Jump to content

Recommended Posts

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16843
Run by Z at 10:03:09 on 2014-03-27
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8175.6094 [GMT -7:00]
.
AV: Emsisoft Anti-Malware *Enabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Enabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\EscSvc64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Z\AppData\Local\Pale Moon\palemoon.exe
C:\Users\Z\AppData\Local\Pale Moon\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mWinlogon: Userinit = userinit.exe
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} -
mRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5FEA2F2F-A4A0-45F7-BDCE-E34A3C262D86} : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-5-9 26176]
R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2013-5-9 45208]
R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2013-5-9 17384]
R2 a2AntiMalware;Emsisoft Anti-Malware 7.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-5-9 4163584]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-6-14 135824]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2013-6-11 27792]
R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-5-9 71472]
R3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-7-1 57024]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-3-4 838216]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-8-18 2206352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-5-22 77592]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-5-22 13080]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-22 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-15 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-22 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-11 1255736]
.
=============== Created Last 30 ================
.
2014-03-25 12:24:27 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CB1D8CB-BF05-435E-9773-78FE2CE6536F}\offreg.dll
2014-03-25 09:22:55 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CB1D8CB-BF05-435E-9773-78FE2CE6536F}\mpengine.dll
2014-03-25 01:18:31 -------- d-----w- C:\Users\Z\AppData\Local\Pale Moon
2014-03-21 07:14:58 -------- d-----w- C:\bf479d861f651b6fbd5644ee42b6520a
2014-03-21 06:48:11 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-03-21 06:48:09 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-21 06:48:09 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-21 06:48:03 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-21 06:47:56 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-03-21 06:47:56 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-03-21 06:47:29 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-21 06:47:29 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-21 06:46:35 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-21 06:46:35 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-21 03:58:40 -------- d-----w- C:\ProgramData\WinZipSE
2014-03-21 03:58:40 -------- d-----w- C:\Program Files (x86)\WinZip Self-Extractor
2014-03-17 14:19:15 -------- d-----w- C:\Verizon
2014-03-08 07:03:42 -------- d-----w- C:\ProgramData\BioWare
2014-03-08 06:58:40 -------- d-----w- C:\Windows\SysWow64\AGEIA
2014-03-08 05:42:57 -------- d-----w- C:\Program Files (x86)\Steam
2014-03-06 16:41:03 -------- d-----w- C:\Program Files (x86)\CSV Viewer
2014-02-28 20:38:34 -------- d-----w- C:\Users\Z\AppData\Roaming\Awesomium
2014-02-28 08:08:32 -------- d-----w- C:\Users\Z\AppData\Roaming\com.immersyve.Paladin.live
2014-02-27 13:15:50 -------- d-----w- C:\ProgramData\Elder Scrolls Online
2014-02-27 10:38:43 -------- d-----w- C:\Program Files (x86)\Zenimax Online
.
==================== Find3M  ====================
.
2014-03-21 07:50:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-21 07:50:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-23 08:13:41 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-23 08:11:59 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 08:11:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-23 08:11:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-23 06:54:46 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-23 06:53:22 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 06:53:18 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-23 06:53:18 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-23 06:35:36 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-23 06:31:25 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-23 05:39:39 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-02-23 05:35:24 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
.
============= FINISH: 10:04:26.92 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/8/2013 5:52:27 PM
System Uptime: 3/27/2014 9:49:30 AM (1 hours ago)
.
Motherboard: ASRock |  | H61M-HVS
Processor: Intel® Core i5-2500K CPU @ 3.30GHz | CPUSocket | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 625.883 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 0 GiB total, 0.06 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: High Definition Audio Device
Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002\5&E993847&0&0001
Manufacturer: Microsoft
Name: High Definition Audio Device
PNP Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002\5&E993847&0&0001
Service: HdAudAddService
.
==== System Restore Points ===================
.
RP182: 3/3/2014 10:15:59 PM - Windows Update
RP183: 3/6/2014 8:30:16 AM - Removed Microsoft Office Excel Viewer
RP184: 3/7/2014 6:36:30 AM - Windows Update
RP185: 3/7/2014 10:55:07 PM - Installed DirectX
RP186: 3/7/2014 10:57:09 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP187: 3/7/2014 11:52:34 PM - Installed 7-Zip 9.20 (x64 edition)
RP188: 3/11/2014 7:02:52 PM - Windows Update
RP189: 3/12/2014 3:00:11 AM - Windows Update
RP190: 3/18/2014 7:15:28 AM - Windows Update
RP191: 3/19/2014 3:00:14 AM - Windows Update
RP192: 3/19/2014 3:13:02 PM - Windows Update
RP193: 3/19/2014 6:24:55 PM - Windows Update
RP194: 3/20/2014 3:00:16 AM - Windows Update
RP195: 3/20/2014 10:06:16 PM - Windows Modules Installer
RP196: 3/20/2014 10:11:09 PM - Installed Windows Resource Kit Tools - SubInAcl.exe
RP197: 3/20/2014 10:22:43 PM - Restore Operation
RP198: 3/20/2014 11:47:21 PM - Windows Update
RP199: 3/21/2014 12:14:47 AM - Windows Update
RP200: 3/21/2014 12:18:55 AM - Removed Microsoft Silverlight
RP201: 3/21/2014 3:00:11 AM - Windows Update
RP202: 3/25/2014 2:22:21 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
AMD Accelerated Video Transcoding
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Avidemux 2.6 (32-bit)
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CloudReading
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
D3DX10
Download Navigator
Emsisoft Anti-Malware
Epson Connect
Epson Customer Participation
Epson Event Manager
EPSON Scan
EPSON XP-300 Series Printer Uninstall
EpsonNet Print
eReg
FamilySearch Indexing 3.17.7
Foxit Reader
Google Talk (remove only)
Guild Wars 2
HitmanPro 3.7
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Excel Viewer
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Pale Moon 24.0.2 (x64 en-US)
Pale Moon 24.3.2 (x86 en-US)
Pale Moon 24.4.1 (x86 en-US)
Photo Common
Photo Gallery
Platform
SeaMonkey 2.19 (x86 en-US)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
TeamSpeak 3 Client
VIA Platform Device Manager
VLC media player 2.0.8
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
3/20/2014 9:51:38 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 9:36:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
3/20/2014 9:33:06 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service defragsvc with arguments "" in order to run the server: {D20A3293-3341-4AE8-9AAF-8E397CB63C34}
3/20/2014 9:30:02 PM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 9:28:25 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 9:28:24 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/20/2014 9:28:24 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/20/2014 9:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/20/2014 9:28:14 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/20/2014 9:28:02 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  a2injectiondriver discache spldr Wanarpv6
3/20/2014 8:32:36 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:29:20 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:29:20 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:29:20 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:29:20 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:29:17 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:28:57 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DHCP Client service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:28:20 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Portable Device Enumerator Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The PnP-X IP Bus Enumerator service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:28:17 PM, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:49 PM, Error: Service Control Manager [7031]  - The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:35 PM, Error: Service Control Manager [7034]  - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly.  It has done this 2 time(s).
3/20/2014 8:27:35 PM, Error: Service Control Manager [7031]  - The Network Store Interface Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/20/2014 8:27:35 PM, Error: Service Control Manager [7031]  - The Network List Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
3/20/2014 8:27:35 PM, Error: Service Control Manager [7031]  - The COM+ Event System service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
3/20/2014 8:27:32 PM, Error: Service Control Manager [7034]  - The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).
3/20/2014 8:27:29 PM, Error: Service Control Manager [7031]  - The Windows Firewall service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:29 PM, Error: Service Control Manager [7031]  - The Diagnostic Policy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:29 PM, Error: Service Control Manager [7031]  - The Base Filtering Engine service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:20 PM, Error: Service Control Manager [7031]  - The Application Experience service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:01 PM, Error: Service Control Manager [7034]  - The Function Discovery Provider Host service terminated unexpectedly.  It has done this 1 time(s).
3/20/2014 8:27:01 PM, Error: Service Control Manager [7034]  - The Diagnostic Service Host service terminated unexpectedly.  It has done this 1 time(s).
3/20/2014 8:27:01 PM, Error: Service Control Manager [7031]  - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
3/20/2014 8:27:01 PM, Error: Service Control Manager [7031]  - The Windows Font Cache Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:27:01 PM, Error: Service Control Manager [7031]  - The Network Store Interface Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:27:01 PM, Error: Service Control Manager [7031]  - The Network List Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
3/20/2014 8:27:01 PM, Error: Service Control Manager [7031]  - The COM+ Event System service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
3/20/2014 8:26:57 PM, Error: Service Control Manager [7031]  - The Windows Event Log service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:26:57 PM, Error: Service Control Manager [7031]  - The Windows Audio service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:26:57 PM, Error: Service Control Manager [7031]  - The TCP/IP NetBIOS Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
3/20/2014 8:26:57 PM, Error: Service Control Manager [7031]  - The Security Center service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 8:26:57 PM, Error: Service Control Manager [7031]  - The HomeGroup Provider service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/20/2014 8:26:57 PM, Error: Service Control Manager [7031]  - The DHCP Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 7:14:13 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 7:14:01 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/20/2014 7:14:01 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/20/2014 7:13:38 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  a2injectiondriver AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The Epson Scanner Service service depends on the Windows Image Acquisition (WIA) service which failed to start because of the following error:  The dependency service or group failed to start.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
3/20/2014 7:13:38 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
3/20/2014 12:21:36 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Peer Networking Identity Manager service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 12:21:36 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Peer Networking Grouping service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 12:21:36 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Peer Name Resolution Protocol service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 12:18:50 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Font Cache Service service, but this action failed with the following error:  An instance of the service is already running.
3/20/2014 12:16:50 PM, Error: Service Control Manager [7031]  - The Windows Font Cache Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/20/2014 12:16:40 PM, Error: Service Control Manager [7031]  - The TCP/IP NetBIOS Helper service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
3/20/2014 12:16:40 PM, Error: Service Control Manager [7031]  - The DHCP Client service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/20/2014 12:16:36 PM, Error: Service Control Manager [7031]  - The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/20/2014 12:16:36 PM, Error: Service Control Manager [7031]  - The Peer Networking Grouping service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/20/2014 12:16:36 PM, Error: Service Control Manager [7031]  - The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
3/20/2014 11:41:41 PM, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
3/20/2014 11:40:15 PM, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied..
.
==== End Of File ===========================


