Jump to content


Photo
- - - - -

Pop Ups Galore


  • This topic is locked This topic is locked
8 replies to this topic

#1 indfin

indfin

    Enthusiast

  • Members
  • PipPipPipPip
  • 101 posts

Posted 22 October 2015 - 10:01 AM

Hi Guestolo,

 

Posting after many months.  Hope you are well.

 

The computer is taken up with pop-ups to the extent that it is almost unuseable.  When trying to run HijackThis, got a message (which I have attached here) advising to 'Run As Administrator.' Ran one regularly and one as admin.  Don't know if there is a difference, but posting both logs here. Any help is much appreciated.

 

HijackThis Log:

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:40:34 AM, on 10/22/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)

FIREFOX: 41.0.2 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 7.15\Pmsb.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
C:\Users\Maki\Desktop\Clean Comp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={35D27F18-01E9-413A-BF6D-6F53A77CCE94}&mid=d66ecd75d46b47d19fb6294607f44aeb-f7ff1378a426fe751d1207eefe5a76961ad5bc8e&lang=en&ds=AVG&coid=avgtbavg&cmpid=1114tb&pr=fr&d=2014-02-07 08:07:30&v=18.9.0.231&pid=safeguard&sg=0&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.9.0.231\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.9.0.231\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1445279719
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_207_Plugin.exe -update plugin


O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.9.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: CatWSPrx - Catalytix Web Services - C:\Users\Maki\AppData\Local\ArcadeGiant\cat\CatWSPrx.exe
O23 - Service: CyberLink Product - 2011/02/27 20:47:31 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Fax - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: File Backup Service (File Backup) - Starfield Technologies - C:\Program Files (x86)\Workspace\offSyncService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files (x86)\PasswordBox\pbbtnService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SWUpdaterSvc (SWUpdater) - Weather Protector LLC - C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.9.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12135 bytes

________________________________________________________

 

HijackThis Log as Admin:

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:46:34 AM, on 10/22/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)

FIREFOX: 41.0.2 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 7.15\Pmsb.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Users\Maki\Desktop\Clean Comp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={35D27F18-01E9-413A-BF6D-6F53A77CCE94}&mid=d66ecd75d46b47d19fb6294607f44aeb-f7ff1378a426fe751d1207eefe5a76961ad5bc8e&lang=en&ds=AVG&coid=avgtbavg&cmpid=1114tb&pr=fr&d=2014-02-07 08:07:30&v=18.9.0.231&pid=safeguard&sg=0&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.9.0.231\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.9.0.231\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1445279719
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_207_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1009368379-2178790430-168169824-1000\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin (User 'Hudson Montessori')


O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\catwsprx.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.9.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: CatWSPrx - Catalytix Web Services - C:\Users\Maki\AppData\Local\ArcadeGiant\cat\CatWSPrx.exe
O23 - Service: CyberLink Product - 2011/02/27 20:47:31 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Fax - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: File Backup Service (File Backup) - Starfield Technologies - C:\Program Files (x86)\Workspace\offSyncService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files (x86)\PasswordBox\pbbtnService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SWUpdaterSvc (SWUpdater) - Weather Protector LLC - C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.9.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12548 bytes
 


  • RabertViz likes this

#2 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 23 October 2015 - 07:16 PM

Try to do any or All of the following please

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.

Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished and the PC has rebooted.
Please post the content of that log file with your next answer.

You can also find the log file at C:\AdwCleaner

 

In addition:

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Also:

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt).
Copy and paste it's contents also


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#3 indfin

indfin

    Enthusiast

  • Members
  • PipPipPipPip
  • 101 posts

Posted 26 October 2015 - 03:32 PM

Hi Guestolo,

 

Sorry for taking this long to reply.  Soon after posting my issues on this site, I uninstalled Taplika and Arcade Giant from the computer.  I also ran AdwCleaner and Malwarebytes.

 

Following is the log from AdwCleaner I ran on October 22:

 

# AdwCleaner v5.014 - Logfile created 22/10/2015 at 13:47:54
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Maki - NEWOFFICE
# Running from : C:\Users\Maki\Downloads\adwcleaner_5.014.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : vToolbarUpdater18.9.0

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found : C:\Program Files (x86)\AVG Security Toolbar
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\AVG SafeGuard toolbar
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Avg_Update_0215tb
Folder Found : C:\ProgramData\Avg_Update_0814tb
Folder Found : C:\ProgramData\Avg_Update_1114tb
Folder Found : C:\ProgramData\Avg_Update_1214tb
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
Folder Found : C:\Users\Hudson Montessori\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Hudson Montessori\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\Maki\AppData\Local\ArcadeGiant
Folder Found : C:\Users\Maki\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Maki\AppData\Local\UpdateAdmin
Folder Found : C:\Users\Maki\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\Maki\AppData\Roaming\WSE_Taplika
Folder Found : C:\Users\Others\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Others\AppData\LocalLow\AVG SafeGuard toolbar

***** [ Files ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Hudson Montessori\AppData\Roaming\Mozilla\Firefox\Profiles\4es6rf63.default\searchplugins\Taplika.xml
File Found : C:\Users\Hudson Montessori\AppData\Roaming\Mozilla\Firefox\Profiles\4es6rf63.default\searchplugins\Taplika.xml
File Found : C:\Users\Others\AppData\Roaming\Mozilla\Firefox\Profiles\t2m1t5o1.default\searchplugins\Taplika.xml
File Found : C:\Users\Others\AppData\Roaming\Mozilla\Firefox\Profiles\t2m1t5o1.default\searchplugins\Taplika.xml
File Found : C:\Windows\SysWOW64\CatWSPrx.dll

