Jump to content

I'm infected and here is the report please help, Thank you

Shepman

By Shepman
in Resolved Malware Removal Logs

 Share

Recommended Posts

Shepman

Shepman

Posted
Posted

RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Angelo [Admin rights]
Mode : Scan -- Date : 11/25/2013 14:16:12
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:49208;hxxps=127.0.0.1:49208 [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500LT012-9WS142 +++++
--- User ---
[MBR] 2a9da809f01a3adf2d0b092a6c02aba2
[bSP] 73e685d93dd40fb69d9fe65037604de5 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_11252013_141612.txt >>
RKreport[0]_S_11242013_002315.txt

 

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites
Shepman

Shepman

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-11-2013 01
Ran by Angelo (administrator) on INVASION on 27-11-2013 15:40:24
Running from C:\Users\Angelo\Downloads
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DellWPF] - [x]
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6842000 2012-09-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\quickset.exe [5757328 2012-10-19] (Dell Inc.)
HKLM\...\Run: [btTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [btvStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Runonce: [Maxwebsearch-ext Progam Files Data Uninstall] - cmd /C rd /Q /S "C:\Users\Angelo\AppData\Local\Maxwebsearch" [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Facebook Update] - C:\Users\Angelo\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-03] (Facebook Inc.)
HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [GoogleChromeAutoLaunch_EABEC36F0D163A0B71A98CB98E912C59] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-10-08] (Google Inc.)
HKCU\...\Runonce: [uninstall C:\Users\Angelo\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Angelo\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
MountPoints2: {708c00cc-26c4-11e3-be7c-9c2a70750248} - "F:\LapNetWizard.exe"
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:49208;https=127.0.0.1:49208
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,OldURL = http://dell13.msn.com/
SearchScopes: HKLM - DefaultScope {976AD4AE-FA90-4C7D-BE5D-55EC69DE109A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM - {976AD4AE-FA90-4C7D-BE5D-55EC69DE109A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - DefaultScope {976AD4AE-FA90-4C7D-BE5D-55EC69DE109A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {976AD4AE-FA90-4C7D-BE5D-55EC69DE109A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {976AD4AE-FA90-4C7D-BE5D-55EC69DE109A} URL =
SearchScopes: HKCU - OldDefaultScope {976AD4AE-FA90-4C7D-BE5D-55EC69DE109A}
SearchScopes: HKCU - {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = http://maxwebsearch.com/s?type=default&user_id=480c5cd0-295a-4584-a0e6-01a27d61a48a&i_id=maxwebsearch-ext&uc=20131101&type=provider&type=tb-ext-setsearch&providertype=ext&source=1_di_sk_g_s_us_win8_ie_0_0000-0000&query={searchTerms}
SearchScopes: HKCU - {976AD4AE-FA90-4C7D-BE5D-55EC69DE109A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ScorpionSaver - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome:
=======

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
CHR Extension: (Google Docs) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (MaxWebSearch) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfoohomlbfkcchknbpblhgnfceglhpn\1.1_0
CHR Extension: (Google Search) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0
CHR Extension: (Google Wallet) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Scorpion Saver) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0
CHR Extension: (Gmail) - C:\Users\Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [512504 2013-11-25] ()
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [384048 2013-02-25] (McAfee, Inc.)
R2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-09-12] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-09-04] (Atheros)

