Jump to content

HobbesIsReal

Members
  • Posts

    5
  • Joined

  • Last visited

Everything posted by HobbesIsReal

  1. I just wanted to say that with reviewing all the help you guys give so freely on these forums....this is a great service that you give that really does have a huge positive impact on people's personal and work lives!
  2. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/8/2014 Scan Time: 10:54:05 AM Logfile: Malwarebytes_Export.txt Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.11.08.05 Rootkit Database: v2014.11.08.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Dennis Scan Type: Threat Scan Result: Completed Objects Scanned: 319585 Time Elapsed: 11 min, 5 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  3. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01 Ran by Dennis at 2014-11-08 11:10:23 Running from C:\Users\Dennis\Downloads\New fold Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC) Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC) Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.) BookWorm Deluxe (HKLM-x32\...\Steam App 3370) (Version: - PopCap Games, Inc.) Brother MFL-Pro Suite MFC-7860DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.) CameraBag 2 (HKLM-x32\...\Steam App 100410) (Version: - Nevercenter Ltd. Co.) CastleStorm (HKLM-x32\...\Steam App 241410) (Version: - Zen Studios) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.) Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.24.2 - Dell) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.0.0.0630 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.0.0.0630 - CyberLink Corp.) Hidden Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden Garmin BaseCamp (HKLM-x32\...\{B0BED0BB-E1C4-49AA-840F-7CA052ADF5EB}) (Version: 4.3.4 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve) ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation) Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.) Mahjong Quest 3 (HKLM-x32\...\Steam App 38020) (Version: - iWin) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visio Professional 2013 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version: - LucasArts) Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - ) Myst: Masterpiece Edition (HKLM-x32\...\Steam App 63660) (Version: - Cyan Worlds) Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation) Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.6.15 - Symantec Corporation) NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden Peggle Nights (HKLM-x32\...\Steam App 3540) (Version: - PopCap Games, Inc.) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden realMyst (HKLM-x32\...\Steam App 63600) (Version: - Cyan Worlds) RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden RoboForm 7-9-10-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-10-1 - Siber Systems) Rock of Ages (HKLM-x32\...\Steam App 22230) (Version: - ACE Team) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Snagit 11 (HKLM-x32\...\{E724600B-5568-47C7-ACDF-490D366719E2}) (Version: 11.4.0 - TechSmith Corporation) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) SteamVR (HKLM-x32\...\Steam App 250820) (Version: - ) Synergy (HKLM-x32\...\Steam App 17520) (Version: - Synergy Team) The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe) Tom Clancy's Splinter Cell: Conviction (HKLM-x32\...\Steam App 33220) (Version: - Ubisoft Montreal) Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics) Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks? CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2913884669-2521160022-3810892911-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 07-11-2014 18:41:39 Removed LogMeIn Hamachi 07-11-2014 18:47:05 Removed LogMeIn 08-11-2014 03:00:37 Installed Brother Software Suite 08-11-2014 03:04:30 Device Driver Package Install: Brother Imaging devices 08-11-2014 03:06:29 Device Driver Package Install: Brother Printers 08-11-2014 03:07:00 Device Driver Package Install: Brother Printers ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 18:34 - 2014-11-07 10:35 - 00000768 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {119735F5-4C42-4853-ACC0-2FA3C539BB7A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {1624A85A-BCE4-4AE3-94C4-25573DCB62ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation) Task: {2647BB1A-E830-479B-BE92-EB5557C93E31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation) Task: {2E65D18F-C30F-43A4-AADC-ABEBF0F22EE8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2913884669-2521160022-3810892911-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {2F58463C-A061-496F-A91B-132C43BAC690} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-11-05] (Siber Systems) Task: {39A4DAA3-D465-49C3-B27B-2CDEBED66591} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-20] (Symantec Corporation) Task: {40ED1B7D-60EB-442E-846B-FDDD3075D207} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.) Task: {4E0C5252-3699-4127-8BEA-6D45B0F69F84} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation) Task: {5A714C88-D06D-496A-A4F2-890E7E0F24CE} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {5AF0248B-1E12-42CD-8B6B-332C7E4A02A9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation) Task: {5D68EF8F-2654-449C-AB95-3BFC5C8E0978} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {6875F788-BF7F-4E69-887E-793A9092F82D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Dennis-Laptop-Dennis Dennis-Laptop => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation) Task: {77B3E2E6-F129-4D4F-94AA-CA15831FE38E} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {7847E85E-9686-4DF5-A9F2-3A004B37640A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated) Task: {7925766D-A692-4A84-B048-D35ABFD4FA42} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {9819B949-3F39-4874-BCDC-052E39EA2DA8} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJMJGMLJMJOMHMIMCNJJNMKMNMCNLMKMLJNJCNNJIMHMLJCNPMLJKJLMKMOMLMNMKMNJJJMMJNJICMIMCNGMCNOMPMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMMJBJKJLIMJFMOMNMNMGMJNHICMMJBJKJLIMJJNBJCMLLKJBJBJGJMIJNKJCMJNNICMJNDJCMKJBJJNMJCMMMFMIMOMOMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ" Task: {A015E4F9-8085-46F5-A127-BFD3B5DCDD24} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {A5835F22-6A54-48A5-925E-F133E2F29612} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] () Task: {ADEB8DC7-58F8-4787-8D82-6C095D62516A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd) Task: {AF80B503-2090-4081-AFEC-E7D21790105F} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {CEFF32FC-4198-44AE-88B8-DEFB754AF910} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {D2125B45-2D65-4D36-A2F2-5C36789BC307} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2913884669-2521160022-3810892911-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {ED0D32BE-7EC5-47E7-8B27-A90DF90E9ED8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.) Task: {EFAD1249-759B-4451-B27F-A57794DD2E3D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {FCEC8F8C-7D26-4802-B5E1-BDC3253F2487} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-27 17:59 - 2013-12-19 10:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-01-27 21:42 - 2013-10-23 15:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll 2014-03-31 19:47 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2014-10-27 11:19 - 2014-09-09 06:59 - 08896160 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-01-27 17:55 - 2011-03-26 00:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-02-04 00:00 - 2014-01-14 11:46 - 03140608 _____ () C:\Users\Dennis\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe 2014-03-02 23:12 - 2003-12-30 18:18 - 00040960 _____ () C:\Users\Dennis\Downloads\ResizeEnable\ResizeEnableRunner.exe 2014-11-07 19:03 - 2005-04-21 20:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2014-10-27 11:19 - 2014-09-09 05:12 - 08896160 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll 2014-10-25 09:04 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-10-25 09:04 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-10-25 09:04 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-10-25 09:04 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-10-25 09:04 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-03-02 23:12 - 2003-12-30 18:18 - 00069632 _____ () C:\Users\Dennis\Downloads\ResizeEnable\ResizeEnable.dll 2014-10-16 16:53 - 2014-10-16 16:53 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll 2014-01-27 17:30 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2014-11-07 11:22 - 2014-11-07 11:22 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-09-22 09:58 - 2014-09-22 09:58 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll 2014-02-05 09:55 - 2014-02-05 09:55 - 01298432 ____R () C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll 2014-02-05 09:58 - 2014-02-05 09:58 - 00128512 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll 2014-02-05 09:58 - 2014-02-05 09:58 - 00110592 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll 2014-11-08 01:22 - 2014-11-08 01:22 - 00043008 _____ () c:\users\dennis\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9mvpaq.dll 2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Dennis\AppData\Roaming\Dropbox\bin\libcef.dll 2014-11-07 19:02 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-06-18 13:13 - 2014-09-22 10:15 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2014-06-18 13:13 - 2014-09-22 10:15 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2014-10-27 11:19 - 2014-09-09 05:12 - 08896160 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\1033\GrooveIntlResource.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot ========================= Accounts: ========================== Administrator (S-1-5-21-2913884669-2521160022-3810892911-500 - Administrator - Disabled) Dennis (S-1-5-21-2913884669-2521160022-3810892911-1000 - Administrator - Enabled) => C:\Users\Dennis Guest (S-1-5-21-2913884669-2521160022-3810892911-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2913884669-2521160022-3810892911-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/08/2014 01:57:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: SHELL32.dll, version: 6.1.7601.18517, time stamp: 0x53aa2e07 Exception code: 0xc0000005 Fault offset: 0x0000000000050506 Faulting process id: 0x874 Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Error: (11/08/2014 01:21:59 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/11/08 01:21:59.651]: [00002592]: Initialize TwdsMain Class failed! Error: (11/08/2014 01:21:59 