol.exe 2014-09-26 21:57 - 2013-10-01 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExt ension.dll 2014-09-26 21:57 - 2013-10-01 21:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-09-26 21:57 - 2013-10-01 21:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-09-26 21:57 - 2013-10-01 21:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-09-26 21:57 - 2013-10-01 21:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-09-26 21:57 - 2013-10-01 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-09-26 21:57 - 2013-10-01 20:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-09-26 21:57 - 2013-10-01 20:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-09-26 21:57 - 2013-10-01 20:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-09-26 21:57 - 2013-10-01 20:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-09-26 21:57 - 2013-10-01 19:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-09-26 21:57 - 2013-10-01 19:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-09-26 21:57 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-09-26 21:57 - 2013-10-01 18:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-09-26 21:57 - 2013-10-01 16:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-09-26 21:57 - 2013-10-01 16:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-09-26 21:01 - 2014-09-26 21:01 - 00000017 _____ () C:\Users\Cynthia3\AppData\Local\resmon.resmoncfg 2014-09-25 12:13 - 2014-09-25 12:14 - 10990752 _____ (Microsoft Corporation) C:\Users\Cynthia3\Downloads\BingBarSetup.EXE 2014-09-25 12:04 - 2014-09-25 12:04 - 00001051 _____ () C:\Users\Cynthia3\Desktop\Edie's Resume Updated - Shortcut.lnk 2014-09-25 00:38 - 2014-09-25 00:39 - 01054400 _____ (Adobe) C:\Users\Cynthia3\Downloads\install_flashplayer15x 32ax_chrd_dn_awa_aih.exe 2014-09-25 00:21 - 2014-09-25 00:21 - 00302011 _____ () C:\Users\Cynthia3\Downloads\WindowsUpdateDiagnosti c.diagcab 2014-09-25 00:16 - 2014-09-25 00:17 - 37322752 _____ () C:\Users\Cynthia3\Downloads\AdbeRdrUpd11009_MUI.ms p 2014-09-24 23:46 - 2014-09-24 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-09-24 23:45 - 2014-09-24 23:45 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-09-24 23:45 - 2014-09-24 23:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-09-24 23:28 - 2014-09-24 23:30 - 00000000 ____D () C:\Users\Cynthia3\Desktop\JD Watkins 2014-09-24 22:42 - 2014-09-24 22:46 - 239091712 _____ () C:\Users\Cynthia3\Downloads\AcrobatUpd11009.msp 2014-09-24 22:01 - 2014-09-24 22:01 - 00002134 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk 2014-09-24 22:01 - 2014-09-24 22:01 - 00002122 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk 2014-09-24 22:01 - 2014-09-24 22:01 - 00000000 ____D () C:\Program Files (x86)\Belarc 2014-09-24 21:49 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-24 21:49 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-24 21:49 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-24 21:49 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-24 21:49 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-24 21:49 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-24 21:49 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-24 21:49 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-24 21:49 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-24 21:49 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-24 21:49 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-24 21:49 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-24 21:49 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-24 21:49 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-24 21:49 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-24 21:49 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-24 21:49 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-24 21:49 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-24 21:49 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-24 21:49 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-24 21:49 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-24 21:49 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-24 21:49 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-24 21:49 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-24 21:49 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-24 21:49 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-24 21:49 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-24 21:49 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-24 21:49 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-24 21:49 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-24 21:49 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-24 21:49 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-24 21:49 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-24 21:49 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-24 21:49 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-24 