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : WSE_Taplika

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{589B893E-773C-4941-88C2-0DCC718E621C}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Key Found : HKU\.DEFAULT\Software\Avg Secure Update
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\StormWatchApp
Key Found : HKCU\Software\Avg Secure Update
Key Found : HKCU\Software\DownloadAdmin
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\AVG Security Toolbar
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\StormWatchApp
Key Found : [x64] HKCU\Software\Avg Secure Update
Key Found : [x64] HKCU\Software\DownloadAdmin
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\324B4B70AD4E1D7438725B98BEB4BE85
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\324B4B70AD4E1D7438725B98BEB4BE85
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\324B4B70AD4E1D7438725B98BEB4BE85

***** [ Web browsers ] *****




########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10524 bytes] ##########

_________________________________________________________________________

 

Following is the log from AdwCleaner I ran today (October 26)

 

# AdwCleaner v5.015 - Logfile created 26/10/2015 at 16:42:39
# Updated 26/10/2015 by Xplode
# Database : 2015-10-26.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Maki - NEWOFFICE
# Running from : C:\Users\Maki\Downloads\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater18.9.0

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1114tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1214tb
[-] Folder Deleted : C:\Users\Hudson Montessori\AppData\Local\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Hudson Montessori\AppData\LocalLow\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Maki\AppData\Local\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Maki\AppData\LocalLow\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Others\AppData\Local\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Others\AppData\LocalLow\AVG SafeGuard toolbar

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\DownloadAdmin
[-] Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[!] Key Not Deleted : [x64] HKCU\Software\AVG SafeGuard toolbar
[!] Key Not Deleted : [x64] HKCU\Software\AVG Security Toolbar
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\DownloadAdmin
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\324B4B70AD4E1D7438725B98BEB4BE85
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\324B4B70AD4E1D7438725B98BEB4BE85
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\324B4B70AD4E1D7438725B98BEB4BE85

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9436 bytes] ##########

____________________________________________________________________________

 

Following is the JRT text:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Maki on Mon 10/26/2015 at 16:53:46.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Maki\Appdata\Local\{34CC3BE3-D79E-4823-8176-33414ED2AEAC}
Successfully deleted: [Empty Folder] C:\Users\Maki\Appdata\Local\{4AC160E2-940F-400C-A8EF-5E302B1B1BB1}
Successfully deleted: [Empty Folder] C:\Users\Maki\Appdata\Local\{5D2C5302-5028-4864-B078-D4C2145AB60C}
Successfully deleted: [Empty Folder] C:\Users\Maki\Appdata\Local\{6B8E2DBD-5092-4EA9-849D-0BD2741AF231}
Successfully deleted: [Empty Folder] C:\Users\Maki\Appdata\Local\{6D8FC7C8-1FA1-4D52-B635-00CFF1991E76}
Successfully deleted: [Empty Folder] C:\Users\Maki\Appdata\Local\{7E2D37B2-CA0C-46D6-BA79-EE1A23CC1FD1}
Successfully deleted: [Empty Folder] C:\Users\Maki\Appdata\Local\{9637877F-C33D-49B7-AEE2-6E7DC339E299}
Successfully deleted: [Folder] C:\Program Files (x86)\newsoft
Successfully deleted: [Folder] C:\Users\Maki\Appdata\Local\newsoft
Successfully deleted: [Folder] C:\Users\Maki\AppData\Roaming\newsoft
Successfully deleted: [Folder] C:\Users\Maki\Documents\my pagemanager





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/26/2015 at 16:57:04.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

______________________________________________________________________

 

Following is the FRST text:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by Maki (administrator) on NEWOFFICE (26-10-2015 17:01:33)
Running from C:\Users\Maki\Downloads
Loaded Profiles: Maki (Available Profiles: Hudson Montessori & Maki & Others)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3779496 2015-10-19] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1009368379-2178790430-168169824-1001\...\MountPoints2: {a5a9f00f-8eff-11e1-819a-f80f4110aa02} - J:\LaunchU3.exe -a
HKU\S-1-5-21-1009368379-2178790430-168169824-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Gateway.scr [456224 2010-07-29] ()
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {69925D1B-6A0F-4413-861A-81AB98039DB9} => C:\Windows\system32\SSCbFsMntNtf3.dll [2013-01-30] (EldoS Corporation)
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2014-05-29] (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2014-05-29] (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-04-30] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-04-30] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncSharedSyncing] -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-04-30] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncSynced] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-04-30] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {69925D1B-6A0F-4413-861A-81AB98039DB9} => C:\Windows\SysWOW64\SSCbFsMntNtf3.dll [2013-01-30] (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.191.119.229
Tcpip\..\Interfaces\{5BA2FE77-B181-416E-AE4C-B8A5566F4425}: [DhcpNameServer] 10.191.119.229