==================== Drivers (Whitelisted) ====================

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-09-20] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-27 15:40 - 2013-11-27 15:41 - 00017125 _____ C:\Users\Angelo\Downloads\FRST.txt
2013-11-27 15:40 - 2013-11-27 15:40 - 00000000 ____D C:\FRST
2013-11-27 15:39 - 2013-11-27 15:39 - 01958850 _____ (Farbar) C:\Users\Angelo\Downloads\FRST64.exe
2013-11-27 10:57 - 2013-11-27 10:57 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-22 12:46 - 2013-11-22 12:46 - 00000000 ___RD C:\Users\Angelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-21 14:45 - 2013-11-21 14:45 - 00003170 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2013-11-21 11:46 - 2013-09-13 17:15 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-11-21 11:46 - 2013-09-13 14:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-11-21 11:46 - 2013-09-13 14:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-11-21 11:46 - 2013-09-13 14:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-11-21 11:46 - 2013-09-13 14:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-11-21 11:46 - 2013-09-13 14:36 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-11-21 11:46 - 2013-09-13 14:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-11-21 11:46 - 2013-09-13 14:33 - 03279360 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-11-21 11:46 - 2013-09-13 14:33 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-11-21 11:46 - 2013-09-13 14:33 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-11-21 11:46 - 2013-09-13 14:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-11-21 11:46 - 2013-09-13 14:33 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-11-21 11:46 - 2013-09-13 14:33 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-11-21 11:46 - 2013-09-13 14:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-11-21 11:46 - 2013-09-13 14:33 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-11-21 11:46 - 2013-08-29 21:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-11-21 11:46 - 2013-08-29 21:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-11-21 11:46 - 2013-08-29 15:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-11-21 11:46 - 2013-08-20 22:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-11-21 11:46 - 2013-08-09 22:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-11-21 11:46 - 2013-08-09 21:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-11-21 11:46 - 2013-08-09 19:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-11-21 11:46 - 2013-07-24 15:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-21 11:46 - 2013-07-24 15:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-11-21 11:46 - 2013-07-11 17:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-11-21 11:46 - 2013-07-11 17:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-11-21 11:45 - 2013-10-10 03:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-11-21 11:45 - 2013-10-10 01:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-21 11:45 - 2013-10-10 01:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-11-21 11:45 - 2013-10-02 15:25 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-21 11:45 - 2013-10-01 15:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-21 11:45 - 2013-10-01 15:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-21 11:45 - 2013-10-01 14:22 - 01022976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-21 11:45 - 2013-09-23 14:30 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-21 11:45 - 2013-09-23 14:30 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-21 11:45 - 2013-09-03 19:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-21 11:45 - 2013-08-22 23:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-21 11:45 - 2013-08-22 17:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-21 11:44 - 2013-10-12 00:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-21 11:44 - 2013-10-12 00:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-21 11:44 - 2013-10-12 00:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-21 11:44 - 2013-10-12 00:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-21 11:44 - 2013-10-12 00:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-21 11:44 - 2013-10-12 00:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-21 11:44 - 2013-10-12 00:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-21 11:44 - 2013-10-12 00:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-21 11:44 - 2013-10-12 00:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-21 11:44 - 2013-10-11 23:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-21 11:44 - 2013-10-11 23:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-21 11:44 - 2013-10-11 23:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-21 11:44 - 2013-10-11 23:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-21 11:44 - 2013-10-11 23:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-21 11:44 - 2013-10-11 23:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-21 11:44 - 2013-10-11 23:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-21 11:44 - 2013-10-11 23:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-21 11:44 - 2013-10-01 15:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-21 11:44 - 2013-10-01 15:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-04 12:24 - 2013-11-07 11:30 - 00000000 ____D C:\Users\Angelo\AppData\Roaming\Systweak
2013-11-04 12:24 - 2013-09-17 11:25 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-11-01 13:31 - 2013-11-01 13:31 - 00003124 _____ C:\Windows\System32\Tasks\{F7E4B7CD-1CB7-4443-8535-4AA1A58120D6}
2013-11-01 13:26 - 2013-11-14 12:04 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard
2013-11-01 13:26 - 2013-11-01 13:26 - 00003860 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2013-11-01 13:26 - 2013-11-01 13:26 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
2013-11-01 13:25 - 2013-11-27 15:33 - 00000000 ____D C:\Users\Angelo\AppData\Local\Maxwebsearch
2013-11-01 13:25 - 2013-11-01 13:25 - 00000000 ____D C:\Program Files (x86)\Level Quality Watcher