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/11/08 01:21:59.651]: [00002592]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.TripoliIndexer> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (11/08/2014 00:53:13 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.JetPropStore> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (11/08/2014 00:53:13 AM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: The Windows Search Service cannot load the property store information. Context: Windows Application, SystemIndex Catalog Details: The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) Error: (11/08/2014 00:53:13 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (11/08/2014 01:22:04 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (11/08/2014 00:53:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (11/08/2014 00:53:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/08/2014 00:53:17 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Windows Search service terminated with service-specific error %%-1073473535. Error: (11/08/2014 00:53:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: vabrvcou Error: (11/08/2014 00:53:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The BlueStacks Android Service service terminated with the following error: %%1064 Error: (11/08/2014 00:48:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (11/08/2014 00:48:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (11/08/2014 00:48:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (11/08/2014 00:47:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= Error: (11/08/2014 01:57:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1851753aa2e07c0000005000000000005050687401cffb315081c52dC:\Windows\Explorer.EXEC:\Windows\system32\SHELL32.dll9606fabf-672d-11e4-aa8b-88532ea76ba5 Error: (11/08/2014 01:21:59 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/11/08 01:21:59.651]: [00002592]: Initialize TwdsMain Class failed! Error: (11/08/2014 01:21:59 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/11/08 01:21:59.651]: [00002592]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (11/08/2014 00:53:17 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer Error: (11/08/2014 00:53:13 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Search.JetPropStore Error: (11/08/2014 00:53:13 AM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) Error: (11/08/2014 00:53:13 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt ==================== Memory info =========================== Processor: Intel® Core i5-2410M CPU @ 2.30GHz Percentage of memory in use: 74% Total physical RAM: 3990.17 MB Available physical RAM: 1000.3 MB Total Pagefile: 7978.52 MB Available Pagefile: 3062.62 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:211.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3646C86E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  4. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01 Ran by Dennis (administrator) on DENNIS-LAPTOP on 08-11-2014 11:09:19 Running from C:\Users\Dennis\Downloads\New fold Loaded Profile: Dennis (Available profiles: Dennis) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Users\Dennis\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Dropbox, Inc.) C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe () C:\Users\Dennis\Downloads\ResizeEnable\ResizeEnableRunner.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\NPE.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [intelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4802864 2012-06-25] (Intel® Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor) HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation) HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [815888 2014-02-18] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...\Run: [Amazon Cloud Player] => C:\Users\Dennis\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] () HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation) HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-11-05] (Siber Systems) HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd) HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe [540336 2014-09-23] (Adobe Systems Incorporated) HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...\MountPoints2: {4d3ec8bb-3934-11e4-b66c-88532ea76ba5} - E:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2913884669-2521160022-3810892911-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks! HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation) Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation) Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ResizeEnableRunner.exe - Shortcut.lnk ShortcutTarget: ResizeEnableRunner.exe - Shortcut.lnk -> C:\Users\Dennis\Downloads\ResizeEnable\ResizeEnableRunner.exe () Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: localhost:21320 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40AA0C11C51BCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.) BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.) Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.) Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default FF DefaultSearchEngine: v9 FF SelectedSearchEngine: v9 FF Homepage: https://www.google.com/?gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF user.js: detected! => C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\user.js FF SearchPlugin: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\searchplugins\safesearch.xml FF Extension: Quick Start - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\1403157662_xpi [2014-06-18] FF Extension: Ant Video Downloader - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\anttoolbar@ant.com [2014-08-16] FF Extension: TableTools2 - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\tabletools2@mingyi.org [2014-01-28] FF Extension: Converter - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6} [2014-01-28] FF Extension: DownloadHelper - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-22] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-01-28] FF Extension: Personas Plus - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\personas@christopher.beard.xpi [2014-01-28] FF Extension: Private Tab - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\privateTab@infocatcher.xpi [2014-01-28] FF Extension: Save Session - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\savesession@noasobi.net.xpi [2014-01-28] FF Extension: Session Manager - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-01-29] FF Extension: Adblock Plus - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-28] FF Extension: Tab Mix Plus - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\cicc06cc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-28] FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-01-28] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-11-08] FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-01-27] FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: No Name - {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} [Not Found] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-27] CHR Extension: (Google Drive) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-27] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-18] CHR Extension: (YouTube) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-27] CHR Extension: (Google Search) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-27] CHR Extension: (d3coder) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncnbkghencmkfgeepfaonmegemakcol [2014-08-04] CHR Extension: (RealDownloader) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-01-30] CHR Extension: (Norton Identity Safe) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-16] CHR Extension: (Clean IMDb) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingodbhkemojiibhhbfhjaeaciikbiik [2014-07-09] CHR Extension: (Norton Security Toolbar) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-08-16] CHR Extension: (Google Wallet) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-27] CHR Extension: (MultiHighlighter) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifbglmlbpgpbflnkfpclkmckoollbn [2014-08-04] CHR Extension: (rbutr) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocnieghejiknjhadhngmmnbfjocbbfpm [2014-08-11] CHR Extension: (Gmail) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-27] CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-06] CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-07-22] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-06] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [2014-10-06] CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-07-22] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-02-18] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-02-18] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [766736 2014-02-18] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation) R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] () R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation) R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-30] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20141030.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122128 2014-02-18] (BlueStack Systems) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-24] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-10] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20141107.001\IDSvia64.sys [633560 2014-08-31] (Symantec Corporation) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-08] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20141107.018\ENG64.SYS [129752 2014-09-24] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20141107.018\EX64.SYS [2137304 2014-09-24] (Symantec Corporation) R3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-19] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited) R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-07-22] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-16] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-07-22] (Symantec Corporation) S3 cpuz134; \??\C:\Users\Dennis\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X] S3 EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [X] S3 lmimirr; system32\DRIVERS\lmimirr.sys [X] S0 vabrvcou; System32\drivers\qnethi.