 

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

I do not see Malwarebytes installed, do the following:

 

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin...

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/27/2014
Scan Time: 3:18:24 PM
Logfile:
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.27.07
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Z

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 237256
Time Elapsed: 9 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)
I am still getting blank screens in IE and when I try to use Pandora in IE.
This is frustrating.


 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool

(FRST.txt) (x64) Version: 13-03-2014
Ran by Z (administrator) on Z-PC on 27-03-2014

17:31:21
Running from C:\Users\Z\AppData\Local

\Microsoft\Windows\Temporary Internet Files

\Content.IE5\7C8B3XY4
Windows 7 Home Premium Service Pack 1 (X64)

OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version:

http://www.bleepingcomputer.com/download/f

arbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version:

http://www.bleepingcomputer.com/download/f

arbar-recovery-scan-tool/dl/82/
Download link from any site other than

Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

http://www.geekstogo.com/forum/topic/335081-

frst-tutorial-how-to-use-farbar-recovery-scan-

tool/

==================== Processes (Whitelisted)

=================

(Emsisoft GmbH) C:\Program Files

(x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program

Files\EPSON\EpsonCustomerParticipation

\EPCP.exe
(VIA Technologies, Inc.) C:\Windows

\system32\viakaraokesrv.exe
(Microsoft Corp.) C:\Program Files\Common

Files\Microsoft Shared\Windows Live

\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows

\system32\EscSvc64.exe
(Microsoft Corp.) C:\Program Files\Common

Files\Microsoft Shared\Windows Live

\WLIDSvcM.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi

\VDeck\VDeck.exe
(Moonchild Productions) C:\Users\Z\AppData

\Local\Pale Moon\palemoon.exe
(Mozilla Corporation) C:\Users\Z\AppData

\Local\Pale Moon\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows

\SysWOW64\Macromed\Flash

\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows

\SysWOW64\Macromed\Flash

\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Program Files

\Internet Explorer\iexplore.exe
(Malwarebytes Corporation) C:\Malwarebytes

\mbam.exe
(Microsoft Corporation) C:\Windows

\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted)

==================

HKLM-x32\...\Run: [emsisoft anti-malware] - c:

\program files (x86)\emsisoft anti-malware

\a2guard.exe [4330432 2014-02-11] (Emsisoft

GmbH)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program

Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

[5264016 2012-08-16] (VIA)
HKU\S-1-5-19\...\Run: [sidebar] -

%ProgramFiles%\Windows Sidebar\Sidebar.exe

/autoRun
HKU\S-1-5-20\...\Run: [sidebar] -

%ProgramFiles%\Windows Sidebar\Sidebar.exe

/autoRun
HKU\S-1-5-21-4072782907-1798841686-

2768727812-1000\...\Policies\system:

[LogonHoursAction] 2
HKU\S-1-5-21-4072782907-1798841686-

2768727812-1000\...\Policies\system:

[DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-4072782907-

1798841686-2768727812-1004\User: Group Policy

restriction detected <======= ATTENTION

==================== Internet (Whitelisted)

====================

HKCU\Software\Microsoft\Internet Explorer

\Main,Start Page Redirect Cache =

http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer

\Main,Start Page Redirect Cache_TIMESTAMP

= 0x327FE3A57C4CCE01
HKCU\Software\Microsoft\Internet Explorer

\Main,Start Page Redirect Cache AcceptLangs =

en-us
SearchScopes: HKCU - DefaultScope

{F87196E1-9A2F-4FD7-86DE-D4B2B9D172DA}

URL = https://www.google.com/search?q=

{searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-

A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {F87196E1-9A2F-4FD7-

86DE-D4B2B9D172DA} URL =

https://www.google.com/search?q=

{searchTerms}
BHO: Windows Live ID Sign-in Helper -

{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:

\Program Files\Common Files\Microsoft Shared

\Windows Live\WindowsLiveLogin.dll

(Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807

-95EC-D1C317803333} - C:\Program Files

\Logitech\SetPointP\SetPointSmooth.dll No

File
BHO-x32: Windows Live ID Sign-in Helper -

{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:

\Program Files (x86)\Common Files\Microsoft

Shared\Windows Live\WindowsLiveLogin.dll

(Microsoft Corp.)
BHO-x32: Logitech SetPoint - {AF949550-9094-

4807-95EC-D1C317803333} - C:\Program Files

\Logitech\SetPointP\32-bit\SetPointSmooth.dll

No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-

00195EC8D5F9}

http://support.asus.com/select/asusTek_sys_ctrl3

.cab
Tcpip\Parameters: [DhcpNameServer]

192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Z\AppData\Roaming

\Mozilla\Firefox\Profiles\erg2wwod.default
FF Homepage: https://startpage.com/
FF Keyword.URL:

https://startpage.com/do/search?

language=english&cat=web&query=
FF Plugin: @adobe.com/FlashPlayer - C:

\Windows\system32\Macromed\Flash

\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - C:

\Windows\system32\Wat\npWatWeb.dll

(Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -

c:\Program Files\Microsoft Silverlight

\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:

\Windows\SysWOW64\Macromed\Flash

\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader

Plugin,version=1.0,application/vnd.fdf - C:

\Program Files (x86)\Foxit Software\Foxit

Reader\plugins\npFoxitReaderPlugin.dll No

File
FF Plugin-x32: @microsoft.com/GENUINE - C:

\Windows\system32\Wat\npWatWeb.dll

(Microsoft Corporation)
FF Plugin-x32:

@Microsoft.com/NpCtrl,version=1.0 - c:\Program

Files (x86)\Microsoft Silverlight

\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32:

@microsoft.com/WLPG,version=16.4.3508.0205 -

C:\Program Files (x86)\Windows Live\Photo

Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -

C:\Program Files (x86)\VLC\npvlc.dll

(VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -

C:\Program Files (x86)\VLC\npvlc.dll

(VideoLAN)
FF SearchPlugin: C:\Users\Z\AppData\Roaming

\Mozilla\Firefox\Profiles\erg2wwod.default

\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Users\Z\AppData\Roaming

\Mozilla\Firefox\Profiles\erg2wwod.default

\searchplugins\startpage-https.xml
FF Extension: Flash Video Downloader - Full

HD Download - C:\Users\Z\AppData\Roaming

\Mozilla\Firefox\Profiles\erg2wwod.default

\Extensions\artur.dubovoy@gmail.com [2014-03

-05]
FF Extension: Add to Amazon Wish List Button

- C:\Users\Z\AppData\Roaming\Mozilla\Firefox

\Profiles\erg2wwod.default\Extensions

\amznUWL2@amazon.com.xpi [2013-05-11]
FF Extension: Stylish - C:\Users\Z\AppData

\Roaming\Mozilla\Firefox\Profiles

\erg2wwod.default\Extensions\{46551EC9-40F0

-4e47-8E18-8E5CF550CFB8}.xpi [2013-07-17]
FF Extension: QuickJava - C:\Users\Z\AppData

\Roaming\Mozilla\Firefox\Profiles

\erg2wwod.default\Extensions\{E6C1199F-E687

-42da-8C24-E7770CC3AE66}.xpi [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions:

[{F003DA68-8256-4b37-A6C4-350FA04494DF}] -

C:\Program Files\Logitech\SetPointP

\LogiSmoothFirefoxExt

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Z

\AppData\Local\Google\Chrome\User Data

\Default\Extensions

\aohghmighlieiainnegkcijnfilokake [2014-03-09]
CHR Extension: (Google Drive) - C:\Users\Z

\AppData\Local\Google\Chrome\User Data

\Default\Extensions

\apdfllckaahabafndbhieahigkjlhalf [2014-03-09]
CHR Extension: (YouTube) - C:\Users\Z

\AppData\Local\Google\Chrome\User Data

\Default\Extensions

\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-

03-09]
CHR Extension: (Google Search) - C:\Users\Z

\AppData\Local\Google\Chrome\User Data

\Default\Extensions

\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-09]
CHR Extension: (Google Wallet) - C:\Users\Z

\AppData\Local\Google\Chrome\User Data

\Default\Extensions

\nmmhkkegccagdldgiimedpiccmgmieda [2014-

03-09]
CHR Extension: (Gmail) - C:\Users\Z\AppData

\Local\Google\Chrome\User Data\Default

\Extensions

\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-

09]

==================== Services (Whitelisted)

=================

R2 a2AntiMalware; C:\Program Files

(x86)\Emsisoft Anti-Malware\a2service.exe

[4163584 2014-02-11] (Emsisoft GmbH)
R2 EpsonScanSvc; C:\Windows

\system32\EscSvc64.exe [135824 2011-12-12]

(Seiko Epson Corporation)
R2 VIAKaraokeService; C:\Windows

\system32\viakaraokesrv.exe [27792 2012-08-14]

(VIA Technologies, Inc.)

==================== Drivers (Whitelisted)

====================

R3 a2acc; C:\PROGRAM FILES

(X86)\EMSISOFT ANTI-MALWARE

\a2accx64.sys [71472 2014-03-20] (Emsisoft

GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft

Anti-Malware\a2ddax64.sys [26176 2013-03-28]

(Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files

(x86)\Emsisoft Anti-Malware\a2dix64.sys [45208

2013-09-29] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft

Anti-Malware\a2util64.sys [17384 2013-03-28]

(Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft

Anti-Malware\cleanhlp64.sys [57024 2014-01-24]

(Emsisoft GmbH)
R3 MBAMSwissArmy; C:\Windows

\system32\drivers\MBAMSwissArmy.sys

[119512 2014-03-27] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted)

===================

==================== One Month Created Files

and Folders ========

2014-03-27 17:19 - 2014-03-27 17:31 - 00000000

____D () C:\FRST
2014-03-27 15:08 - 2014-03-27 15:22 - 00119512

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 15:08 - 2014-03-27 15:08 - 00000617

_____ () C:\Users\Public\Desktop\Malwarebytes

Anti-Malware.lnk
2014-03-27 15:08 - 2014-03-27 15:08 - 00000000

____D () C:\Malwarebytes
2014-03-27 15:08 - 2014-03-05 09:26 - 00088280

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\mbamchameleon.sys
2014-03-27 15:08 - 2014-03-05 09:26 - 00063192

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\mwac.sys
2014-03-27 15:08 - 2014-03-05 09:26 - 00025816

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\mbam.sys
2014-03-27 11:27 - 2014-03-27 11:27 - 17523384

_____ (Malwarebytes Corporation ) C:\Users\Z

\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 10:04 - 2014-03-27 10:04 - 00027769