==================== One Month Modified Files and Folders =======

2013-11-27 15:41 - 2013-11-27 15:40 - 00017125 _____ C:\Users\Angelo\Downloads\FRST.txt
2013-11-27 15:40 - 2013-11-27 15:40 - 00000000 ____D C:\FRST
2013-11-27 15:40 - 2013-06-07 11:53 - 00000000 ____D C:\Users\Angelo\AppData\Local\CrashDumps
2013-11-27 15:39 - 2013-11-27 15:39 - 01958850 _____ (Farbar) C:\Users\Angelo\Downloads\FRST64.exe
2013-11-27 15:33 - 2013-11-01 13:25 - 00000000 ____D C:\Users\Angelo\AppData\Local\Maxwebsearch
2013-11-27 15:00 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\system32\sru
2013-11-27 14:14 - 2013-06-05 14:53 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 14:03 - 2013-09-03 15:58 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-82184493-105025556-2820350651-1001UA.job
2013-11-27 13:14 - 2013-06-05 14:53 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 10:57 - 2013-11-27 10:57 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-25 17:03 - 2013-09-03 15:58 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-82184493-105025556-2820350651-1001Core.job
2013-11-22 12:50 - 2013-01-26 15:47 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2013-11-22 12:49 - 2012-07-25 23:28 - 00850046 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-22 12:47 - 2013-09-03 16:08 - 00000000 ____D C:\Users\Angelo\AppData\Roaming\Skype
2013-11-22 12:47 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-11-22 12:46 - 2013-11-22 12:46 - 00000000 ___RD C:\Users\Angelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-22 12:42 - 2012-07-25 23:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-22 12:41 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-11-22 12:40 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\WinStore
2013-11-22 12:39 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ToastData
2013-11-22 12:38 - 2013-01-26 15:08 - 00092084 _____ C:\Windows\PFRO.log
2013-11-21 15:19 - 2013-09-17 12:37 - 00000000 ____D C:\Users\Angelo\Desktop\Scottie Boy
2013-11-21 14:53 - 2013-06-05 14:44 - 01215920 _____ C:\Windows\WindowsUpdate.log
2013-11-21 14:45 - 2013-11-21 14:45 - 00003170 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2013-11-21 12:29 - 2013-06-05 14:54 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-21 11:53 - 2013-09-06 13:56 - 00000000 ____D C:\Windows\system32\MRT
2013-11-21 11:51 - 2013-06-07 12:04 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-21 11:48 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-11-21 11:45 - 2013-06-05 15:16 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-11-14 12:07 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\system32\NDF
2013-11-14 12:04 - 2013-11-01 13:26 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard
2013-11-07 11:30 - 2013-11-04 12:24 - 00000000 ____D C:\Users\Angelo\AppData\Roaming\Systweak
2013-11-05 14:58 - 2012-07-26 00:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 14:58 - 2012-07-26 00:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-01 13:31 - 2013-11-01 13:31 - 00003124 _____ C:\Windows\System32\Tasks\{F7E4B7CD-1CB7-4443-8535-4AA1A58120D6}
2013-11-01 13:26 - 2013-11-01 13:26 - 00003860 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2013-11-01 13:26 - 2013-11-01 13:26 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
2013-11-01 13:25 - 2013-11-01 13:25 - 00000000 ____D C:\Program Files (x86)\Level Quality Watcher

Some content of TEMP:
====================
C:\Users\Angelo\AppData\Local\Temp\COMAP.EXE
C:\Users\Angelo\AppData\Local\Temp\newsetup.exe
C:\Users\Angelo\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Angelo\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Angelo\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_238ddd1a-16c2-469e-adeb-74ff517a69ed_TX_PR_ (1).exe
C:\Users\Angelo\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_238ddd1a-16c2-469e-adeb-74ff517a69ed_TX_PR_ (2).exe
C:\Users\Angelo\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_238ddd1a-16c2-469e-adeb-74ff517a69ed_TX_PR_ (3).exe
C:\Users\Angelo\AppData\Local\Temp\System.Data.SQLite.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-27 14:08