21:49 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-24 21:49 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-24 21:49 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-24 21:49 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-24 21:49 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-24 21:49 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-24 21:49 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-24 21:49 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-24 21:49 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-24 21:49 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-24 21:49 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-24 21:49 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-24 21:49 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-24 21:49 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-24 21:49 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-24 21:49 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-24 21:49 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-24 21:49 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-24 21:49 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-24 21:49 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-24 21:49 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-24 14:06 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 14:06 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-24 11:16 - 2014-09-24 11:16 - 00001159 _____ () C:\Users\Cynthia3\Desktop\Silverlight_x64 (1).exe 2014-09-24 11:11 - 2014-09-24 11:11 - 00079991 _____ () C:\Users\Cynthia3\Desktop\silverlight.diagcab 2014-09-24 10:30 - 2014-09-24 10:30 - 00166619 _____ () C:\Users\Cynthia3\Desktop\Untitled.wma 2014-09-24 10:22 - 2014-09-24 12:59 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL 2014-09-24 10:22 - 2011-04-12 02:49 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Macromedia 2014-09-24 09:57 - 2014-09-24 09:57 - 36977994 _____ () C:\Users\Cynthia3\Documents\Carey FAx 092414.tif 2014-09-23 12:57 - 2014-09-25 00:02 - 42585428 _____ () C:\Users\Cynthia3\Downloads\IE11-Windows6.1-KB2977629-x64.msu 2014-09-23 12:54 - 2014-09-23 12:53 - 00004736 _____ () C:\Users\Cynthia3\ipconfig.all.txt 2014-09-22 14:09 - 2014-09-22 14:08 - 01156739 ____T () C:\Users\Cynthia3\Desktop\Cantalician Centetr.tif 2014-09-22 11:03 - 2014-09-23 16:53 - 00000000 ____D () C:\Users\DefaultAppPool 2014-09-22 11:03 - 2011-04-12 02:49 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Macromedia 2014-09-19 15:01 - 2014-09-19 15:01 - 33774126 _____ () C:\Users\Cynthia3\Documents\Dejah Stubs 2nd set.tif 2014-09-17 14:29 - 2014-09-17 14:29 - 11510432 _____ () C:\Users\Cynthia3\Documents\Page 5 for Cantalician.tif 2014-09-17 14:24 - 2014-09-17 14:24 - 11510432 _____ () C:\Users\Cynthia3\Documents\Page 5.tif 2014-09-17 14:22 - 2014-09-17 14:22 - 23985280 _____ () C:\Users\Cynthia3\Documents\Pages 4 and 50001.tif 2014-09-17 14:22 - 2014-09-17 14:22 - 23985280 _____ () C:\Users\Cynthia3\Documents\Pages 4 and 5.tif 2014-09-17 13:56 - 2014-09-17 13:56 - 23696356 _____ () C:\Users\Cynthia3\Documents\Pages 3 and 4.tif 2014-09-17 13:54 - 2014-09-17 13:54 - 26882010 _____ () C:\Users\Cynthia3\Documents\2 pages0001.tif 2014-09-17 13:47 - 2014-09-17 13:47 - 26882010 _____ () C:\Users\Cynthia3\Documents\2 pages.tif 2014-09-17 13:04 - 2014-09-17 13:04 - 85213754 _____ () C:\Users\Cynthia3\Documents\SS Forms to School 2.tif 2014-09-17 12:10 - 2014-09-17 12:10 - 00264340 _____ () C:\Users\Cynthia3\Documents\SS Forms to School.tif 2014-09-16 14:33 - 2014-09-16 14:34 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-09-15 19:09 - 2014-09-15 19:11 - 118019832 _____ (Microsoft Corporation) C:\Users\Cynthia3\Downloads\msert.exe 2014-09-15 18:10 - 2014-09-15 18:10 - 00000000 _____ () C:\Windows\SysWOW64\shoFAF2.tmp 2014-09-15 17:11 - 2014-09-16 21:52 - 00000000 ____D () C:\ProgramData\SparkTrust 2014-09-15 17:11 - 2014-09-15 17:11 - 00000000 ____D () C:\Users\Cynthia3\AppData\Roaming\SparkTrust 2014-09-15 17:11 - 2014-09-15 17:11 - 00000000 ____D () C:\Users\Cynthia3\AppData\Roaming\DriverCure 2014-09-15 16:28 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-15 16:28 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-15 10:23 - 2014-10-06 10:29 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForCynthia3.job 2014-09-15 10:23 - 2014-10-06 09:57 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCynthia3 2014-09-13 11:08 - 2014-09-13 11:09 - 01055936 _____ (Adobe) C:\Users\Cynthia3\Desktop\install_flashplayer15x32 _mssd_aaa_aih.exe 2014-09-12 20:43 - 2012-02-11 02:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-09-12 20:43 - 2012-02-11 02:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2014-09-12 14:54 - 2014-09-12 14:54 - 00018604 _____ () C:\Users\Cynthia3\Desktop\Kadejah Resume!.zip 2014-09-12 14:40 - 2011-02-25 02:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-09-12 14:40 - 