_____ () C:\Users\Z\Desktop\attach.txt
2014-03-27 10:04 - 2014-03-27 10:04 - 00009946

_____ () C:\Users\Z\Desktop\dds.txt
2014-03-24 18:18 - 2014-03-24 18:18 - 00001163

_____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-03-24 18:18 - 2014-03-24 18:18 - 00000000

____D () C:\Users\Z\AppData\Local\Pale Moon
2014-03-22 10:40 - 2014-03-22 10:40 - 00000000

____D () C:\Users\Z\Documents\Netware
2014-03-21 12:20 - 2014-03-21 12:20 - 00121944

_____ () C:\Users\Z\Downloads\securedoc

(12).html
2014-03-21 12:18 - 2014-03-21 12:18 - 00121944

_____ () C:\Users\Z\Downloads\securedoc

(11).html
2014-03-21 03:00 - 2014-02-23 01:13 - 02241536

_____ (Microsoft Corporation) C:\Windows

\system32\wininet.dll
2014-03-21 03:00 - 2014-02-23 01:13 - 01365504

_____ (Microsoft Corporation) C:\Windows

\system32\urlmon.dll
2014-03-21 03:00 - 2014-02-23 01:13 - 00051712

_____ (Microsoft Corporation) C:\Windows

\system32\ie4uinit.exe
2014-03-21 03:00 - 2014-02-23 01:12 - 19273216

_____ (Microsoft Corporation) C:\Windows

\system32\mshtml.dll
2014-03-21 03:00 - 2014-02-23 01:12 - 00603136

_____ (Microsoft Corporation) C:\Windows

\system32\msfeeds.dll
2014-03-21 03:00 - 2014-02-23 01:12 - 00197120

_____ (Microsoft Corporation) C:\Windows

\system32\msrating.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 15404032

_____ (Microsoft Corporation) C:\Windows

\system32\ieframe.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 03960320

_____ (Microsoft Corporation) C:\Windows

\system32\jscript9.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 02648576

_____ (Microsoft Corporation) C:\Windows

\system32\iertutil.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 00855552

_____ (Microsoft Corporation) C:\Windows

\system32\jscript.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 00526336

_____ (Microsoft Corporation) C:\Windows

\system32\ieui.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 00136704

_____ (Microsoft Corporation) C:\Windows

\system32\iesysprep.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 00067072

_____ (Microsoft Corporation) C:\Windows

\system32\iesetup.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 00053760

_____ (Microsoft Corporation) C:\Windows

\system32\jsproxy.dll
2014-03-21 03:00 - 2014-02-23 01:11 - 00039936

_____ (Microsoft Corporation) C:\Windows

\system32\iernonce.dll
2014-03-21 03:00 - 2014-02-22 23:54 - 01767936

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\wininet.dll
2014-03-21 03:00 - 2014-02-22 23:54 - 01140736

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\urlmon.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 14358016

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\mshtml.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 13761024

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\ieframe.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 02877952

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\jscript9.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 02049024

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\iertutil.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00690688

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\jscript.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00493056

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\msfeeds.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00391168

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\ieui.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00163840

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\msrating.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00109056

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\iesysprep.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00061440

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\iesetup.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00039936

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\jsproxy.dll
2014-03-21 03:00 - 2014-02-22 23:53 - 00033280

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\iernonce.dll
2014-03-21 03:00 - 2014-02-22 23:35 - 02706432

_____ (Microsoft Corporation) C:\Windows

\system32\mshtml.tlb
2014-03-21 03:00 - 2014-02-22 23:31 - 02706432

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\mshtml.tlb
2014-03-21 03:00 - 2014-02-22 22:39 - 00089600

_____ (Microsoft Corporation) C:\Windows

\system32\RegisterIEPKEYs.exe
2014-03-21 03:00 - 2014-02-22 22:35 - 00071680

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\RegisterIEPKEYs.exe
2014-03-21 00:21 - 2014-03-21 00:21 - 13084896

_____ (Microsoft Corporation) C:\Users\Z

\Downloads\Silverlight_x64.exe
2014-03-21 00:14 - 2014-03-21 00:15 - 00000000

____D () C:\bf479d861f651b6fbd5644ee42b6520a
2014-03-21 00:11 - 2014-03-21 00:12 - 55752251

_____ () C:\Users\Z\Downloads\Aviator.dmg
2014-03-20 23:48 - 2014-02-06 18:23 - 03156480

_____ (Microsoft Corporation) C:\Windows

\system32\win32k.sys
2014-03-20 23:48 - 2014-01-28 19:32 - 00484864

_____ (Microsoft Corporation) C:\Windows

\system32\wer.dll
2014-03-20 23:48 - 2014-01-28 19:06 - 00381440

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\wer.dll
2014-03-20 23:48 - 2014-01-27 19:32 - 00228864

_____ (Microsoft Corporation) C:\Windows

\system32\wwansvc.dll
2014-03-20 23:47 - 2014-02-03 19:32 - 00624128

_____ (Microsoft Corporation) C:\Windows

\system32\qedit.dll
2014-03-20 23:47 - 2014-02-03 19:04 - 00509440

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\qedit.dll
2014-03-20 23:47 - 2014-01-08 19:22 - 05694464

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\mstscax.dll
2014-03-20 23:47 - 2014-01-03 15:44 - 06574592

