Jump to content

KatieR

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by KatieR

  1. Log Name: Application Source: Microsoft-Windows-Wininit Date: 10/25/2016 2:39:33 AM Event ID: 1001 Task Category: None Level: Information Keywords: Classic User: N/A Computer: Ishii Description: Checking file system on C: The type of the file system is NTFS. Volume label is OS. A disk check has been scheduled. Windows will now check the disk. Stage 1: Examining basic file system structure ... 426496 file records processed. File verification completed. 5332 large file records processed. 0 bad file records processed. Stage 2: Examining file name linkage ... 510248 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. Stage 3: Examining security descriptors ... Cleaning up 49 unused index entries from index $SII of file 0x9. Cleaning up 49 unused index entries from index $SDH of file 0x9. Cleaning up 49 unused security descriptors. Security descriptor verification completed. 41877 data files processed. CHKDSK is verifying Usn Journal... 34648688 USN bytes processed. Usn Journal verification completed. Stage 4: Looking for bad clusters in user file data ... 426480 files processed. File data verification completed. Stage 5: Looking for bad, free clusters ... 9341418 free clusters processed. Free space verification is complete. Windows has scanned the file system and found no problems. No further action is required. 194892799 KB total disk space. 156836380 KB in 236779 files. 155156 KB in 41878 indexes. 0 KB in bad sectors. 535591 KB in use by the system. 65536 KB occupied by the log file. 37365672 KB available on disk. 4096 bytes in each allocation unit. 48723199 total allocation units on disk. 9341418 allocation units available on disk. Internal Info: 00 82 06 00 74 40 04 00 0b 52 08 00 00 00 00 00 ....t@...R...... b0 2e 00 00 3b 00 00 00 00 00 00 00 00 00 00 00 ....;........... Windows has finished checking your disk. Please wait while your computer restarts. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" /> <EventID Qualifiers="16384">1001</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2016-10-24T17:39:33.000000000Z" /> <EventRecordID>95791</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>Ishii</Computer> <Security /> </System> <EventData> <Data> Checking file system on C: The type of the file system is NTFS. Volume label is OS. A disk check has been scheduled. Windows will now check the disk. Stage 1: Examining basic file system structure ... 426496 file records processed. File verification completed. 5332 large file records processed. 0 bad file records processed. Stage 2: Examining file name linkage ... 510248 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. Stage 3: Examining security descriptors ... Cleaning up 49 unused index entries from index $SII of file 0x9. Cleaning up 49 unused index entries from index $SDH of file 0x9. Cleaning up 49 unused security descriptors. Security descriptor verification completed. 41877 data files processed. CHKDSK is verifying Usn Journal... 34648688 USN bytes processed. Usn Journal verification completed. Stage 4: Looking for bad clusters in user file data ... 426480 files processed. File data verification completed. Stage 5: Looking for bad, free clusters ... 9341418 free clusters processed. Free space verification is complete. Windows has scanned the file system and found no problems. No further action is required. 194892799 KB total disk space. 156836380 KB in 236779 files. 155156 KB in 41878 indexes. 0 KB in bad sectors. 535591 KB in use by the system. 65536 KB occupied by the log file. 37365672 KB available on disk. 4096 bytes in each allocation unit. 48723199 total allocation units on disk. 9341418 allocation units available on disk. Internal Info: 00 82 06 00 74 40 04 00 0b 52 08 00 00 00 00 00 ....t@...R...... b0 2e 00 00 3b 00 00 00 00 00 00 00 00 00 00 00 ....;........... Windows has finished checking your disk. Please wait while your computer restarts. </Data> </EventData> </Event> Things seem to be going better than before. No freezing or crashing.