2011-02-25 01:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2014-09-12 14:35 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-12 14:35 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-12 14:35 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-12 14:35 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-12 14:35 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-12 14:29 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-09-12 14:29 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-09-12 14:29 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-09-12 14:29 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-09-12 14:29 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-09-12 14:29 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-09-12 14:29 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-09-12 14:29 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-09-12 14:29 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-09-12 14:29 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-09-12 14:29 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-09-12 14:29 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-09-12 14:29 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-09-12 14:29 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-09-12 14:29 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-09-12 14:29 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-09-12 14:29 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-09-12 14:29 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-09-12 14:25 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-12 14:25 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 22:29 - 2014-09-10 22:34 - 00028315 _____ () C:\Users\Cynthia3\Documents\Nar'l Marshal Convention.odt 2014-09-10 21:52 - 2014-09-24 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2014-09-10 21:52 - 2014-09-10 21:53 - 00001187 _____ () C:\Users\Cynthia3\Desktop\Spybot - Search & Destroy.lnk 2014-09-10 21:51 - 2014-09-24 13:56 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2014-09-10 21:51 - 2014-09-10 21:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-09-09 15:51 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-09 15:51 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-09 15:50 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-09 15:50 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-09 14:04 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-09-09 14:04 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-09-09 12:30 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-09-09 12:30 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-09-09 12:30 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-09-09 12:30 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-09-09 12:30 - 2014-07-08 22:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-09-09 12:30 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-09-09 12:30 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-09-09 12:30 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-09-09 12:30 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-09-09 12:30 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-09-09 12:30 - 2014-07-08 18:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-09-09 12:30 - 2014-07-08 18:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-09-06 09:56 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-09-06 09:56 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-09-06 09:49 - 2014-09-06 09:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-09-06 09:48 - 2014-09-06 09:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-09-06 09:48 - 2014-09-06 09:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-09-06 09:48 - 2014-09-06 09:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-09-06 03:04 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-09-06 03:04 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-09-06 03:04 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-09-06 03:04 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-09-06 03:04 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-09-06 03:04 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-09-06 03:03 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-09-06 03:03 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe ==================== One Month Modified Files and Folders =======
|
|
#9
October 6th, 2014, 05:13 PM
|
||||
|
||||
|
2nd part of Farbar scan.