_____ (Microsoft Corporation) C:\Windows

\system32\mstscax.dll
2014-03-20 23:46 - 2014-02-03 19:32 - 01424384

_____ (Microsoft Corporation) C:\Windows

\system32\WindowsCodecs.dll
2014-03-20 23:46 - 2014-02-03 19:04 - 01230336

_____ (Microsoft Corporation) C:\Windows

\SysWOW64\WindowsCodecs.dll
2014-03-20 20:58 - 2014-03-20 22:35 - 00000000

____D () C:\Program Files (x86)\WinZip Self-

Extractor
2014-03-20 20:58 - 2014-03-20 20:58 - 02897248

_____ () C:\Users\Z\Downloads\wzipse40.exe
2014-03-20 20:58 - 2014-03-20 20:58 - 00000000

____D () C:\ProgramData\WinZipSE
2014-03-20 12:17 - 2014-03-20 12:17 - 00873716

_____ () C:\Users\Z\AppData\Local\census.cache
2014-03-20 12:17 - 2014-03-20 12:17 - 00142994

_____ () C:\Users\Z\AppData\Local\ars.cache
2014-03-20 12:02 - 2014-03-20 12:02 - 00000010

_____ () C:\Users\Z\AppData\Local

\sponge.last.runtime.cache
2014-03-20 07:22 - 2014-03-20 20:30 - 00000000

____D () C:\Users\Z\Documents\Emsisoft

Quarantine
2014-03-19 15:09 - 2014-03-27 15:22 - 00006400

____H () C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-1.C7483456-

A289-439d-8115-601632D005A0
2014-03-19 15:09 - 2014-03-27 15:22 - 00006400

____H () C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-0.C7483456-

A289-439d-8115-601632D005A0
2014-03-19 12:20 - 2014-03-19 12:20 - 00001110

_____ () C:\Users\Z\Documents\HOme Depot

stinks.txt
2014-03-17 07:19 - 2014-03-19 12:25 - 00000000

____D () C:\Verizon
2014-03-15 08:07 - 2014-03-17 01:14 - 00000000

____D () C:\Users\Z\Desktop\StartMail
2014-03-15 08:04 - 2014-03-15 08:04 - 00000000

____D () C:\Users\Z\Desktop\Tye Bratvoldt
2014-03-12 05:57 - 2014-03-12 05:57 - 00000000

_____ () C:\Users\Z\Downloads

\install_flashplayer12x32ax_gtbd_chrd_dn_awb

_aih_exe (2).7lmd0qk.partial
2014-03-11 08:37 - 2014-03-11 08:37 - 00000000

_____ () C:\Users\Z\Downloads

\install_flashplayer12x32ax_gtbd_chrd_dn_awb

_aih_exe (1).c0vhhbl.partial
2014-03-11 08:34 - 2014-03-11 08:35 - 01069728

_____ (Solid State Networks) C:\Users\Z

\Downloads

\install_flashplayer12x32ax_gtbd_chrd_dn_awb

_aih_exe
2014-03-09 23:27 - 2014-03-09 23:28 - 00000022

_____ () C:\Users\Z\Downloads\documents-

export-2014-03-09.zip
2014-03-09 22:37 - 2014-03-09 22:37 - 00000000

_____ () C:\Users\Z\Downloads

\securedoc_html.jz2ei9f.partial
2014-03-09 20:29 - 2014-03-09 21:51 - 00000000

____D () C:\Users\Z\Desktop\Cannabis
2014-03-08 03:54 - 2014-03-08 05:15 - 00000037

_____ () C:\Users\Z\Desktop\Conservative

Senators Lee Cruz Paul.txt
2014-03-08 00:52 - 2014-03-19 14:05 - 00000000

____D () C:\Program Files\7-Zip
2014-03-08 00:50 - 2014-03-08 01:46 - 00000000

____D () C:\Users\Z\Documents\DAModder
2014-03-08 00:35 - 2014-03-08 05:56 - 00000000

____D () C:\Users\Z\Desktop\Beck
2014-03-08 00:03 - 2014-03-08 00:03 - 00000000

____D () C:\ProgramData\BioWare
2014-03-07 23:59 - 2014-03-07 23:59 - 00000000

____D () C:\Users\Z\Documents\BioWare
2014-03-07 23:58 - 2014-03-07 23:59 - 00007613

_____ () C:\Users\Z\Documents\DAO Ultimate

Addins Updater.log
2014-03-07 23:58 - 2014-03-07 23:58 - 00000000

____D () C:\Windows\SysWOW64\AGEIA
2014-03-07 23:58 - 2014-03-07 23:58 - 00000000

____D () C:\Program Files (x86)\AGEIA

Technologies
2014-03-07 22:42 - 2014-03-20 22:35 - 00000000

____D () C:\Program Files (x86)\Steam
2014-03-06 09:42 - 2014-03-06 09:42 - 00002215

_____ () C:\Users\Z\Downloads\medical_claim

(3).csv
2014-03-06 09:41 - 2014-03-19 14:05 - 00000000

____D () C:\Program Files (x86)\CSV Viewer
2014-03-06 09:40 - 2014-03-19 14:05 - 00000000

____D () C:\Users\Z\Downloads\CVS Viewer
2014-03-06 09:26 - 2014-03-06 09:26 - 00002215

_____ () C:\Users\Z\Downloads\medical_claim

(2).csv
2014-03-05 18:32 - 2014-03-05 18:32 - 00282840

_____ (Mozilla) C:\Users\Z\Downloads\Firefox

Setup Stub 27_0_1_exe
2014-03-05 17:45 - 2014-03-19 14:05 - 00000000

____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-05 17:42 - 2014-03-05 17:42 - 00000000

____D () C:\Users\Z\Desktop\FireFox
2014-03-04 16:22 - 2014-03-04 16:22 - 00000000

_____ () C:\Users\Z\Downloads

\0713_f21_xls.4jku54q.partial
2014-03-03 23:33 - 2014-03-03 23:33 - 00043049

_____ () C:\Users\Z\Downloads\Top Secret

America - DIA under fire on search for new

office space.htm
2014-03-03 23:32 - 2014-03-20 22:35 - 00000000

____D () C:\Users\Z\Downloads\3100 Clarendon

Blvd where I worked at DIA being

abandoned_files
2014-03-03 23:32 - 2014-03-03 23:32 - 00078737

_____ () C:\Users\Z\Downloads\3100 Clarendon

Blvd where I worked at DIA being

abandoned.htm
2014-02-28 13:38 - 2014-02-28 15:06 - 00000000

____D () C:\Users\Z\AppData\Roaming

\Awesomium
2014-02-28 01:08 - 2014-02-28 01:08 - 00000000

____D () C:\Users\Z\AppData\Roaming

\com.immersyve.Paladin.live
2014-02-28 00:04 - 2014-02-28 00:04 - 00000035

_____ () C:\Users\Z\Desktop\TS3 GW2.txt
2014-02-27 15:05 - 2014-02-27 15:05 - 00001481

_____ () C:\Users\Z\Desktop\Denny Heck EFF

through email Privacy not updated when

internet came into being  we are wide open to

abuses galore.txt
2014-02-27 14:57 - 2014-02-27 14:57 - 00000327

_____ () C:\Users\Z\Desktop\Zip plus 4.txt
2014-02-27 06:15 - 2014-02-27 06:15 - 00000000

____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 03:40 - 2014-02-27 03:40 - 00000000

____D () C:\Users\Z\Documents\Elder Scrolls

Online
2014-02-27 03:38 - 2014-03-19 17:19 - 00000000

____D () C:\Program Files (x86)\Zenimax Online
2014-02-26 13:06 - 2014-03-13 14:43 - 00000000

____D () C:\Users\Z\Desktop\Cannabis under

attack
2014-02-25 15:10 - 2014-02-25 15:10 - 00000000

____D () C:\Users\Z\Desktop\Youtube

==================== One Month Modified

Files and Folders =======

2014-03-27 17:31 - 2014-03-27 17:19 - 00000000

____D () C:\FRST
2014-03-27 17:29 - 2013-05-09 00:26 - 00000000

____D () C:\Program Files (x86)\Emsisoft Anti-

Malware
2014-03-27 16:50 - 2013-08-23 05:00 - 00000830

_____ () C:\Windows\Tasks\Adobe Flash Player

Updater.job
2014-03-27 16:30 - 2013-06-18 16:09 - 00000000

____D () C:\Users\Z\AppData\Roaming

\TS3Client
2014-03-27 15:22 - 2014-03-27 15:08 - 00119512

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 15:22 - 2014-03-19 15:09 - 00006400