  2. Checkdisk was stuck at 18%, then went away. Viewer showed no log so I guess it didn't actually complete. By some miracle, malwarebytes ran and scanned to completion. No obvious threats. At the advice of a friend, I also did adwcleaner successfully, but my computer still hangs really hard when it attempts to restart. I still have to manually shut it down. Blue screen of death with a couple of options to refresh or restart my computer, but I am not ready to do those yet. Otherwise I have a black screen with nothing happening when I try to restart malware1.txt AdwCleaner[C0]1018.txt
  3. It froze but I think it was completed. Addition.txt FRST.txt
  4. I have a Windows 8 Asus laptop that is not even 2 years old. I think I'm infected. I am running free avast but it found no threats. Malwarebytes refuses to run, chameleon loads but won't finish. I ran the malwarebytes cleaner once before installing the latest version of Malwarebytes. I opened it once but it froze and I was never able to perform a scan. My Asus laptop itself refuses to perform restarts, I have to manually force shutdown with the button. Here is my fbar log. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016 Ran by Kathleen (administrator) on ISHII (17-10-2016 19:15:05) Running from C:\Users\Kathleen\Desktop Loaded Profiles: Kathleen (Available Profiles: Kathleen) Platform: Windows 8.1 (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dropbox, Inc.) C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\Dropbox.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe (Microsoft Corporation) C:\Windows\hh.exe (MalwareBytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe (Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe (MalwareBytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.exe (Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe () C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-14] (AVAST Software) HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1485096 2011-07-16] (Nero AG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-24] (Valve Corporation) HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [GoogleChromeAutoLaunch_2BDE1626D1BCF167F36C7C11F511FA17] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [966760 2016-09-25] (Google Inc.) HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [Dropbox Update] => C:\Users\Kathleen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [Amazon Music] => C:\Users\Kathleen\AppData\Local\Amazon Music\Amazon Music Helper.exe [5907944 2016-04-15] () HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29635712 2016-09-12] (Skype Technologies S.A.) HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-16] (Piriform Ltd) HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-11-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-01] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File Startup: C:\Users\Kathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-14] ShortcutTarget: Dropbox.lnk -> C:\Users\Kathleen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.11.1 Tcpip\..\Interfaces\{79BA45EF-88B7-4A2A-B917-CAFD6450F988}: [DhcpNameServer] 40.53.1.16 Tcpip\..\Interfaces\{9D7DE041-A63B-4080-BF10-9C00B43BBB67}: [DhcpNameServer] 192.168.11.1 Internet Explorer: ================== HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKU\S-1-5-21-2230534638-1152460850-2751653348-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKU\S-1-5-21-2230534638-1152460850-2751653348-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2230534638-1152460850-2751653348-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-01] (AVAST Software) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-01] (AVAST Software) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: tv0whvfz.default FF ProfilePath: C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\tv0whvfz.default [2016-10-17] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\tv0whvfz.default -> Google FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\tv0whvfz.default -> Google FF Homepage: Mozilla\Firefox\Profiles\tv0whvfz.default -> hxxp://pleated-jeans.com/ FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\tv0whvfz.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28] FF Extension: (Rikaichan Japanese-English Dictionary File) - C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\tv0whvfz.default\Extensions\rikaichan-jpen@polarcloud.com [2016-01-02] FF Extension: (Rikaichan) - C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\tv0whvfz.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2015-05-30] FF Extension: (FlashGot) - C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\tv0whvfz.