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-06 12:02 - 2014-04-01 21:14 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-06 11:48 - 2011-04-12 02:25 - 01239177 _____ () C:\Windows\WindowsUpdate.log 2014-10-06 11:36 - 2014-04-02 12:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-06 10:51 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-06 10:51 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-06 10:50 - 2009-07-14 01:13 - 00862434 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-06 10:45 - 2014-06-04 11:39 - 00000000 ____D () C:\Users\Cynthia3\Tracing 2014-10-06 10:45 - 2014-04-01 21:14 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-06 10:45 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-06 10:45 - 2009-07-14 00:51 - 00045027 _____ () C:\Windows\setupact.log 2014-10-06 10:45 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration 2014-10-06 10:44 - 2014-04-01 20:24 - 00000000 ____D () C:\Users\Cynthia3\AppData\Local\CrashDumps 2014-10-06 10:09 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-10-06 09:55 - 2014-07-25 14:59 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED. txt 2014-10-06 09:55 - 2014-04-07 09:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-10-06 09:53 - 2014-04-01 20:19 - 00000000 ____D () C:\Users\Cynthia3\AppData\Roaming\HpUpdate 2014-10-06 09:52 - 2014-04-08 22:26 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronizatio n-{48F6544E-D78D-4469-B25A-11549916AFDD} 2014-10-03 21:51 - 2014-04-02 07:14 - 00003224 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCYNTHIA3-HP$ 2014-10-03 21:51 - 2014-04-02 07:14 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForCYNTHIA3-HP$.job 2014-10-02 20:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-02 12:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache 2014-09-30 23:00 - 2014-04-02 16:52 - 00000000 ____D () C:\Users\Cynthia3\AppData\Roaming\SoftGrid Client 2014-09-30 12:26 - 2011-04-12 02:39 - 00000000 ____D () C:\ProgramData\PDFC 2014-09-30 09:57 - 2014-07-22 11:34 - 00000000 ____D () C:\Users\Cynthia3\AppData\Local\visi_coupon 2014-09-28 21:39 - 2014-04-01 20:08 - 00003720 _____ () C:\Windows\System32\Tasks\Registration 2014-09-27 17:36 - 2014-04-02 12:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-27 17:36 - 2014-04-02 12:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-27 17:36 - 2014-04-02 12:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-26 23:31 - 2014-04-09 10:57 - 00000000 ____D () C:\Windows\pss 2014-09-26 12:10 - 2014-04-01 21:14 - 00000000 ____D () C:\Users\Cynthia3\AppData\Local\Google 2014-09-25 00:15 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Cynthia3\Desktop\Melvin 2014-09-24 22:29 - 2014-04-01 22:49 - 00452720 _____ () C:\Windows\PFRO.log 2014-09-24 22:27 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-09-24 22:23 - 2014-04-01 21:20 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-09-24 21:47 - 2014-04-02 16:51 - 00854556 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-24 13:59 - 2014-04-01 19:59 - 00000000 ____D () C:\Users\Cynthia3 2014-09-24 13:58 - 2014-04-02 11:20 - 00000000 ____D () C:\Program Files\LSI SoftModem 2014-09-24 13:58 - 2014-04-01 20:30 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-24 13:57 - 2014-05-27 13:49 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-24 13:57 - 2014-04-02 12:35 - 00000000 ____D () C:\Windows\system32\Macromed 2014-09-24 13:57 - 2009-07-14 03:44 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-09-24 13:57 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-09-24 13:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing 2014-09-24 13:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat 2014-09-24 13:56 - 2014-04-01 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-09-24 13:56 - 2014-04-01 20:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-24 13:56 - 2014-04-01 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless 2014-09-24 13:56 - 2014-04-01 20:00 - 00000000 ____D () C:\Users\Cynthia3\AppData\Local\Hewlett-Packard 2014-09-24 13:56 - 2011-04-12 02:48 - 00000000 ____D () C:\ProgramData\RoxioNow 2014-09-24 13:56 - 2011-04-12 02:24 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-09-24 13:56 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-09-24 13:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv 2014-09-24 13:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\inetsrv 2014-09-24 13:49 - 2014-07-25 18:13 - 00000000 ____D () C:\inetpub 2014-09-24 13:49 - 2014-04-24 22:12 - 00000000 __RHD () C:\MSOCache 2014-09-24 13:28 - 2014-04-01 22:55 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-22 02:42 - 2014-04-13 11:01 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-15 20:23 - 2014-04-01 22:55 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-12 20:49 - 2014-04-01 20:33 - 00002155 _____ () C:\Windows\epplauncher.mif 2014-09-12 20:49 - 2014-04-01 20:31 - 00002010 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-09 20:02 - 2014-04-01 20:09 - 00001415 _____ () C:\Users\Cynthia3\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Internet Explorer.lnk 2014-09-09 15:45 - 2009-07-14 00:45 - 00278976 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-06 09:49 - 2014-04-08 22:22 - 00000000 ____D () C:\ProgramData\Oracle 2014-09-06 09:49 - 2014-04-08 21:33 - 00000000 ____D () C:\Program Files (x86)\Java