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2013 01
Ran by Angelo at 2013-11-27 15:41:48
Running from C:\Users\Angelo\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Amazon Browser App (x32 Version: 1.0.0.0)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913)
CyberLink Media Suite Essentials (x32 Version: 10.0)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904)
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52)
D3DX10 (x32 Version: 15.4.2368.0902)
Dell Backup and Recovery - Support Software (x32 Version: 1.0.0.2)
Dell Backup and Recovery (x32 Version: 1.0.0.2)
Dell Digital Delivery (x32 Version: 2.2.2000.0)
Dell Product Registration (x32 Version: 1.16.1)
Dell Support Center (Version: 3.2.6032.39)
Dell Touchpad (Version: 16.2.12.17)
Dell WLAN and Bluetooth Client Installation (x32 Version: 10.0)
DSC/AA Factory Installer (Version: 3.2.6032.39)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Google Chrome (x32 Version: 31.0.1650.57)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Intel® Control Center (x32 Version: 1.2.1.1008)
Intel® Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Processor Graphics (x32 Version: 9.17.10.2867)
Intel® Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Level Quality Watcher (x32 Version: 1.0.0.0) <==== ATTENTION
McAfee SecurityCenter (x32 Version: 11.6.511)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1005)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005)
Photo Gallery (x32 Version: 16.4.3505.0912)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.209)
Quickset64 (Version: 10.15.012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6741)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
ScorpionSaver (x32 Version: 1.0.0.0) <==== ATTENTION
Shared C Run-time for x64 (Version: 10.0.0)
Skype Click to Call (x32 Version: 6.12.13601)
Skype™ 6.7 (x32 Version: 6.7.102)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)

==================== Restore Points  =========================

04-11-2013 20:27:00 RegClean Pro Mon, Nov 04, 13  12:26
21-11-2013 19:48:15 Windows Update

==================== Hosts content: ==========================

2012-07-25 21:26 - 2012-07-25 21:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09ABFBD7-8731-4DA8-AF2F-267DAD2FD548} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)
Task: {1630FD6B-106E-45E0-B9EF-2016A659DAB9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-14] (Microsoft Corporation)
Task: {22A2E70E-84F1-44C7-8880-AA3E2262D457} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-07-17] (PC-Doctor, Inc.)
Task: {3ED670E9-BE86-4675-8FA0-7DDBD5E2C8B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {69EBDB6E-6061-4A9E-B28D-9ACF6A090F8C} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {69EEA3C2-038E-471E-89B1-8F46BC2CF321} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-82184493-105025556-2820350651-1001Core => C:\Users\Angelo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-03] (Facebook Inc.)
Task: {6F0E15CB-12DD-4B85-8E43-69F296E9E438} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-07-17] (PC-Doctor, Inc.)
Task: {7264EE21-639D-4E6E-80F0-8A1867678BE0} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe <==== ATTENTION
Task: {797B9A29-4DA8-42DD-A5CE-43439AA097F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {7CCBCA16-9133-4B4B-8693-105D329A2E43} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation)
Task: {8527D0D7-44D3-4811-A39F-75FEBAB32BBC} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\System32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)
Task: {86AC420A-EB40-4308-B8C5-A7A3E5FD21B3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-82184493-105025556-2820350651-1001UA => C:\Users\Angelo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-03] (Facebook Inc.)
Task: {9D15B46C-87DA-4835-A61F-0C914BDEA879} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D7304E84-7DB5-4DE9-B0CA-062D4BFF04C5} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-07-17] (PC-Doctor, Inc.)
Task: {FA1D18A5-5828-4E72-BF45-88D82C90D086} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-20] (Synaptics Incorporated)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-82184493-105025556-2820350651-1001Core.job => C:\Users\Angelo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-82184493-105025556-2820350651-1001UA.job => C:\Users\Angelo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-14 12:26 - 2013-11-14 12:26 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-01-26 14:20 - 2012-11-01 14:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-01-26 14:24 - 2012-10-16 02:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-09-14 14:11 - 2012-09-14 14:11 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2013-09-18 14:56 - 2013-09-18 14:56 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\d4b49cde56288aa4c132208d7aba2a82\PSIClient.ni.dll
2013-01-26 15:32 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-01-26 15:40 - 2012-06-07 19:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-11-21 12:29 - 2013-11-14 03:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-21 12:29 - 2013-11-14 03:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-21 12:29 - 2013-11-14 03:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-21 12:29 - 2013-11-14 03:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-21 12:29 - 2013-11-14 03:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-10-07 11:14 - 2013-10-07 11:14 - 00082944 _____ () C:\Program Files (x86)\ScorpionSaver\IECore.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2013 03:40:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: ERUNT.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x00052a03
Faulting process id: 0x6f74
Faulting application start time: 0xERUNT.exe0
Faulting application path: ERUNT.exe1
Faulting module path: ERUNT.exe2
Report Id: ERUNT.exe3
Faulting package full name: ERUNT.exe4
Faulting package-relative application ID: ERUNT.exe5