Internet Explorer:
==================





BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2009-03-27] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Maki\AppData\Roaming\Mozilla\Firefox\Profiles\4bc7732s.default-1445535616325
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1009368379-2178790430-168169824-1001: @starfield.com/off -> C:\Users\Maki\AppData\Roaming\Mozilla\Plugins\npoff.dll [2014-10-23] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-1009368379-2178790430-168169824-1001: @starfield.com/off64 -> C:\Users\Maki\AppData\Roaming\Mozilla\Plugins\npoff64.dll [2014-10-23] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-1009368379-2178790430-168169824-1001: @starfield.com/wbe -> C:\Users\Maki\AppData\Roaming\Mozilla\Plugins\npwbe.dll [2014-05-29] (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-1009368379-2178790430-168169824-1001: @starfield.com/wbe64 -> C:\Users\Maki\AppData\Roaming\Mozilla\Plugins\npwbe64.dll [2014-05-29] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Maki\AppData\Roaming\mozilla\plugins\npoff.dll [2014-10-23] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Maki\AppData\Roaming\mozilla\plugins\npoff64.dll [2014-10-23] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Maki\AppData\Roaming\mozilla\plugins\npwbe.dll [2014-05-29] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Maki\AppData\Roaming\mozilla\plugins\npwbe64.dll [2014-05-29] (Starfield Technology, LLC)
FF Extension: WBE Paste - C:\Users\Maki\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2014-05-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-19] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-19] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [254448 2010-10-08] (CyberLink)
S2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675712 2012-11-05] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SSCBFS3; C:\Windows\System32\DRIVERS\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 PCDSRVC{A368CD8C-C6A10117-06020101}_0; \??\c:\users\hudson~1\appdata\local\temp\s_tg3hioz.ux\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 17:01 - 2015-10-26 17:01 - 00014912 _____ C:\Users\Maki\Downloads\FRST.txt
2015-10-26 17:01 - 2015-10-26 17:01 - 00000000 ____D C:\FRST
2015-10-26 16:59 - 2015-10-26 17:00 - 02197504 _____ (Farbar) C:\Users\Maki\Downloads\FRST64.exe
2015-10-26 16:57 - 2015-10-26 16:57 - 00001621 _____ C:\Users\Maki\Desktop\JRT.txt
2015-10-26 16:51 - 2015-10-26 16:51 - 01801288 _____ (Malwarebytes) C:\Users\Maki\Downloads\JRT.exe
2015-10-26 16:37 - 2015-10-26 16:37 - 01694208 _____ C:\Users\Maki\Downloads\adwcleaner_5.015.exe
2015-10-22 15:51 - 2015-10-22 15:51 - 00000000 ____D C:\Users\Maki\AppData\Local\CEF
2015-10-22 13:53 - 2015-10-26 16:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-22 13:53 - 2015-10-22 13:53 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-22 13:53 - 2015-10-22 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-22 13:53 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-22 13:53 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-22 13:51 - 2015-10-22 13:51 - 00000000 ____D C:\Users\Maki\AppData\Roaming\Malwarebytes
2015-10-22 13:47 - 2015-10-26 16:46 - 00000000 ____D C:\AdwCleaner
2015-10-22 13:46 - 2015-10-22 13:46 - 01691648 _____ C:\Users\Maki\Downloads\adwcleaner_5.014.exe
2015-10-22 13:40 - 2015-10-22 13:40 - 00000000 ____D C:\Users\Maki\Desktop\Old Firefox Data
2015-10-22 12:37 - 2015-10-22 12:32 - 00278624 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-10-22 12:37 - 2012-05-04 19:29 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2015-10-22 12:37 - 2012-05-04 19:29 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-10-22 12:36 - 2015-10-22 12:36 - 00000000 ____D C:\Users\Maki\AppData\Roaming\Oracle
2015-10-22 12:32 - 2015-10-22 12:32 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-22 12:32 - 2015-10-22 12:32 - 00000000 ____D C:\Users\Maki\AppData\Roaming\Sun
2015-10-22 12:32 - 2015-10-22 12:32 - 00000000 ____D C:\Users\Maki\.oracle_jre_usage
2015-10-22 12:32 - 2015-10-22 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-22 12:31 - 2015-10-22 12:31 - 00000000 ____D C:\Users\Maki\AppData\LocalLow\Oracle
2015-10-22 12:11 - 2015-10-22 12:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-22 12:10 - 2015-10-22 13:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-22 12:10 - 2015-10-22 12:10 - 00002054 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-10-22 11:30 - 2015-10-26 16:57 - 00000000 ____D C:\Users\Maki\Desktop\Clean Comp
2015-10-20 10:03 - 2015-10-20 10:03 - 03996360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-10-19 13:32 - 2015-10-19 13:32 - 00315312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-10-16 08:37 - 2015-10-22 13:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 08:41 - 2015-09-18 15:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 08:41 - 2015-09-18 15:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 08:41 - 2015-09-18 15:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 08:41 - 2015-09-18 15:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 08:41 - 2015-09-18 15:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 08:41 - 2015-09-18 15:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 08:41 - 2015-09-18 15:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 12:17 - 2015-10-14 12:18 - 00000000 ____D C:\Users\Maki\Documents\Progress Report
2015-10-14 08:33 - 2015-09-25 14:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 08:33 - 2015-09-25 14:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 08:33 - 2015-09-25 14:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 08:33 - 2015-09-25 14:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 08:33 - 2015-09-25 14:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 08:33 - 2015-09-25 14:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 08:33 - 2015-09-25 14:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 08:33 - 2015-09-25 14:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 08:33 - 2015-09-25 14:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 08:33 - 2015-09-25 14:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 08:33 - 2015-09-25 14:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 08:33 - 2015-09-25 13:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 08:33 - 2015-09-25 13:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 08:33 - 2015-09-25 13:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 08:33 - 2015-09-25 13:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 08:33 - 2015-09-25 13:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 08:33 - 2015-09-18 15:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 08:33 - 2015-09-18 14:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 08:33 - 2015-09-16 00:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 08:33 - 2015-09-16 00:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 08:33 - 2015-09-16 00:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 08:33 - 2015-09-16 00:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 08:33 - 2015-09-16 00:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 08:33 - 2015-09-16 00:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 08:33 - 2015-09-16 00:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 08:33 - 2015-09-16 00:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 08:33 - 2015-09-16 00:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 08:33 - 2015-09-16 00:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 08:33 - 2015-09-16 00:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 08:33 - 2015-09-16 00:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 08:33 - 2015-09-16 00:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 08:33 - 2015-09-16 00:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 08:33 - 2015-09-16 00:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 08:33 - 2015-09-16 00:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 08:33 - 2015-09-16 00:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 08:33 - 2015-09-16 00:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 08:33 - 2015-09-15 23:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 08:33 - 2015-09-15 23:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 08:33 - 2015-09-15 23:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 08:33 - 2015-09-15 23:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 08:33 - 2015-09-15 23:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 