Some content of TEMP: ==================== C:\Users\Cynthia3\AppData\Local\Temp\air3332.exe C:\Users\Cynthia3\AppData\Local\Temp\air4911.exe C:\Users\Cynthia3\AppData\Local\Temp\air677D.exe C:\Users\Cynthia3\AppData\Local\Temp\air6B8F.exe C:\Users\Cynthia3\AppData\Local\Temp\airDCAB.exe C:\Users\Cynthia3\AppData\Local\Temp\airF7F3.exe C:\Users\Cynthia3\AppData\Local\Temp\BackupSetup.e xe C:\Users\Cynthia3\AppData\Local\Temp\F7F4_HiDefMed ia-1.1.12-win32C.exe C:\Users\Cynthia3\AppData\Local\Temp\IrsoDLL.dll C:\Users\Cynthia3\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\Cynthia3\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Cynthia3\AppData\Local\Temp\kjm5n5cc.dll C:\Users\Cynthia3\AppData\Local\Temp\mixcraft6-b217-setup.exe C:\Users\Cynthia3\AppData\Local\Temp\nscC5D2.exe C:\Users\Cynthia3\AppData\Local\Temp\nsn1CDB.exe C:\Users\Cynthia3\AppData\Local\Temp\nsrD56C.exe C:\Users\Cynthia3\AppData\Local\Temp\nsx4DDA.exe C:\Users\Cynthia3\AppData\Local\Temp\nsyDD4A.exe C:\Users\Cynthia3\AppData\Local\Temp\RecoveryMgr.e xe C:\Users\Cynthia3\AppData\Local\Temp\setup.exe C:\Users\Cynthia3\AppData\Local\Temp\sp58915.exe C:\Users\Cynthia3\AppData\Local\Temp\UninstallHPSA .exe C:\Users\Cynthia3\AppData\Local\Temp\UninstallHPTC A.exe C:\Users\Cynthia3\AppData\Local\Temp\{7DD6F6FF-E8CF-4646-8018-52DC2FBA05FC}-35.0.1916.114_chrome_installer.exe C:\Users\Cynthia3\AppData\Local\Temp\{BF6BFD1C-9566-4DF6-A37F-D06BEC3638EF}-37.0.2062.103_chrome_installer.exe C:\Users\Cynthia3\AppData\Local\Temp\{C67DE273-F3A7-4FB5-9440-898107DD6413}-37.0.2062.103_36.0.1985.125_chrome_updater.exe C:\Users\Cynthia3\AppData\Local\Temp\{D3C4642A-131D-4FD6-9A9E-2CDAE86BA8B7}-37.0.2062.103_chrome_installer.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-26 11:55 ==================== End Of Log ============================
|
|
#10
October 6th, 2014, 05:15 PM
|
||||
|
||||
|
I am dloading the additional txt here:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 Ran by Cynthia3 at 2014-10-06 12:06:28 Running from C:\Users\Cynthia3\Desktop Boot Mode: Normal ================================================== ======== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1} AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.) Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation) Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blio (HKLM-x32\...\{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}) (Version: 2.0.5350 - K-NFB Reading Technology, Inc.) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Core Implementation (x32 Version: 2010.0511.2153.37435 - ATI) Hidden Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0511.2153.37435 - ATI) Hidden Catalyst Control Center Graphics Full New (x32 Version: 2010.0511.2153.37435 - ATI) Hidden Catalyst Control Center Graphics Light (x32 Version: 2010.0511.2153.37435 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0511.2153.37435 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0511.2153.37435 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2010.0511.2153.37435 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Czech (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Danish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Dutch (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help English (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Finnish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help French (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help German (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Greek (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Hungarian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Italian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Japanese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Korean (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Norwegian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Polish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Portuguese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Russian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Spanish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Swedish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Thai (x32 Version: 2010.0511.2152.37435 - ATI) Hidden CCC Help Turkish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden ccc-utility64 (Version: 2010.0511.2153.37435 - ATI) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.) CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{4268BF51-DFDF-4178-8B8D-5D5752FCAA58}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{1AB4DB8C-4123-45DC-B896-C67990F76DA4}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Game Console (x32 Version: - WildTangent) Hidden HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent) HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard) HP MovieStore (x32 Version: 1.0.027 - Hewlett-Packard) Hidden HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife) HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard) Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.) LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe) LSI USB 2.0 Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.95 - LSI Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company) Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.) PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 - NewspaperDirect Inc.) Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.26.0 - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.0 - Safer Networking Limited) Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.) Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70 529A702D19D.1) (Version: 4.0.3184 - Zinio LLC) Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 25-09-2014 01:45:05 Windows Update 25-09-2014 03:57:31 Windows Update 27-09-2014 01:55:51 Windows Update 02-10-2014 00:41:21 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0913AD3B-C1D1-40ED-A25E-C364169A91F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-09-26] (Microsoft) Task: {18139BB2-EC5B-4B91-9325-30AA20D21DFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {3568632B-0363-4BDE-918B-BB42D319B23D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-01] (Google Inc.) Task: {3BCBAD56-E888-4F57-9405-CE359FB4EBB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {42D2CAA5-22F9-403D-BCA1-C27F4DAD2EE0} - System32\Tasks\HPCeeScheduleForCynthia3 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {4E420939-0190-4B01-B6D1-1D2FAA8401B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-01] (Google Inc.) Task: {5B7252EC-C575-4EC3-AD61-899BE2613A17} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2013-01-09] (Hewlett-Packard) Task: {5E25110A-D9DD-4488-ADD7-00C900201056} - System32\Tasks\{89179D46-CEBB-4B0C-B5F2-DB6516FF4A16} => C:\Users\Cynthia3\Downloads\mbam-setup-2.0.2.1012.exe [2014-10-02] () Task: {630E59BE-807B-4E3D-BEB5-45CE258F3C86} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {66344A38-0925-4921-8A93-25681CBFC8CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe [2014-03-21] (Hewlett-Packard) Task: {6B1D6110-9F43-473F-A210-C77181F0B2EF} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] () Task: {805DC5BF-301A-4245-AE59-E0F675854F7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe [2014-03-21] (Hewlett-Packard) Task: {ACDFF13D-5830-4EA3-9B19-E962A9F0577C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {C7238700-20BC-49A7-B0FB-9FCF7D9D30BA} - System32\Tasks\PhotoProduct.exe => C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe [2010-07-01] (Visan / RocketLife) Task: {D6385846-2EC8-49F8-BA29-C4F8B374D03B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2014-09-27] (Adobe Systems Incorporated) Task: {E6FC4016-A473-4668-B505-EEA4177D67C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {E8D739C8-E75B-4065-87F8-2304CAC2A2AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN1911G0Z7 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe [2014-03-21] (Hewlett-Packard) Task: {F2E0EDAE-6FB5-4A63-AA24-16F82DA96732} - System32\Tasks\HPCeeScheduleForCYNTHIA3-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForCYNTHIA3-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForCynthia3.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2009-06-08 19:45 - 2009-06-08 19:45 - 00098304 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-04-12 02:31 - 2011-04-12 02:31 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDispl ay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CL I.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-06-04 12:07 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll 2014-06-04 11:27 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll 2014-04-01 20:13 - 2013-03-27 10:47 - 01206576 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll 2014-04-01 20:10 - 2010-09-28 14:59 - 12286008 _____ () C:\Users\Cynthia3\AppData\Roaming\PictureMover\Bin \Core.dll 2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2014-04-01 20:10 - 2010-09-28 15:10 - 01699384 _____ () C:\Users\Cynthia3\AppData\Roaming\PictureMover\EN-US\Presentation.dll 2014-09-24 22:22 - 2014-09-23 00:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libg lesv2.dll 2014-09-24 22:22 - 2014-09-23 00:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libe gl.dll 2014-09-24 22:22 - 2014-09-23 00:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf. dll 2014-09-24 22:22 - 2014-09-23 00:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGo ogleNaClPluginChrome.dll 2014-09-24 22:22 - 2014-09-23 00:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmp egsumo.dll 2014-09-24 22:22 - 2014-09-23 00:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Pepp erFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: CltMngSvc => 2 MSCONFIG\Services: NOBU => 2 ========================= Accounts: ========================== Administrator (S-1-5-21-2204247192-763932463-2249620297-500 - Administrator - Disabled) Cynthia3 (S-1-5-21-2204247192-763932463-2249620297-1000 - Administrator - Enabled) => C:\Users\Cynthia3 Guest (S-1-5-21-2204247192-763932463-2249620297-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/06/2014 10:44:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill.exe, version: 2.6.8.0, time stamp: 0x53e3c8a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x020b8739 Faulting process id: 0x244 Faulting application start time: 0xrkill.exe0 Faulting application path: rkill.exe1 Faulting module path: rkill.exe2 Report Id: rkill.exe3 Error: (10/06/2014 10:35:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: OTL (1).exe, version: 3.2.69.0, time stamp: 0x2a425e19 Faulting module name: OTL (1).exe, version: 3.2.69.0, time stamp: 0x2a425e19 Exception code: 0xc0000005 Fault offset: 0x00001000 Faulting process id: 0x66c Faulting application start time: 0xOTL (1).exe0 Faulting application path: OTL (1).exe1 Faulting module path: OTL (1).exe2 Report Id: OTL (1).exe3 Error: (10/06/2014 10:35:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill.exe, version: 2.6.8.0, time stamp: 0x53e3c8a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00dd8739 Faulting process id: 0x544 Faulting application start time: 0xrkill.exe0 Faulting application path: rkill.exe1 Faulting module path: rkill.exe2 Report Id: rkill.exe3 Error: (10/06/2014 10:27:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill.exe, version: 2.6.8.0, time stamp: 0x53e3c8a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x022d8739 Faulting process id: 0x19b8 Faulting application start time: 0xrkill.exe0 Faulting application path: rkill.exe1 Faulting module path: rkill.exe2 Report Id: rkill.exe3 Error: (10/03/2014 05:16:24 PM) (Source: EventSystem) (EventID: 4622) (User: ) Description: 80070005{5FD46170-7FF9-4A9F-B172-86F0AF9C1DD6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (10/03/2014 05:16:24 PM) (Source: EventSystem) (EventID: 4622) (User: ) Description: 8007071a{5FD46170-7FF9-4A9F-B172-86F0AF9C1DD6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (10/03/2014 04:10:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: YahooMessenger.exe, version: 11.5.0.228, time stamp: 0x4fbf6b79 Faulting module name: Flash32_15_0_0_167.ocx, version: 15.0.0.167, time stamp: 0x541384c0 Exception code: 0xc0000005 Fault offset: 0x001ffba0 Faulting process id: 0xb24 Faulting application start time: 0xYahooMessenger.exe0 Faulting application path: YahooMessenger.exe1 Faulting module path: YahooMessenger.exe2 Report Id: YahooMessenger.exe3 Error: (10/03/2014 03:41:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill.exe, version: 2.6.8.0, time stamp: 0x53e3c8a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x01f38739 Faulting process id: 0x1648 Faulting application start time: 0xrkill.exe0 Faulting application path: rkill.exe1 Faulting module path: rkill.exe2 Report Id: rkill.exe3 Error: (10/02/2014 07:51:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill.exe, version: 2.6.8.0, time stamp: 0x53e3c8a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0xffed8739 Faulting process id: 0xc5c Faulting application start time: 0xrkill.exe0 Faulting application path: rkill.exe1 Faulting module path: rkill.exe2 Report Id: rkill.exe3 Error: (10/02/2014 07:51:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill.exe, version: 2.6.8.0, time stamp: 0x53e3c8a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0xffed8739 Faulting process id: 0x1798 Faulting application start time: 0xrkill.exe0 Faulting application path: rkill.exe1 Faulting module path: rkill.exe2 Report Id: rkill.exe3 System errors: ============= Error: (10/06/2014 11:48:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.185.2162.0 Update Source: %NT AUTHORITY59 Update Stage: 4.6.0305.00 Source Path: 4.6.0305.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (10/06/2014 11:48:53 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.185.2162.0 Update Source: %NT AUTHORITY59 Update Stage: 4.6.0305.00 Source Path: 4.6.0305.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (10/06/2014 10:58:13 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.185.2162.0 Update Source: %NT AUTHORITY59 Update Stage: 4.6.0305.00 Source Path: 4.6.0305.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (10/06/2014 10:58:13 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.185.2162.0 Update Source: %NT AUTHORITY59 Update Stage: 4.6.0305.00 Source Path: 4.6.0305.