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-08 11:08 - 2014-11-08 11:09 - 00000000 ____D () C:\FRST 2014-11-08 10:37 - 2014-11-08 10:37 - 00000000 ____D () C:\Users\Dennis\AppData\Local\NPE 2014-11-08 02:24 - 2014-11-08 02:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Microsoft Help 2014-11-08 01:21 - 2014-11-08 01:22 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ControlCenter4 2014-11-08 00:52 - 2014-11-08 00:52 - 00000168 _____ () C:\Windows\setupact.log 2014-11-08 00:52 - 2014-11-08 00:52 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-07 22:16 - 2014-11-07 22:16 - 00008284 _____ () C:\Windows\PFRO.log 2014-11-07 21:55 - 2014-11-07 21:55 - 05591695 _____ (Swearware) C:\Users\Dennis\Downloads\ComboFix.exe 2014-11-07 21:43 - 2014-11-07 21:43 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-11-07 21:43 - 2014-11-07 21:43 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-11-07 21:43 - 2014-11-07 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-11-07 21:43 - 2014-11-07 21:43 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-07 19:08 - 2014-11-07 19:08 - 00002144 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk 2014-11-07 19:08 - 2014-11-07 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2014-11-07 19:06 - 2014-11-07 19:06 - 00000259 _____ () C:\Windows\Brpfx04a.ini 2014-11-07 19:06 - 2014-11-07 19:06 - 00000065 _____ () C:\Windows\brpcfx.ini 2014-11-07 19:03 - 2014-11-07 19:03 - 00000066 _____ () C:\Windows\Brfaxrx.ini 2014-11-07 19:03 - 2014-11-07 19:03 - 00000000 ____D () C:\Users\Public\Documents\BrFaxRx 2014-11-07 19:03 - 2014-11-07 19:03 - 00000000 ____D () C:\ProgramData\ControlCenter4 2014-11-07 19:03 - 2014-11-07 19:03 - 00000000 ____D () C:\Program Files (x86)\ControlCenter4 2014-11-07 19:03 - 2014-11-07 19:03 - 00000000 ____D () C:\Program Files (x86)\Browny02 2014-11-07 19:03 - 2014-11-07 19:03 - 00000000 ____D () C:\Brother 2014-11-07 19:03 - 2012-07-05 03:32 - 00084480 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll 2014-11-07 19:03 - 2012-03-18 20:09 - 00316928 _____ (brother) C:\Windows\system32\NSSRH64.dll 2014-11-07 19:03 - 2010-09-23 00:14 - 00058880 _____ (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll 2014-11-07 19:03 - 2010-09-23 00:13 - 00051712 _____ (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll 2014-11-07 19:03 - 2009-12-08 16:19 - 00290304 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrfxDA5c.dll 2014-11-07 19:03 - 2005-04-21 20:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2014-11-07 19:03 - 2003-11-28 18:57 - 00000000 _____ () C:\Windows\brdfxspd.dat 2014-11-07 19:02 - 2014-11-07 19:03 - 00000000 ____D () C:\Program Files (x86)\Brother 2014-11-07 19:02 - 2012-09-10 16:31 - 00245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll 2014-11-07 19:02 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll 2014-11-07 19:02 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll 2014-11-07 19:02 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll 2014-11-07 19:01 - 2014-11-07 19:03 - 04976456 _____ (Piriform Ltd) C:\Users\Dennis\Downloads\ccsetup419.exe 2014-11-07 15:46 - 2014-11-07 18:55 - 00000000 ____D () C:\ProgramData\Brother 2014-11-07 15:45 - 2014-11-07 15:45 - 00000000 ____D () C:\Users\Dennis\Desktop\wlan_wiz 2014-11-07 15:45 - 2014-11-07 15:45 - 00000000 ____D () C:\Users\Dennis\Desktop\install 2014-11-07 15:45 - 2010-02-04 18:42 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL 2014-11-07 15:42 - 2014-11-07 15:44 - 129676424 _____ (A.I.SOFT,INC.) C:\Users\Dennis\Downloads\MFC-7860DW-inst-C1-EU.EXE 2014-11-07 11:22 - 2014-11-07 11:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-07 09:46 - 2014-11-07 09:46 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-11-07 09:46 - 2014-11-07 09:46 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-11-07 09:42 - 2014-11-07 12:20 - 00497240 _____ (Adlice Software) C:\Users\Dennis\Downloads\TaskSTRun.exe 2014-11-07 09:41 - 2014-11-07 09:45 - 17526360 _____ () C:\Users\Dennis\Downloads\RogueKillerX64.exe 2014-11-06 17:01 - 2014-11-06 18:15 - 00000000 ____D () C:\Blackhawk HD Recovered 2014-11-06 16:57 - 2014-11-07 22:12 - 00000162 _____ () C:\Users\Dennis\Documents\bitlocker.txt 2014-11-06 10:52 - 2014-11-06 10:52 - 00293020 _____ () C:\Users\Dennis\Documents\comcast.xps 2014-11-06 10:34 - 2014-11-06 10:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-11-06 10:34 - 2014-11-06 10:34 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-11-06 10:08 - 2014-11-06 10:22 - 00000000 ____D () C:\Users\Dennis\AppData\Local\CutePDF Writer 2014-11-06 09:29 - 2014-11-08 01:13 - 00004996 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Dennis-Laptop-Dennis Dennis-Laptop 2014-11-03 21:13 - 2014-11-03 21:13 - 00000222 _____ () C:\Users\Dennis\Desktop\Antichamber.url 2014-11-03 21:13 - 2014-11-03 21:13 - 00000221 _____ () C:\Users\Dennis\Desktop\Star Wars The Force Unleashed II.url 2014-11-03 21:11 - 2014-11-03 21:11 - 00000221 _____ () C:\Users\Dennis\Desktop\Cogs.url 2014-11-03 21:08 - 2014-11-03 21:08 - 00000222 _____ () C:\Users\Dennis\Desktop\Quantum Conundrum.url 2014-11-03 21:08 - 2014-11-03 21:08 - 00000221 _____ () C:\Users\Dennis\Desktop\Luxor 3.url 2014-11-03 21:08 - 2014-11-03 21:08 - 00000220 _____ () C:\Users\Dennis\Desktop\Telltale Texas Hold'Em.url 2014-11-03 20:55 - 2014-11-03 20:55 - 00000721 _____ () C:\Users\Dennis\Documents\bluescreen.txt 2014-11-02 18:30 - 2014-11-02 18:30 - 00000557 _____ () C:\Users\Dennis\Documents\monoprice.txt 2014-10-25 18:23 - 2014-10-25 18:23 - 00000320 _____ () C:\Windows\wininit.ini 2014-10-25 09:05 - 2014-10-25 09:05 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-10-25 09:04 - 2014-10-27 22:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-10-25 09:04 - 2014-10-25 18:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-10-25 09:04 - 2014-10-25 09:04 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-10-25 09:04 - 2014-10-25 09:04 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-10-25 09:04 - 2014-10-25 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-10-25 09:04 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-10-25 09:02 - 2014-10-25 09:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Dennis\Downloads\spybot-2.4.exe 2014-10-21 14:32 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-16 15:12 - 2014-11-07 22:09 - 00003354 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2913884669-2521160022-3810892911-1000 2014-10-15 15:56 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-15 15:56 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 15:56 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-15 15:56 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-15 15:56 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 15:56 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-15 15:56 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 15:55 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-15 15:55 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-15 15:55 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-15 15:55 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-15 15:55 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-15 15:55 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-15 15:55 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-15 15:55 - 2014-07-08 18:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-15 15:55 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-15 15:55 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-15 15:55 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-15 15:55 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-15 15:55 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-15 15:55 - 2014-07-08 14:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-15 15:55 - 2014-07-08 14:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-14 22:14 - 2014-10-14 22:14 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360 2014-10-14 22:02 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-14 22:02 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-14 22:02 - 2014-08-28 18:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-14 22:02 - 2014-08-28 18:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-14 22:02 - 2014-08-28 18:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-10-14 22:02 - 2014-08-28 18:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-10-14 22:02 - 2014-08-28 18:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-14 22:02 - 2014-08-28 17:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-14 22:02 - 2014-08-28 17:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-14 22:02 - 2014-08-28 17:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-14 22:02 - 2014-08-28 17:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-10-14 22:01 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-14 22:01 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-14 22:01 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-14 22:01 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-14 22:01 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-14 22:01 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-14 22:01 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-14 22:01 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-14 22:01 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-14 22:01 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-14 22:01 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-14 22:01 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-14 22:01 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-14 22:01 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-14 22:01 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-14 21:17 - 2014-10-14 21:17 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Oracle 2014-10-14 21:15 - 2014-10-14 21:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-10-14 21:15 - 2014-10-14 21:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-10-14 21:15 - 2014-10-14 21:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-10-14 21:15 - 2014-10-14 21:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-10-14 21:15 - 2014-10-14 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-14 21:15 - 2014-10-14 21:15 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-14 16:10 - 2014-10-14 16:10 - 00000221 _____ () C:\Users\Dennis\Desktop\Synergy.url ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-08 11:10 - 2014-01-28 10:52 - 00000000 ____D () C:\Users\Dennis\Downloads\New fold 2014-11-08 11:08 - 2014-01-27 18:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-08 10:54 - 2014-01-28 12:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-08 10:49 - 2014-08-16 17:26 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-08 10:31 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-08 10:31 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-08 