08:33 - 2015-09-15 23:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 08:33 - 2015-09-15 23:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 08:33 - 2015-09-15 23:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 08:33 - 2015-09-15 23:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 08:33 - 2015-09-15 23:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 08:33 - 2015-09-15 23:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 08:33 - 2015-09-15 23:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 08:33 - 2015-09-15 23:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 08:33 - 2015-09-15 23:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 08:33 - 2015-09-15 23:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 08:33 - 2015-09-15 23:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 08:33 - 2015-09-15 23:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 08:33 - 2015-09-15 23:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 08:33 - 2015-09-15 23:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 08:33 - 2015-09-15 23:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 08:33 - 2015-09-15 23:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 08:33 - 2015-09-15 23:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 08:33 - 2015-09-15 23:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 08:33 - 2015-09-15 23:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 08:33 - 2015-09-15 23:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 08:33 - 2015-09-15 23:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 08:33 - 2015-09-15 23:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 08:33 - 2015-09-15 23:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 08:33 - 2015-09-15 23:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 08:33 - 2015-09-15 23:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 08:33 - 2015-09-15 23:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 08:33 - 2015-09-15 23:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 08:33 - 2015-09-15 23:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 08:33 - 2015-09-15 23:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 08:33 - 2015-09-15 22:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 08:33 - 2015-09-15 22:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 08:33 - 2015-09-15 22:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 08:33 - 2015-09-15 22:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 08:33 - 2015-09-15 22:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 08:33 - 2015-09-15 22:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 08:33 - 2015-09-15 22:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 08:33 - 2015-09-15 22:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 08:33 - 2015-09-15 22:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 08:33 - 2015-09-15 22:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 08:33 - 2015-08-06 14:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 08:33 - 2015-08-06 14:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 08:33 - 2015-08-06 13:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 08:33 - 2015-08-06 13:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 08:32 - 2015-10-01 14:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 08:32 - 2015-10-01 14:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 08:32 - 2015-10-01 14:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 08:32 - 2015-10-01 14:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 08:32 - 2015-10-01 14:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 08:32 - 2015-10-01 14:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 08:32 - 2015-10-01 14:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 08:32 - 2015-10-01 13:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 08:32 - 2015-10-01 13:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 08:32 - 2015-09-28 23:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 08:32 - 2015-09-28 23:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 08:32 - 2015-09-28 23:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 08:32 - 2015-09-28 23:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 08:32 - 2015-09-28 23:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 08:32 - 2015-09-28 23:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 08:32 - 2015-09-28 23:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 08:32 - 2015-09-28 23:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 08:32 - 2015-09-28 23:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 08:32 - 2015-09-28 23:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 08:32 - 2015-09-28 23:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 08:32 - 2015-09-28 23:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 08:32 - 2015-09-28 23:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 08:32 - 2015-09-28 22:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 08:32 - 2015-09-28 22:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 08:32 - 2015-09-28 22:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 08:32 - 2015-09-28 22:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 08:32 - 2015-09-28 22:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 08:32 - 2015-09-28 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 08:32 - 2015-09-28 22:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 08:32 - 2015-09-28 22:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 08:32 - 2015-09-28 22:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 08:32 - 2015-09-28 22:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 08:32 - 2015-09-28 22:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 08:32 - 2015-09-28 22:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 08:32 - 2015-09-28 22:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 08:32 - 2015-09-28 22:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 08:32 - 2015-09-28 22:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 21:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 08:32 - 2015-09-28 21:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 08:32 - 2015-09-28 21:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 08:32 - 2015-09-28 21:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 08:32 - 2015-09-28 21:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 08:32 - 2015-09-28 21:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 21:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 21:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:32 - 2015-09-28 21:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:32 - 2015-09-15 14:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 08:32 - 2015-09-15 14:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 08:32 - 2015-09-15 14:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 08:32 - 2015-09-15 14:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 08:32 - 2015-09-15 14:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 08:32 - 2015-09-15 14:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 08:32 - 2015-09-15 14:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 08:32 - 2015-09-15 14:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 08:32 - 2015-09-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 08:32 - 2015-09-15 13:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 08:32 - 2015-09-15 13:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 08:32 - 2015-09-15 13:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 08:32 - 2015-09-15 13:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:32 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 09:19 - 2015-10-13 09:47 - 00000000 ____D C:\Users\Maki\Documents\Sendgrid PDFs
2015-10-09 15:04 - 2015-10-16 16:02 - 00000000 ____D C:\Users\Maki\Documents\Observation Forms for Staff
2015-10-02 16:21 - 2015-10-02 16:22 - 00000000 ____D C:\Users\Maki\Documents\Rosy Red Newsletter 2015-2016
2015-09-30 15:02 - 2015-10-02 16:22 - 00000000 ____D C:\Users\Maki\Documents\Archived Emails
2015-09-30 13:12 - 2015-10-01 11:16 - 00000000 ____D C:\Users\Maki\Documents\Emails To Be Shared (2015-2016)
2015-09-29 11:50 - 2015-09-29 11:56 - 00000000 ____D C:\Users\Maki\Documents\Back To School Night
2015-09-29 10:32 - 2015-09-29 10:33 - 00000000 ____D C:\Users\Maki\Documents\Sunny Yellow Narratives
2015-09-29 10:14 - 2015-10-05 19:38 - 00000000 ____D C:\Users\Maki\Documents\Farm Field Trips