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-17] FF Extension: (Save Image in Folder) - C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\tv0whvfz.default\Extensions\{5e594888-3e8e-47da-b2c6-b0b545112f84}.xpi [2015-12-13] FF Extension: (Adblock Plus) - C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\tv0whvfz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-01] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-01] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2011-07-27] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-13] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default [2016-10-17] CHR Extension: (Google Slides) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-24] CHR Extension: (I'm a Gentleman) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjaicccalbbickikgdegaihmajaidpd [2016-02-16] CHR Extension: (Google Docs) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-24] CHR Extension: (Google Drive) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25] CHR Extension: (YouTube) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (Google Search) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Hola Better Internet Engine) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-05-21] CHR Extension: (Google Sheets) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-24] CHR Extension: (Google Docs Offline) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-10-12] CHR Extension: (Avast Online Security) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-28] CHR Extension: (Instant Translate: Select and Translate) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-09-10] CHR Extension: (Chrome Web Store Payments) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09] CHR Extension: (ADTelly Free) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjjcnhdfjhfmkpilggjhhkgafmflld [2016-10-12] CHR Extension: (Gmail) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR Extension: (Chrome Media Router) - C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-12] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-01] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-28] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation) S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-01] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-01] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-01] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-25] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-14] (AVAST Software) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-13] (ASUS Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2016-10-17] () R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-10-17] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-17] (Malwarebytes) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-18 10:22 - 2016-10-18 10:22 - 00000000 _____ C:\Recovery.txt 2016-10-17 18:17 - 2016-10-17 18:17 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2016-10-17 18:16 - 2016-10-17 18:17 - 00000000 ____D C:\ProgramData\HitmanPro 2016-10-17 18:15 - 2016-10-17 18:16 - 11579432 _____ (SurfRight B.V.) C:\Users\Kathleen\Desktop\HitmanPro_x64.exe 2016-10-17 17:58 - 2016-10-17 18:00 - 00225550 _____ C:\TDSSKiller.3.1.0.11_17.10.2016_17.58.31_log.txt 2016-10-17 17:58 - 2016-10-17 17:58 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Kathleen\Desktop\tdsskiller.exe 2016-10-17 17:53 - 2016-10-17 17:53 - 33597888 _____ (Adlice Software ) C:\Users\Kathleen\Desktop\setup.exe 2016-10-17 17:48 - 2016-10-17 17:48 - 06705178 _____ C:\Users\Kathleen\Desktop\mbam-chameleon-3.1.33.0.zip 2016-10-17 17:45 - 2016-10-17 17:46 - 00048646 _____ C:\Users\Kathleen\Desktop\Addition.txt 2016-10-17 17:42 - 2016-10-17 19:15 - 00024294 _____ C:\Users\Kathleen\Desktop\FRST.txt 2016-10-17 17:42 - 2016-10-17 19:15 - 00000000 ____D C:\FRST 2016-10-17 17:41 - 2016-10-17 17:41 - 02406912 _____ (Farbar) C:\Users\Kathleen\Desktop\FRST64.exe 2016-10-17 16:42 - 2016-10-17 18:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-10-17 16:42 - 2016-10-17 17:27 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-10-17 16:42 - 2016-10-17 16:42 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-10-17 16:42 - 2016-10-17 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-10-17 16:42 - 2016-10-17 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-10-17 16:42 - 2016-10-17 16:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-10-17 16:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-10-17 16:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-10-17 16:29 - 2016-10-17 16:29 - 00566128 _____ (Malwarebytes) C:\Users\Kathleen\Desktop\mbam-clean-2.3.0.1001.exe 2016-10-17 16:25 - 2016-10-17 18:03 - 00002504 _____ C:\Users\Kathleen\Desktop\Rkill.txt 2016-10-17 16:25 - 2016-10-17 16:25 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Kathleen\Desktop\rkill.exe 