____H () C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-1.C7483456-

A289-439d-8115-601632D005A0
2014-03-27 15:22 - 2014-03-19 15:09 - 00006400

____H () C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-0.C7483456-

A289-439d-8115-601632D005A0
2014-03-27 15:18 - 2013-05-08 16:11 - 01858956

_____ () C:\Windows\WindowsUpdate.log
2014-03-27 15:08 - 2014-03-27 15:08 - 00000617

_____ () C:\Users\Public\Desktop\Malwarebytes

Anti-Malware.lnk
2014-03-27 15:08 - 2014-03-27 15:08 - 00000000

____D () C:\Malwarebytes
2014-03-27 15:08 - 2013-06-10 21:56 - 00000000

____D () C:\ProgramData\Malwarebytes
2014-03-27 11:27 - 2014-03-27 11:27 - 17523384

_____ (Malwarebytes Corporation ) C:\Users\Z

\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 10:06 - 2013-12-23 07:36 - 00000000

____D () C:\Users\Z\Desktop\Computer
2014-03-27 10:04 - 2014-03-27 10:04 - 00027769

_____ () C:\Users\Z\Desktop\attach.txt
2014-03-27 10:04 - 2014-03-27 10:04 - 00009946

_____ () C:\Users\Z\Desktop\dds.txt
2014-03-27 10:02 - 2014-02-18 11:16 - 00000000

____D () C:\Users\Z\Downloads\Computer

Tools
2014-03-27 09:55 - 2009-07-13 22:13 - 00795754

_____ () C:\Windows

\system32\PerfStringBackup.INI
2014-03-27 09:50 - 2009-07-13 22:08 - 00000006

____H () C:\Windows\Tasks\SA.DAT
2014-03-27 09:50 - 2009-07-13 21:51 - 00041448

_____ () C:\Windows\setupact.log
2014-03-27 09:44 - 2013-09-06 22:51 - 00000567

_____ () C:\Users\Z\Desktop\Inbox -

moirraine@hush.com - Hushmail - Free Email

with Privacy.website
2014-03-26 21:48 - 2013-08-12 10:37 - 00000000

____D () C:\Users\Z\Desktop\GW2
2014-03-26 12:09 - 2013-06-13 11:13 - 00000000

____D () C:\Users\Z\AppData\Roaming\vlc
2014-03-25 15:31 - 2013-10-11 14:05 - 00000000

____D () C:\Users\Z\Desktop\Pandora
2014-03-24 18:18 - 2014-03-24 18:18 - 00001163

_____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-03-24 18:18 - 2014-03-24 18:18 - 00000000

____D () C:\Users\Z\AppData\Local\Pale Moon
2014-03-24 18:18 - 2014-02-15 06:57 - 00000000

____D () C:\Program Files (x86)\Pale Moon
2014-03-24 16:12 - 2013-06-30 00:52 - 00000000

____D () C:\Program Files (x86)\Guild Wars 2
2014-03-24 12:37 - 2013-07-28 19:30 - 00000000

____D () C:\Users\Z\Desktop\Politics
2014-03-23 20:54 - 2013-02-10 17:54 - 00000000

____D () C:\HEALTH
2014-03-23 10:01 - 2009-07-13 20:20 - 00000000

____D () C:\Windows\system32\NDF
2014-03-22 14:07 - 2013-08-12 10:46 - 00000000

____D () C:\Users\Z\Desktop\Me
2014-03-22 14:00 - 2012-01-20 17:11 - 00000000

____D () C:\Netgear
2014-03-22 11:01 - 2013-05-08 21:58 - 00000000

____D () C:\Network
2014-03-22 10:40 - 2014-03-22 10:40 - 00000000

____D () C:\Users\Z\Documents\Netware
2014-03-21 17:13 - 2009-07-13 20:20 - 00000000

____D () C:\Windows\rescache
2014-03-21 15:53 - 2013-07-07 16:00 - 00000000

____D () C:\Users\Z\Desktop\Aetna
2014-03-21 12:31 - 2014-02-13 11:13 - 00000000

____D () C:\Medical Scans
2014-03-21 12:29 - 2013-05-08 17:52 - 00000000

____D () C:\Users\Z
2014-03-21 12:22 - 2009-07-13 22:32 - 00000000

____D () C:\Windows\system32\FxsTmp
2014-03-21 12:20 - 2014-03-21 12:20 - 00121944

_____ () C:\Users\Z\Downloads\securedoc

(12).html
2014-03-21 12:18 - 2014-03-21 12:18 - 00121944

_____ () C:\Users\Z\Downloads\securedoc

(11).html
2014-03-21 03:20 - 2009-07-13 21:45 - 00268856

_____ () C:\Windows

\system32\FNTCACHE.DAT
2014-03-21 03:02 - 2013-08-14 03:01 - 00000000

____D () C:\Windows\system32\MRT
2014-03-21 03:01 - 2013-06-11 03:07 - 90015360

_____ (Microsoft Corporation) C:\Windows

\system32\MRT.exe
2014-03-21 01:19 - 2013-06-27 22:01 - 00000000

____D () C:\Program Files\TeamSpeak 3 Client
2014-03-21 00:50 - 2013-08-23 05:00 - 00003768

_____ () C:\Windows\System32\Tasks\Adobe

Flash Player Updater
2014-03-21 00:50 - 2013-05-09 00:13 - 00692616

_____ (Adobe Systems Incorporated) C:

\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-21 00:50 - 2013-05-09 00:13 - 00071048

_____ (Adobe Systems Incorporated) C:

\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-21 00:21 - 2014-03-21 00:21 - 13084896

_____ (Microsoft Corporation) C:\Users\Z

\Downloads\Silverlight_x64.exe
2014-03-21 00:21 - 2013-06-27 00:28 - 00000000

____D () C:\Program Files (x86)\Microsoft

Silverlight
2014-03-21 00:21 - 2013-05-09 04:02 - 00000000

____D () C:\Program Files\Microsoft Silverlight
2014-03-21 00:15 - 2014-03-21 00:14 - 00000000

____D () C:\bf479d861f651b6fbd5644ee42b6520a
2014-03-21 00:12 - 2014-03-21 00:11 - 55752251

_____ () C:\Users\Z\Downloads\Aviator.dmg
2014-03-20 23:39 - 2013-11-12 01:34 - 00000000

____D () C:\Users\Z\Desktop\Daily Kos Hillary

fired from Watergate Committee for lying_files
2014-03-20 22:37 - 2013-05-09 00:13 - 00000000