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 16:52 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 16:52 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-26 16:47 - 2011-02-28 00:38 - 01978416 _____ C:\Windows\WindowsUpdate.log
2015-10-26 16:45 - 2014-07-15 09:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-26 16:44 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-26 16:44 - 2009-07-14 00:51 - 00106015 _____ C:\Windows\setupact.log
2015-10-26 16:08 - 2014-07-15 09:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-26 16:05 - 2014-12-04 15:39 - 00000000 ____D C:\Users\Maki\Documents\Admissions 2016-2017
2015-10-26 16:03 - 2012-12-06 11:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-26 15:57 - 2015-09-04 15:17 - 00000000 ____D C:\Users\Maki\Documents\Staff Meeting Agenda 2015-2016
2015-10-26 15:27 - 2014-09-09 09:59 - 00000000 ____D C:\Users\Maki\Documents\2015-2016 School Year
2015-10-26 15:03 - 2014-09-05 16:51 - 00000000 ____D C:\Users\Maki\Documents\Staff Meeting Agenda 2014-2015
2015-10-26 13:08 - 2014-09-10 13:55 - 00000000 ____D C:\Users\Maki\Documents\Admissions 2015-2016
2015-10-26 10:32 - 2015-09-17 11:09 - 00011675 _____ C:\Users\Public\Documents\Copy of Copy of Attendance Tally.xlsx
2015-10-26 08:26 - 2011-09-18 20:44 - 00000000 ____D C:\ProgramData\MFAData
2015-10-23 12:42 - 2014-03-20 16:30 - 00000000 ____D C:\Users\Maki\Documents\2014-2015 School Year
2015-10-23 09:47 - 2015-07-09 09:07 - 00000972 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-10-23 09:47 - 2015-03-06 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-23 08:26 - 2015-04-22 12:46 - 00000000 ____D C:\Users\Maki\Documents\General Newsletter
2015-10-22 17:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-10-22 17:04 - 2014-11-12 13:18 - 00000000 ____D C:\Users\Maki\Documents\Things to do
2015-10-22 16:47 - 2015-07-13 12:24 - 00000000 ____D C:\Users\Maki\Documents\Open House 2015
2015-10-22 16:12 - 2014-10-31 13:05 - 00000000 ____D C:\Users\Maki\Documents\HM Vision 2014
2015-10-22 15:51 - 2014-04-15 20:47 - 00000000 ____D C:\Users\Maki\AppData\Local\Adobe
2015-10-22 14:26 - 2011-02-28 00:41 - 00443356 _____ C:\Windows\PFRO.log
2015-10-22 14:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-22 13:53 - 2011-09-18 23:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-22 13:53 - 2011-09-18 23:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-10-22 13:53 - 2011-09-18 23:20 - 00000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2015-10-22 13:25 - 2015-04-24 16:31 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-22 13:25 - 2014-12-19 09:15 - 00000000 __SHD C:\Users\Maki\AppData\Local\EmieBrowserModeList
2015-10-22 13:25 - 2014-08-26 09:05 - 00000000 __SHD C:\Users\Maki\AppData\Local\EmieUserList
2015-10-22 13:25 - 2014-08-26 09:05 - 00000000 __SHD C:\Users\Maki\AppData\Local\EmieSiteList
2015-10-22 13:17 - 2012-06-04 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-22 13:14 - 2015-04-24 16:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-22 13:14 - 2015-04-24 16:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-22 13:14 - 2014-06-03 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-22 13:11 - 2011-09-18 21:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-22 13:10 - 2013-12-19 15:45 - 00000000 ____D C:\Windows\system32\MRT
2015-10-22 13:04 - 2011-09-18 21:49 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-22 12:58 - 2011-09-21 08:49 - 00775586 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-22 12:58 - 2009-07-14 01:13 - 00775586 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-22 12:55 - 2009-07-13 22:34 - 00000478 _____ C:\Windows\win.ini
2015-10-22 12:42 - 2011-09-21 12:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-22 12:41 - 2015-08-19 11:40 - 00000978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-22 12:33 - 2014-04-15 21:13 - 00000000 ____D C:\ProgramData\Oracle
2015-10-22 12:32 - 2011-09-18 23:26 - 00000000 ____D C:\Users\Maki
2015-10-22 12:31 - 2011-09-18 21:20 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-22 12:10 - 2010-11-01 07:13 - 00000000 ____D C:\ProgramData\Adobe
2015-10-22 12:10 - 2010-11-01 07:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-22 11:36 - 2011-09-18 23:26 - 00000000 ____D C:\Users\Maki\AppData\Local\VirtualStore
2015-10-22 10:18 - 2011-10-03 21:27 - 00000000 ____D C:\Users\Maki\AppData\Local\Microsoft Help
2015-10-21 08:11 - 2014-07-15 09:12 - 00002049 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-10-21 08:11 - 2014-07-15 09:12 - 00002047 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-10-21 08:11 - 2014-07-15 09:12 - 00002037 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-10-21 08:11 - 2014-07-15 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-20 14:42 - 2013-08-06 10:06 - 00000000 ____D C:\Users\Maki\Documents\Staff Binder Contents
2015-10-20 14:23 - 2014-10-08 15:26 - 00000000 ____D C:\Users\Maki\Documents\Photograph Waiver
2015-10-20 12:50 - 2011-11-26 20:54 - 00000000 ____D C:\Users\Maki\Documents\Book Fair
2015-10-20 11:29 - 2013-09-10 11:00 - 00000000 ____D C:\Users\Maki\Documents\Admissions 2014-2015
2015-10-20 10:20 - 2011-12-09 13:39 - 00000000 ____D C:\Users\Maki\AppData\Roaming\.oit
2015-10-20 10:03 - 2012-12-06 11:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-20 10:03 - 2012-07-02 17:22 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-20 10:03 - 2011-09-18 23:16 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-19 08:10 - 2014-10-17 17:38 - 00002297 _____ C:\Windows\wininit.ini
2015-10-15 10:03 - 2011-11-26 20:54 - 00000000 ____D C:\Users\Maki\Documents\Confidential
2015-10-14 14:38 - 2013-04-15 11:19 - 00000000 ____D C:\Users\Maki\Documents\School Forms for 2013-2014
2015-10-14 12:23 - 2013-02-13 17:54 - 00000000 ____D C:\Users\Maki\Documents\Progress Report 2012-2013
2015-10-14 11:27 - 2014-09-15 10:39 - 00000000 ____D C:\Users\Maki\Documents\Open House 2014
2015-10-07 08:16 - 2015-03-20 11:01 - 00000000 ____D C:\Users\Maki\Documents\School Observation Forms
2015-10-05 09:50 - 2011-09-18 23:20 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-02 13:20 - 2014-02-25 08:43 - 00000000 ____D C:\Users\Maki\Documents\Special Education
2015-10-01 16:33 - 2014-01-15 08:50 - 00000000 _____ C:\Users\Others\Documents\NEWSOFT
2015-10-01 16:33 - 2011-09-27 11:20 - 00000000 ____D C:\Temp
2015-10-01 13:10 - 2013-09-20 09:59 - 00000000 ____D C:\Users\Maki\Documents\School Announcement
2015-09-30 10:08 - 2013-08-30 16:34 - 00000000 ____D C:\Users\Maki\Documents\Staff Meeting Agenda 2013-2014
2015-09-29 20:16 - 2011-12-05 22:51 - 00109296 _____ C:\Users\Others\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-29 15:06 - 2015-09-03 09:10 - 00000000 ____D C:\Users\Maki\Documents\Monthly Calendar 2015-2016
2015-09-29 12:07 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-09-29 11:25 - 2011-11-26 20:54 - 00010383 _____ C:\Users\Maki\Documents\Fire Drill Log.xlsx
2015-09-29 10:31 - 2013-08-27 14:34 - 00000000 ____D C:\Users\Maki\Documents\Toddler Staggered List for 2013-2014
2015-09-29 10:30 - 2015-09-25 12:12 - 00000000 ____D C:\Users\Maki\Documents\Elementary Field Trip
2015-09-29 10:26 - 2014-10-21 15:45 - 00000000 ____D C:\Users\Maki\Documents\Farmers Market
2015-09-28 16:53 - 2014-08-29 16:32 - 00000000 ____D C:\Users\Maki\Documents\Monthly Calendar 2014-2015
2015-09-28 12:55 - 2012-04-27 12:32 - 01013248 ___SH C:\Users\Maki\Documents\Thumbs.db
2015-09-28 10:49 - 2012-03-19 13:23 - 00000000 ____D C:\Users\Maki\Documents\Admissions
2015-09-28 09:44 - 2014-11-07 16:26 - 00000000 ____D C:\Users\Maki\Documents\Karen Benton LSW
2015-09-28 08:03 - 2015-08-27 10:56 - 00000000 ____D C:\Users\Maki\Documents\HMV 2015-2016