2016-10-17 16:25 - 2016-10-17 16:25 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Kathleen\Desktop\rkill64.exe 2016-10-17 16:23 - 2016-10-17 16:23 - 22851472 _____ (Malwarebytes ) C:\Users\Kathleen\Desktop\mbam-setup-2.2.1.1043.exe 2016-10-16 16:13 - 2016-10-17 16:40 - 00000000 ____D C:\WINDOWS\Minidump 2016-10-14 13:45 - 2016-10-14 13:45 - 00058410 _____ C:\Users\Kathleen\Desktop\Katie receipt_tracker sept 2016.pdf 2016-10-14 08:21 - 2016-10-14 08:21 - 00000000 ____D C:\Users\Kathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-09-28 22:28 - 2016-09-28 23:35 - 00000000 ____D C:\Users\Kathleen\Desktop\mudol 2016-09-24 22:02 - 2016-09-25 17:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-17 18:36 - 2015-06-18 23:25 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2230534638-1152460850-2751653348-1001UA.job 2016-10-17 18:35 - 2015-01-25 02:58 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-17 18:24 - 2015-02-23 06:58 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-10-17 17:28 - 2015-01-21 13:21 - 00000074 _____ C:\Users\Kathleen\AppData\Roaming\sp_data.sys 2016-10-17 17:26 - 2015-02-09 09:14 - 00000000 ___DO C:\Users\Kathleen\OneDrive 2016-10-17 17:25 - 2015-01-25 02:58 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-17 17:24 - 2015-05-09 20:45 - 00000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2016-10-17 17:24 - 2013-08-22 23:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-10-17 16:47 - 2015-01-21 13:28 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2230534638-1152460850-2751653348-1001 2016-10-17 16:40 - 2013-08-22 22:36 - 00000000 ____D C:\WINDOWS\Inf 2016-10-17 16:36 - 2015-01-21 14:49 - 00000000 ___RD C:\Users\Kathleen\Dropbox 2016-10-17 16:19 - 2015-02-24 23:00 - 00506398 _____ C:\WINDOWS\system32\perfh011.dat 2016-10-17 16:19 - 2015-02-24 23:00 - 00135664 _____ C:\WINDOWS\system32\perfc011.dat 2016-10-17 16:19 - 2014-11-21 17:44 - 01496524 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-10-17 15:25 - 2015-02-01 13:10 - 00000000 ____D C:\Users\Kathleen\AppData\Roaming\vlc 2016-10-17 14:36 - 2013-08-22 22:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-10-17 12:47 - 2015-05-13 21:56 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2016-10-17 12:47 - 2015-05-13 21:56 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2016-10-16 12:36 - 2015-06-18 23:25 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2230534638-1152460850-2751653348-1001Core.job 2016-10-15 18:17 - 2015-02-09 08:05 - 00000000 ____D C:\Users\Kathleen 2016-10-14 14:50 - 2015-01-21 13:41 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-10-14 08:21 - 2015-01-21 14:45 - 00000000 ____D C:\Users\Kathleen\AppData\Roaming\Dropbox 2016-10-12 22:10 - 2015-02-06 14:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-10-12 21:37 - 2015-01-25 03:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-12 21:24 - 2015-02-23 06:58 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-10-12 21:24 - 2013-08-23 00:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-10-12 21:24 - 2013-08-23 00:36 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-10-01 20:38 - 2015-06-18 23:25 - 00000000 ____D C:\Users\Kathleen\AppData\Local\Dropbox 2016-09-30 12:09 - 2015-06-07 18:29 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-09-28 23:44 - 2015-05-22 23:14 - 00000000 ____D C:\Users\Kathleen\AppData\Roaming\MyPhoneExplorer 2016-09-26 23:59 - 2015-06-06 20:18 - 00000000 ____D C:\Users\Kathleen\AppData\Roaming\Skype 2016-09-25 17:37 - 2015-01-21 13:41 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2016-09-25 17:32 - 2013-08-23 00:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-09-25 17:29 - 2015-01-21 13:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-09-24 21:24 - 2016-03-23 17:55 - 00003884 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458723330 2016-09-24 21:23 - 2016-03-23 17:55 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-09-24 08:03 - 2015-06-06 20:17 - 00000000 ____D C:\ProgramData\Skype ==================== Files in the root of some directories ======= 2015-01-21 13:21 - 2016-10-17 17:28 - 0000074 _____ () C:\Users\Kathleen\AppData\Roaming\sp_data.sys 2015-02-21 00:42 - 2015-02-21 00:42 - 0003584 _____ () C:\Users\Kathleen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-09 07:59 - 2015-02-09 07:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2013-05-01 18:34 - 2012-09-07 20:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2013-05-01 18:34 - 2009-07-22 19:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2013-05-01 18:34 - 2012-09-07 20:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed I hope that you can help me. Thank you CheckResultsv.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.