10:28 - 2014-01-27 16:51 - 01136063 _____ () C:\Windows\WindowsUpdate.log 2014-11-08 10:18 - 2009-07-13 21:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-08 01:57 - 2014-03-12 15:17 - 00000000 ____D () C:\Users\Dennis\AppData\Local\CrashDumps 2014-11-08 01:23 - 2014-01-27 21:44 - 00000000 ___RD () C:\Users\Dennis\Dropbox 2014-11-08 01:22 - 2014-01-27 21:43 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Dropbox 2014-11-08 00:52 - 2014-06-18 23:08 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-11-08 00:52 - 2014-06-18 23:08 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-11-08 00:52 - 2014-06-18 23:08 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job 2014-11-08 00:52 - 2014-01-27 18:48 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-08 00:52 - 2014-01-27 17:59 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-08 00:52 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-07 22:16 - 2014-01-27 18:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-07 22:12 - 2014-01-28 11:14 - 00000000 ____D () C:\Users\Dennis\Documents\Outlook Files 2014-11-07 22:09 - 2014-07-09 17:13 - 00003222 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2913884669-2521160022-3810892911-1000 2014-11-07 22:09 - 2014-06-18 23:08 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP1 2014-11-07 22:09 - 2014-06-18 23:08 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP3 2014-11-07 22:09 - 2014-06-18 23:08 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP2 2014-11-07 22:04 - 2014-07-01 20:58 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-11-07 22:04 - 2014-01-29 18:50 - 00000000 ____D () C:\Windows\Minidump 2014-11-07 22:04 - 2014-01-27 16:43 - 00000000 ____D () C:\Windows\Panther 2014-11-07 21:45 - 2014-01-27 18:39 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-11-07 19:02 - 2014-01-27 18:27 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-11-07 19:02 - 2014-01-27 17:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-07 16:10 - 2014-08-16 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-07 16:10 - 2014-03-02 21:51 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-11-07 15:01 - 2014-01-28 11:03 - 00000000 ____D () C:\Users\Dennis\Documents\Blackhawk 2014-11-06 14:04 - 2014-01-28 13:33 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\vlc 2014-11-06 10:48 - 2014-02-06 21:15 - 00000000 ____D () C:\ProgramData\Adobe 2014-11-06 10:47 - 2014-01-28 12:42 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe 2014-11-06 10:47 - 2014-01-27 21:11 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe 2014-11-06 10:33 - 2014-02-06 21:15 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-11-05 18:14 - 2014-01-27 19:11 - 00004132 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm 2014-11-05 18:14 - 2014-01-27 19:11 - 00003504 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon 2014-11-05 18:13 - 2014-01-27 18:55 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\RoboForm 2014-11-05 18:13 - 2014-01-27 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm 2014-11-03 21:37 - 2014-08-27 16:56 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Ubisoft Game Launcher 2014-11-03 21:32 - 2014-04-02 23:01 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Microsoft Games 2014-11-02 19:44 - 2014-02-04 00:00 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Amazon Cloud Player 2014-10-27 19:26 - 2014-04-07 00:41 - 00000000 ___RD () C:\Users\Dennis\Desktop\New folder 2014-10-27 11:24 - 2014-01-27 21:33 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-10-21 14:32 - 2014-08-16 17:26 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-21 14:32 - 2014-08-16 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-16 15:10 - 2009-07-13 20:45 - 00437848 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-16 14:49 - 2014-05-16 02:21 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-15 03:19 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache 2014-10-15 02:27 - 2009-07-13 19:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-14 22:08 - 2014-08-16 17:54 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-10-14 22:08 - 2014-08-16 17:52 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64 2014-10-14 22:07 - 2014-08-16 17:54 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-10-14 22:07 - 2014-08-16 17:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-10-14 21:16 - 2014-08-13 20:10 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-14 19:29 - 2014-04-09 17:29 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Some content of TEMP: ==================== C:\Users\Dennis\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9mvpaq.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-27 21:31 ==================== End Of Log ============================
  5. Malwarebytes and Spybots come up clean. But I constantly get blocked c:\Windows\sysWOW64/dllhost.exe messages from Malwarebytes. I have run Farbar and will attach txt files below. I will attach the Malwarebytes txt file below I have run RogueKiller and included the text file below I followed the directions on this thread to get the text files to post: https://forums.malwarebytes.org/index.php?/topic/159955-dlhostexe-com-surrogate-issue/
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.