____D () C:\Windows\SysWOW64\Macromed
2014-03-20 22:37 - 2013-05-09 00:13 - 00000000

____D () C:\Windows\system32\Macromed
2014-03-20 22:37 - 2009-07-13 20:20 - 00000000

____D () C:\Windows\system32\spool
2014-03-20 22:37 - 2009-07-13 20:20 - 00000000

____D () C:\Windows\L2Schemas
2014-03-20 22:36 - 2014-01-23 18:32 - 00000000

____D () C:\Users\Z\Desktop\Gregory Hicks

Benghazi and the Smearing of Chris Stevens -

WSJ_com_files
2014-03-20 22:36 - 2013-11-21 15:07 - 00000000

____D () C:\Users\Z\Desktop\Knockout game

targeting victims in several cities, report says -

Crimesider - CBS News.htm STORY KILLED

ONLY CACHE REMAINS_files
2014-03-20 22:36 - 2013-10-18 15:47 - 00000000

____D () C:\EEK
2014-03-20 22:36 - 2013-07-07 14:31 - 00000000

____D () C:\Program Files (x86)\FamilySearch

Indexing
2014-03-20 22:36 - 2013-06-14 15:44 - 00000000

____D () C:\Program Files\Common Files

\EPSON
2014-03-20 22:36 - 2013-05-09 00:45 - 00000000

____D () C:\Program Files\HitmanPro
2014-03-20 22:36 - 2013-05-08 23:40 - 00000000

____D () C:\Program Files\Common Files\ATI

Technologies
2014-03-20 22:36 - 2013-01-13 19:28 - 00000000

____D () C:\FASTSTONE
2014-03-20 22:36 - 2012-12-13 21:19 - 00000000

____D () C:\Dad
2014-03-20 22:36 - 2012-09-16 20:49 - 00000000

____D () C:\Guild Wars 2
2014-03-20 22:36 - 2012-02-13 05:27 - 00000000

____D () C:\inetpub
2014-03-20 22:36 - 2009-07-13 20:20 - 00000000

____D () C:\Windows\AppCompat
2014-03-20 22:36 - 2009-07-13 20:20 - 00000000

____D () C:\Program Files\Common Files

\Microsoft Shared
2014-03-20 22:35 - 2014-03-20 20:58 - 00000000

____D () C:\Program Files (x86)\WinZip Self-

Extractor
2014-03-20 22:35 - 2014-03-07 22:42 - 00000000

____D () C:\Program Files (x86)\Steam
2014-03-20 22:35 - 2014-03-03 23:32 - 00000000

____D () C:\Users\Z\Downloads\3100 Clarendon

Blvd where I worked at DIA being

abandoned_files
2014-03-20 22:35 - 2013-06-10 21:56 - 00000000

____D () C:\Program Files (x86)\Malwarebytes'

Anti-Malware
2014-03-20 22:35 - 2009-07-13 20:20 - 00000000

____D () C:\Windows\registration
2014-03-20 22:28 - 2013-05-08 23:39 - 00000000

____D () C:\Program Files\ATI
2014-03-20 22:27 - 2013-02-27 15:36 - 00000000

____D () C:\Newegg
2014-03-20 22:27 - 2012-04-08 09:27 - 00000000

____D () C:\PFiles
2014-03-20 22:27 - 2012-01-13 14:11 - 00000000

____D () C:\ATI
2014-03-20 22:25 - 2013-01-29 02:01 - 00000000

____D () C:\Adobe Flash 10
2014-03-20 22:25 - 2012-01-05 17:55 - 00000000

____D () C:\AMD
2014-03-20 22:07 - 2013-03-06 11:50 - 00000000

____D () C:\Computer Tools
2014-03-20 20:58 - 2014-03-20 20:58 - 02897248

_____ () C:\Users\Z\Downloads\wzipse40.exe
2014-03-20 20:58 - 2014-03-20 20:58 - 00000000

____D () C:\ProgramData\WinZipSE
2014-03-20 20:30 - 2014-03-20 07:22 - 00000000

____D () C:\Users\Z\Documents\Emsisoft

Quarantine
2014-03-20 20:24 - 2014-02-20 07:10 - 00000000

____D () C:\Users\Z\Desktop\TAXES 2013
2014-03-20 12:17 - 2014-03-20 12:17 - 00873716

_____ () C:\Users\Z\AppData\Local\census.cache
2014-03-20 12:17 - 2014-03-20 12:17 - 00142994

_____ () C:\Users\Z\AppData\Local\ars.cache
2014-03-20 12:02 - 2014-03-20 12:02 - 00000010

_____ () C:\Users\Z\AppData\Local

\sponge.last.runtime.cache
2014-03-20 08:16 - 2013-06-10 18:33 - 00000000

____D () C:\Users\Z\AppData\Local

\Deployment
2014-03-20 07:22 - 2013-05-09 00:26 - 00000000

____D () C:\Users\Z\Documents\Anti-Malware
2014-03-19 17:19 - 2014-02-27 03:38 - 00000000

____D () C:\Program Files (x86)\Zenimax Online
2014-03-19 14:05 - 2014-03-08 00:52 - 00000000

____D () C:\Program Files\7-Zip
2014-03-19 14:05 - 2014-03-06 09:41 - 00000000

____D () C:\Program Files (x86)\CSV Viewer
2014-03-19 14:05 - 2014-03-06 09:40 - 00000000

____D () C:\Users\Z\Downloads\CVS Viewer
2014-03-19 14:05 - 2014-03-05 17:45 - 00000000

____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 12:38 - 2014-02-16 12:14 - 00000000

____D () C:\Users\Z\Desktop\COMCAST

PAYMENTS
2014-03-19 12:25 - 2014-03-17 07:19 - 00000000

____D () C:\Verizon
2014-03-19 12:20 - 2014-03-19 12:20 - 00001110

_____ () C:\Users\Z\Documents\HOme Depot

stinks.txt
2014-03-17 01:14 - 2014-03-15 08:07 - 00000000

____D () C:\Users\Z\Desktop\StartMail
2014-03-17 00:02 - 2013-09-13 23:23 - 00000000

____D () C:\Users\Z\Desktop\SCREENS
2014-03-16 06:22 - 2012-09-16 16:17 - 00000000

____D () C:\GW 2
2014-03-15 23:12 - 2013-05-11 23:41 - 00000000

____D () C:\Users\Z\Desktop\Bank
2014-03-15 08:04 - 2014-03-15 08:04 - 00000000

____D () C:\Users\Z\Desktop\Tye Bratvoldt
2014-03-13 14:43 - 2014-02-26 13:06 - 00000000

____D () C:\Users\Z\Desktop\Cannabis under

attack
2014-03-12 05:57 - 2014-03-12 05:57 - 00000000

_____ () C:\Users\Z\Downloads

\install_flashplayer12x32ax_gtbd_chrd_dn_awb

_aih_exe (2).7lmd0qk.partial
2014-03-12 02:35 - 2013-06-11 21:25 - 00000000

____D () C:\Users\Z\AppData\Local\Adobe
2014-03-11 08:37 - 2014-03-11 08:37 - 00000000

_____ () C:\Users\Z\Downloads

\install_flashplayer12x32ax_gtbd_chrd_dn_awb

_aih_exe (1).c0vhhbl.partial
2014-03-11 08:35 - 2014-03-11 08:34 - 01069728

_____ (Solid State Networks) C:\Users\Z

\Downloads

\install_flashplayer12x32ax_gtbd_chrd_dn_awb

_aih_exe
2014-03-09 23:28 - 2014-03-09 23:27 - 00000022

_____ () C:\Users\Z\Downloads\documents-

export-2014-03-09.zip
2014-03-09 23:18 - 2013-05-09 16:50 - 00000000

____D () C:\Users\Z\AppData\Local\Google
2014-03-09 22:37 - 2014-03-09 22:37 - 00000000

_____ () C:\Users\Z\Downloads

\securedoc_html.jz2ei9f.partial
2014-03-09 21:51 - 2014-03-09 20:29 - 00000000

____D () C:\Users\Z\Desktop\Cannabis
2014-03-08 05:56 - 2014-03-08 00:35 - 00000000