Error: (11/27/2013 11:03:53 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0xfa10
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 11:42:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x2eb8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 09:31:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x19cc
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 05:00:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x8070
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 04:56:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x2254
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 03:35:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x2644
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 03:31:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x3a18
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 03:15:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: IECore.dll, version: 0.0.0.0, time stamp: 0x5252ddee
Exception code: 0xc0000005
Fault offset: 0x000015e5
Faulting process id: 0x3fa8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (11/25/2013 02:15:51 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

System errors:
=============
Error: (11/25/2013 03:52:36 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (11/25/2013 03:52:36 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (11/25/2013 02:27:09 PM) (Source: DCOM) (User: INVASION)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}INVASIONAngeloS-1-5-21-82184493-105025556-2820350651-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/25/2013 02:27:02 PM) (Source: DCOM) (User: INVASION)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}INVASIONAngeloS-1-5-21-82184493-105025556-2820350651-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/25/2013 02:26:52 PM) (Source: DCOM) (User: INVASION)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}INVASIONAngeloS-1-5-21-82184493-105025556-2820350651-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/25/2013 02:26:46 PM) (Source: DCOM) (User: INVASION)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}INVASIONAngeloS-1-5-21-82184493-105025556-2820350651-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/25/2013 02:26:33 PM) (Source: DCOM) (User: INVASION)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}INVASIONAngeloS-1-5-21-82184493-105025556-2820350651-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/24/2013 00:15:18 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (11/24/2013 00:15:18 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (11/24/2013 00:15:18 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Microsoft Office Sessions:
=========================
Error: (11/27/2013 03:40:14 PM) (Source: Application Error)(User: )
Description: ERUNT.exe0.0.0.02a425e19ntdll.dll6.2.9200.16578515fac6ec000000500052a036f7401ceebca05378ff1C:\Windows\ERUNT.exeC:\Windows\SYSTEM32\ntdll.dll43159fed-57bd-11e3-be89-9c2a70750248

Error: (11/27/2013 11:03:53 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e5fa1001ceea68c7160fbdC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dlla7bcdc0a-5796-11e3-be89-9c2a70750248

Error: (11/25/2013 11:42:23 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e52eb801ceea36fa50310fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dll4931aaeb-566e-11e3-be89-9c2a70750248

Error: (11/25/2013 09:31:33 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e519cc01ceea42e7443399C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dll025202eb-565c-11e3-be89-9c2a70750248

Error: (11/25/2013 05:00:27 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e5807001ceea426b118861C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dll23176bc2-5636-11e3-be89-9c2a70750248

Error: (11/25/2013 04:56:57 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e5225401ceea39b8f8ff61C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dlla5fe3de4-5635-11e3-be89-9c2a70750248

Error: (11/25/2013 03:35:06 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e5264401ceea342d893a34C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dll36b15cb0-562a-11e3-be89-9c2a70750248

Error: (11/25/2013 03:31:01 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e53a1801ceea2ca7d514b5C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dlla496760d-5629-11e3-be89-9c2a70750248

Error: (11/25/2013 03:15:01 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7IECore.dll0.0.0.05252ddeec0000005000015e53fa801cee7f486347b5bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\ScorpionSaver\IECore.dll6853cf66-5627-11e3-be89-9c2a70750248

Error: (11/25/2013 02:15:51 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

==================== Memory info ===========================

Percentage of memory in use: 72%
Total physical RAM: 3965.27 MB
Available physical RAM: 1097.75 MB
Total Pagefile: 5245.27 MB
Available Pagefile: 1626 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:456.34 GB) (Free:418.59 GB) NTFS
Drive w: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:8.28 GB) (Free:0.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: AFBC8399)

Partition: GPT Partition Type
==================== End Of Log ============================

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Download the attached fixlist.txt to the same folder as FRST.
Run FRST.exe and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Then......

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.