==================== Files in the root of some directories =======

2013-05-28 08:07 - 2014-06-24 10:03 - 0003745 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-01-15 13:10 - 2015-06-01 08:08 - 0000133 _____ () C:\Users\Maki\AppData\Roaming\WB.CFG
2015-01-20 09:10 - 2015-01-20 09:10 - 0000001 _____ () C:\Users\Maki\AppData\Local\DSI.DAT

Some files in TEMP:
====================
C:\Users\Hudson Montessori\AppData\Local\Temp\ose00000.exe
C:\Users\Hudson Montessori\AppData\Local\Temp\ose00001.exe
C:\Users\Maki\AppData\Local\Temp\COMAP.EXE
C:\Users\Maki\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Maki\AppData\Local\Temp\mssinstaller.exe
C:\Users\Maki\AppData\Local\Temp\SpOrder.dll
C:\Users\Maki\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-22 17:32

==================== End of FRST.txt ============================

_________________________________________________________________

 

And finally, here is the Addition text:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Maki (2015-10-26 17:02:20)
Running from C:\Users\Maki\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-18 23:16:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1009368379-2178790430-168169824-500 - Administrator - Disabled)
Guest (S-1-5-21-1009368379-2178790430-168169824-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1009368379-2178790430-168169824-1013 - Limited - Enabled)
Hudson Montessori (S-1-5-21-1009368379-2178790430-168169824-1000 - Administrator - Enabled) => C:\Users\Hudson Montessori
Maki (S-1-5-21-1009368379-2178790430-168169824-1001 - Administrator - Enabled) => C:\Users\Maki
Others (S-1-5-21-1009368379-2178790430-168169824-1002 - Limited - Enabled) => C:\Users\Others