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (10/06/2014 10:46:07 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed. Error: (10/06/2014 10:46:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The HP Software Framework Service service failed to start due to the following error: %%1053 Error: (10/06/2014 10:46:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect. Error: (10/06/2014 10:44:22 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {3EB3C877-1F16-487C-9050-104DBCD66683} Error: (10/06/2014 10:34:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (10/06/2014 10:34:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= Error: (10/06/2014 10:44:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: rkill.exe2.6.8.053e3c8a8unknown0.0.0.000000000c000 0005020b873924401cfe173f26fb8fbC:\Users\Cynthia3\D esktop\rkill.exeunknown391553c1-4d67-11e4-a386-78acc0ac744c Error: (10/06/2014 10:35:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: OTL (1).exe3.2.69.02a425e19OTL (1).exe3.2.69.02a425e19c00000050000100066c01cfe172 cf33fd53C:\Users\Cynthia3\Desktop\OTL (1).exeC:\Users\Cynthia3\Desktop\OTL (1).exe15d4d559-4d66-11e4-a386-78acc0ac744c Error: (10/06/2014 10:35:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: rkill.exe2.6.8.053e3c8a8unknown0.0.0.000000000c000 000500dd873954401cfe172b54c439dC:\Users\Cynthia3\D esktop\rkill.exeunknownfc8a3676-4d65-11e4-a386-78acc0ac744c Error: (10/06/2014 10:27:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: rkill.exe2.6.8.053e3c8a8unknown0.0.0.000000000c000 0005022d873919b801cfe171b7f98c0bC:\Users\Cynthia3\ Desktop\rkill.exeunknownf5d1a408-4d64-11e4-9dfa-78acc0ac744c Error: (10/03/2014 05:16:24 PM) (Source: EventSystem) (EventID: 4622) (User: ) Description: 80070005{5FD46170-7FF9-4A9F-B172-86F0AF9C1DD6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (10/03/2014 05:16:24 PM) (Source: EventSystem) (EventID: 4622) (User: ) Description: 8007071a{5FD46170-7FF9-4A9F-B172-86F0AF9C1DD6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (10/03/2014 04:10:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: YahooMessenger.exe11.5.0.2284fbf6b79Flash32_15_0_0 _167.ocx15.0.0.167541384c0c0000005001ffba0b2401cfd f41dd91ba25C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exeC:\Window s\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx63 260422-4b39-11e4-a7b5-78acc0ac744c Error: (10/03/2014 03:41:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: rkill.exe2.6.8.053e3c8a8unknown0.0.0.000000000c000 000501f38739164801cfdf4202627469C:\Users\Cynthia3\ Desktop\rkill.exeunknown40b73848-4b35-11e4-a7b5-78acc0ac744c Error: (10/02/2014 07:51:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: rkill.exe2.6.8.053e3c8a8unknown0.0.0.000000000c000 0005ffed8739c5c01cfde9bd6d89f09C:\Users\Cynthia3\D esktop\rkill.exeunknown1491209f-4a8f-11e4-95a4-78acc0ac744c Error: (10/02/2014 07:51:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: rkill.exe2.6.8.053e3c8a8unknown0.0.0.000000000c000 0005ffed8739179801cfde9bd565f6ccC:\Users\Cynthia3\ Desktop\rkill.exeunknown13938308-4a8f-11e4-95a4-78acc0ac744c ==================== Memory info =========================== Processor: AMD Athlon(tm) II 170u Processor Percentage of memory in use: 69% Total physical RAM: 1791.29 MB Available physical RAM: 538.88 MB Total Pagefile: 3582.57 MB Available Pagefile: 1022.4 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:454.18 GB) (Free:400.91 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:11.48 GB) (Free:1.37 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ================================================== ====== Disk: 0 (Size: 465.8 GB) (Disk ID: 47534A57) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=454.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================
|
|
#12
October 8th, 2014, 12:39 AM
|
||||
|
||||
|
I replied to my original post... but the replies are here, I couldn't do the Rkill or the OTL, so I was hoping that since I was able to do the farbar scan it might be helpful to show something that needs to be corrected.
|
|
#13
October 8th, 2014, 07:47 PM
|
||||
|
||||
|
Farbar shows some adware files, but little else. A few things, and please read carefully.
1 - Did you install and are you now using Firefox? It does not show in these logs. The purpose of that suggestion was to eliminate downloads failing due to being invalid or corrupted. 2 - I did not ask for rkill, but did ask for RogueKiller. What happened to that log? 3 - Quote:
|
|
#14
October 12th, 2014, 08:27 PM
|
||||
|
||||
|
RogueKiller wouldn't open it's saying the file is invalid. This PC is supposed to be 64-bit, if this helps any. Should I try to dload from a different PC, and put on a flash drive... I'm running Vista too, upstairs.
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| Windows 7 Home machine is now slow- Moved by Murf | littlebadboy | Malware Removal | 10 | June 8th, 2013 04:38 PM |
| Windows Home Premium 64-bit system very slow and can't update | elijahj04 | Windows Vista | 1 | May 22nd, 2013 03:02 AM |
| Win7 Home Premium 64-bit to Win7 Ultimate 32-bit? | abbyqueue | Windows 7 | 1 | August 21st, 2011 09:08 AM |
| Win7 Home Premium Sleep Mode/Powering Off | BuzWeaver | Windows 7 | 4 | March 2nd, 2011 03:55 AM |
| Win Update in Win XP Home fails to load | niteloner | Windows XP | 3 | March 4th, 2005 03:08 AM |
All times are GMT +1. The time now is 09:42 PM.