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

18 Wheels of Steel - American Long Haul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20071 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6173 - AVG Technologies)
AVG 2015 (Version: 15.0.4455 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6173 - AVG Technologies) Hidden
AXIS H.264 Video Decoder (HKLM-x32\...\{0FB5A600-1B7E-4B40-B50C-59D4A8C3DABC}) (Version: 2.4.10 - Axis Communications)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon D1300/MF6700 (HKLM\...\{DC61FFB7-A6FE-4237-B836-EDE8CA85B5AE}) (Version: 3.9.0.1 - CANON INC.)
Canon MF Toolbox 4.9.1.1.mf15 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf15 - CANON INC.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2215.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 2547] [2008-12-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Gateway Game Console (x32 Version:  - WildTangent) Hidden
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.03.3003 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0825.2010 - Gateway Incorporated)
GCB v.1.1 (HKLM-x32\...\{07279EBE-96CE-42FC-ADFF-D9F720091204B}_is1) (Version: 1.1.0.38 - EZUniverse Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 5.1.0.880 (HKU\S-1-5-21-1009368379-2178790430-168169824-1001\...\GoToMeeting) (Version: 5.1.0.880 - CitrixOnline)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Gateway Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Gateway Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2219 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{0d185bf5-11c9-488a-94ec-854038e1e288}) (Version:  - Nero AG)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Presto! PageManager 7.15.35 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.35 - NewSoft Technology Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SpywareBlaster 4.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 4.4.0 - Javacool Software LLC)
SugarSync (HKLM-x32\...\SugarSync) (Version: 3.6.0.1.139445 - SugarSync, Inc.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3005 - Gateway Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Workspace Desktop (HKU\S-1-5-21-1009368379-2178790430-168169824-1001\...\workspacedesktop) (Version:  - Starfield Technologies)
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1009368379-2178790430-168169824-1001_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\Maki\AppData\Local\Workspace\gdeditwrapperax64.dll (Starfield Technologies)
CustomCLSID: HKU\S-1-5-21-1009368379-2178790430-168169824-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1009368379-2178790430-168169824-1001_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\Maki\AppData\Local\Workspace\wbetoolsax64.dll (Starfield Technology, LLC)

==================== Restore Points =========================

13-10-2015 17:33:15 Scheduled Checkpoint
21-10-2015 08:38:01 Scheduled Checkpoint
22-10-2015 12:47:25 Windows Update
26-10-2015 16:53:52 JRT Pre-Junkware Removal

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1982750C-6267-4D55-A8F5-9203B461A680} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {26AFBF20-FB96-4A91-9AB3-21590A8BA6DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-20] (Adobe Systems Incorporated)
Task: {A3436229-6583-4BE2-9FE5-0C91690ADE2C} - System32\Tasks\{3CA0A815-C229-43BD-8B8D-6C27F75DDAEF} => pcalua.exe -a C:\Users\Maki\Downloads\CLX-3170_Print(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D19DE395-AA49-4169-812B-63B2CC50FC9F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {F10D3CCB-5D3D-4D57-BC12-177A13BE64EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {FE8EB933-2720-4C0B-BE65-56424E6232DD} - System32\Tasks\{BE6EC74A-8E1C-4C1A-BA30-A689B5BA348B} => pcalua.exe -a C:\Users\Maki\Downloads\CLX-3170_Print(3).exe -d "C:\Program Files (x86)\Mozilla Firefox"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-09-27 11:20 - 2007-08-14 19:03 - 00022016 _____ () C:\Windows\System32\sst1cl6.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-24 08:18 - 2014-11-24 08:18 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2010-11-01 06:56 - 2010-09-13 21:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Others\Desktop\Hridayesh_Deepak.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Others\Desktop\Hridayesh_Deepak.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Others\Desktop\Stacey AMS Certification.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Others\Desktop\Stacey AMS Certification.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1009368379-2178790430-168169824-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Maki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.191.119.229
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Maki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StormWatch.lnk => C:\Windows\pss\StormWatch.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Maki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StormWatchApp.lnk => C:\Windows\pss\StormWatchApp.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: ROC_ROC_APR2013_AV => C:\Users\Maki\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid d66ecd75d46b47d19fb6294607f44aeb-f7ff1378a426fe751d1207eefe5a76961ad5bc8e --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
MSCONFIG\startupreg: Starfield Updater => "C:\Users\Maki\AppData\Local\Workspace\workspaceupdate.exe"
MSCONFIG\startupreg: SugarSync => "C:\Program Files (x86)\SugarSync\SugarSync.exe" -startInTray -usedelay=true
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
MSCONFIG\startupreg: WrtMon.exe => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D29EFFC4-9F6F-4EAA-8C0A-575C37326BCC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{C905F8C3-7693-407D-B652-5FE0E4B239E9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2DB1982B-01FC-4BC1-B2C5-6993A23358B0}] => (Allow) LPort=2869
FirewallRules: [{D34611D0-6A35-4F6A-939B-D5BE31D2D7D3}] => (Allow) LPort=1900
FirewallRules: [{6C0B0C8F-3E05-4079-A2C1-0D1C60E3D6BE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{2CD25BBE-F1DF-4355-9E65-5D4D03B7FDAE}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{47F91E87-CE27-42A0-9079-EE07CAA6816A}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{97BB8FF0-2575-4C25-BA73-571860D9A665}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{FD96E96B-4373-4629-9890-21CF856AA5CD}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{7DBE96EC-2B9E-452B-8239-5A724CBAC13A}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{AE3D37FE-3AEB-4571-9255-B370D998FDE0}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{9A7E1262-692A-46EB-A573-9F1DA1C19206}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{DD090FA0-58C5-4344-8925-41545140257B}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{7BFFB09C-BBDC-4E08-86B7-30D51F5C57D4}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{DA4A7243-1147-4456-80C5-40883F84E2E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65D4CD95-30EF-4582-981F-4FE379B4BCF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E03C70A9-35BD-4A78-8889-4A1AE90DF69D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C3AFC5A6-4BD2-42C9-8019-6206B0EDA473}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{960E0895-43B0-4B3B-BA92-4FAC5A627026}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{9FDBD4B0-B604-40FF-8432-4E918AC7C6AC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{0762577F-A0F8-4E6C-9D88-A6C2396ADAF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{58F2896F-E527-4BDC-BEE1-9479014C9F8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B245BDA5-1CEF-4F15-8BAD-1658FD0EE559}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D07D381C-2B3D-4A2F-A811-CB77F51C6ED4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{344616C6-DC04-40A2-B776-DEC1D3556312}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{D248F44D-B068-4FEC-842C-657CA244E0C2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{7F7E5006-FEE0-4AF3-B64C-78F75911C2EF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{45E80083-BD05-42C4-AE99-A21523EF7DDF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{D742AAC7-D6D0-4210-8AA0-AE3E12AA4E3D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FDAEECCD-51D5-4E4F-9386-340B46CB5379}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2015 01:40:41 PM) (Source: MsiInstaller) (EventID: 1024) (User: NewOffice)
Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F094E6700}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Error: (10/22/2015 01:33:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1720

Start Time: 01d10cedb35d4996

Termination Time: 20

Application Path: C:\Windows\Explorer.EXE

Report Id: ec7cd7b2-78e2-11e5-96de-f80f4110aa02

Error: (10/21/2015 01:25:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: CNCL1100.DLL, version: 11.3.0.0, time stamp: 0x49372e43
Exception code: 0xc0000005
Fault offset: 0x0000000000005a4b
Faulting process id: 0x14f8
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3

Error: (10/20/2015 07:27:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: CNCL1100.DLL_unloaded, version: 0.0.0.0, time stamp: 0x49372e43
Exception code: 0xc0000005
Fault offset: 0x00000000004d29c0
Faulting process id: 0x5f0
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3

Error: (10/03/2015 09:51:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: CNCL1100.DLL, version: 11.3.0.0, time stamp: 0x49372e43
Exception code: 0xc0000005
Fault offset: 0x00000000000029c0
Faulting process id: 0x2338
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3

Error: (10/01/2015 02:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.0.5738, time stamp: 0x55fb7072
Faulting module name: mozglue.dll, version: 41.0.0.5738, time stamp: 0x55fb5afb
Exception code: 0x80000003
Fault offset: 0x0000ec7e
Faulting process id: 0x2ac0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (10/01/2015 02:31:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 41.0.0.5738 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11a4

Start Time: 01d0fbc7084ecdb7

Termination Time: 26

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 90bc62d2-686a-11e5-8c10-f80f4110aa02

Error: (09/29/2015 10:41:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.0.5738, time stamp: 0x55fb7072
Faulting module name: mozglue.dll, version: 41.0.0.5738, time stamp: 0x55fb5afb
Exception code: 0x80000003
Fault offset: 0x0000ec7e
Faulting process id: 0xd64
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (09/29/2015 10:41:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 41.0.0.5738 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2774

Start Time: 01d0fab18278a71e

Termination Time: 13

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 2a9cc5a6-66b8-11e5-8c10-f80f4110aa02

Error: (09/28/2015 04:53:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.0.5738, time stamp: 0x55fb7072
Faulting module name: mozglue.dll, version: 41.0.0.5738, time stamp: 0x55fb5afb
Exception code: 0x80000003
Fault offset: 0x0000ec7e
Faulting process id: 0x133c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3


System errors:
=============
Error: (10/26/2015 04:55:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Client service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/26/2015 04:55:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/26/2015 04:55:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/26/2015 04:55:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Client Virtualization Handler service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/26/2015 04:55:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/26/2015 04:55:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Updater Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/26/2015 04:55:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The File Backup Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/26/2015 04:55:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Service Agent service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/26/2015 04:55:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PasswordBox service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/26/2015 04:55:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).


==================== Memory info ===========================

Processor: Intel® Core™ i5-2300 CPU @ 2.80GHz
Percentage of memory in use: 29%
Total physical RAM: 6056.04 MB
Available physical RAM: 4283.23 MB
Total Virtual: 12110.28 MB
Available Virtual: 10258.4 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:914.41 GB) (Free:787.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 73917F9F)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=914.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Thank you for your help.



#4 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 27 October 2015 - 08:14 PM

Sorry, I haven't had a chance to look over your logs yet, I will as soon as I can

How are the popups now? Any improvement?


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#5 indfin

indfin

    Enthusiast

  • Members
  • PipPipPipPip
  • 101 posts

Posted 28 October 2015 - 09:40 AM

Please take your time.  Good news is the pop ups are gone.  If there is any more fine tuning to be done, please let me know.  Thanks much.



#6 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 29 October 2015 - 07:25 PM

thanks for the time indfin, internet at work camp is really bad right now

If you can give me till Saturday morning to look over all your logs that would be great, I'll be back home than


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#7 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 31 October 2015 - 12:30 PM

Looks good, your version of SpywareBlaster is outdated
You should open your copy and then select to "Disable All Protections"

Close SpywareBlaster then uninstall it from "Programs and Features"

Restart the computer afterwards

 

Back in Windows:

Update SpywareBlaster from the following link

SpywareBlaster by JavaCool
At the link  continue with
Free Download on the right>>Continue Download at next page
Basically it *Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
Select Manual updating when installing
After installation, Check for updates
After updating, select "Protection Status" on the Left
Then select "Enable all Protection"
IMPORTANT>>"Check for updates every month"
after every update just simply click the "enable protection on all unprotected items"
or again, click on Protection Startus>>enable all protection

 

Afterwards:

Open AdwCleaner you downloaded earlier, when it opens select "Uninstall"

This will properly remove the tool

 

Then Please download delfix to your desktop.

  • Close all other programs and start delfix.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Ensure Remove disinfection tools is ticked.
  • Click Run
  • delfix will now delete all found traces of our removal tools

Give me one more post back please and let me know if things are still ok


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#8 indfin

indfin

    Enthusiast

  • Members
  • PipPipPipPip
  • 101 posts

Posted 01 November 2015 - 07:47 PM

Hi Guestolo,

 

Uninstalled and re-installed SpywareBlaster, uninstalled AdwCleaner and ran delfix.

 

The computer is running fine, with no pop-ups.  Thank you very much once again.



#9 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 02 November 2015 - 06:51 AM

Good stuff, I'll lock this topic as your problems are resolved

Take care indfin


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here