____D () C:\Users\Z\Desktop\Beck
2014-03-08 05:15 - 2014-03-08 03:54 - 00000037

_____ () C:\Users\Z\Desktop\Conservative

Senators Lee Cruz Paul.txt
2014-03-08 01:46 - 2014-03-08 00:50 - 00000000

____D () C:\Users\Z\Documents\DAModder
2014-03-08 01:41 - 2014-02-19 07:04 - 00000000

____D () C:\Users\Z\Desktop\Republic Wireless
2014-03-08 00:03 - 2014-03-08 00:03 - 00000000

____D () C:\ProgramData\BioWare
2014-03-07 23:59 - 2014-03-07 23:59 - 00000000

____D () C:\Users\Z\Documents\BioWare
2014-03-07 23:59 - 2014-03-07 23:58 - 00007613

_____ () C:\Users\Z\Documents\DAO Ultimate

Addins Updater.log
2014-03-07 23:58 - 2014-03-07 23:58 - 00000000

____D () C:\Windows\SysWOW64\AGEIA
2014-03-07 23:58 - 2014-03-07 23:58 - 00000000

____D () C:\Program Files (x86)\AGEIA

Technologies
2014-03-06 09:42 - 2014-03-06 09:42 - 00002215

_____ () C:\Users\Z\Downloads\medical_claim

(3).csv
2014-03-06 09:26 - 2014-03-06 09:26 - 00002215

_____ () C:\Users\Z\Downloads\medical_claim

(2).csv
2014-03-05 18:32 - 2014-03-05 18:32 - 00282840

_____ (Mozilla) C:\Users\Z\Downloads\Firefox

Setup Stub 27_0_1_exe
2014-03-05 17:42 - 2014-03-05 17:42 - 00000000

____D () C:\Users\Z\Desktop\FireFox
2014-03-05 09:26 - 2014-03-27 15:08 - 00088280

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-27 15:08 - 00063192

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-27 15:08 - 00025816

_____ (Malwarebytes Corporation) C:\Windows

\system32\Drivers\mbam.sys
2014-03-04 16:22 - 2014-03-04 16:22 - 00000000

_____ () C:\Users\Z\Downloads

\0713_f21_xls.4jku54q.partial
2014-03-03 23:33 - 2014-03-03 23:33 - 00043049

_____ () C:\Users\Z\Downloads\Top Secret

America - DIA under fire on search for new

office space.htm
2014-03-03 23:32 - 2014-03-03 23:32 - 00078737

_____ () C:\Users\Z\Downloads\3100 Clarendon

Blvd where I worked at DIA being

abandoned.htm
2014-02-28 15:06 - 2014-02-28 13:38 - 00000000

____D () C:\Users\Z\AppData\Roaming

\Awesomium
2014-02-28 01:08 - 2014-02-28 01:08 - 00000000

____D () C:\Users\Z\AppData\Roaming

\com.immersyve.Paladin.live
2014-02-28 00:04 - 2014-02-28 00:04 - 00000035

_____ () C:\Users\Z\Desktop\TS3 GW2.txt
2014-02-27 15:05 - 2014-02-27 15:05 - 00001481

_____ () C:\Users\Z\Desktop\Denny Heck EFF

through email Privacy not updated when

internet came into being  we are wide open to

abuses galore.txt
2014-02-27 14:57 - 2014-02-27 14:57 - 00000327

_____ () C:\Users\Z\Desktop\Zip plus 4.txt
2014-02-27 06:15 - 2014-02-27 06:15 - 00000000

____D () C:\ProgramData\Elder Scrolls Online
2014-02-27 03:40 - 2014-02-27 03:40 - 00000000

____D () C:\Users\Z\Documents\Elder Scrolls

Online
2014-02-27 03:37 - 2014-02-10 23:11 - 00000000

____D () C:\Users\Z\Desktop\ESO
2014-02-25 15:10 - 2014-02-25 15:10 - 00000000

____D () C:\Users\Z\Desktop\Youtube

Files to move or delete:
====================
C:\Users\Z\jobq.dat

Some content of TEMP:
====================
C:\Users\Z\AppData\Local\Temp\13-

4_vista_win7_win8_64_dd_ccc_whql.exe
C:\Users\Z\AppData\Local\Temp

\CertificatesDLL.dll
C:\Users\Z\AppData\Local\Temp\Foxit Reader

Updater.exe
C:\Users\Z\AppData\Local\Temp\Foxit

Updater.exe
C:\Users\Z\AppData\Local\Temp\Gw2.exe
C:\Users\Z\AppData\Local\Temp

\hcuninstaller_20130626_234933_3204.exe
C:\Users\Z\AppData\Local\Temp

\hcuninstaller_20131115_224729_3412.exe
C:\Users\Z\AppData\Local\Temp\i4jdel0.exe
C:\Users\Z\AppData\Local\Temp

\iv_uninstall.exe
C:\Users\Z\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Z\AppData\Local\Temp

\MouseKeyboardCenterx64_1033.exe
C:\Users\Z\AppData\Local\Temp

\riftuninstall.exe
C:\Users\Z\AppData\Local\Temp\Uninstaller-

4976.exe
C:\Users\Z\AppData\Local\Temp\vlc-2.0.7-

win32.exe
C:\Users\Z\AppData\Local\Temp\vlc-2.0.8-

win32.exe

==================== Bamital & volsnap Check

=================

C:\Windows\System32\winlogon.exe => MD5 is

legit
C:\Windows\System32\wininit.exe => MD5 is

legit
C:\Windows\SysWOW64\wininit.exe => MD5 is

legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5

is legit
C:\Windows\System32\svchost.exe => MD5 is

legit
C:\Windows\SysWOW64\svchost.exe => MD5 is

legit
C:\Windows\System32\services.exe => MD5 is

legit
C:\Windows\System32\User32.dll => MD5 is

legit
C:\Windows\SysWOW64\User32.dll => MD5 is

legit
C:\Windows\System32\userinit.exe => MD5 is

legit
C:\Windows\SysWOW64\userinit.exe => MD5 is

legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys =>

MD5 is legit

LastRegBack: 2014-03-20 00:38

==================== End Of Log

============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Z at 2014-03-27 17:21:28
Running from C:\Users\Z\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7C8B3XY4
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.4.8696 - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.1.47.1220 - Foxit Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Download Navigator (HKLM-x32\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 7.0 - Emsisoft GmbH)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-300 Series Printer Uninstall (HKLM\...\EPSON XP-300 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FamilySearch Indexing 3.17.7 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.7 - FamilySearch)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.6.201 - SurfRight B.V.)
Malwarebytes Anti-Malware version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Pale Moon 24.0.2 (x64 en-US) (HKLM\...\Pale Moon 24.0.2 (x64 en-US)) (Version: 24.0.2 - Mozilla)
Pale Moon 24.3.2 (x86 en-US) (HKLM-x32\...\Pale Moon 24.3.2 (x86 en-US)) (Version: 24.3.2 - Mozilla)
Pale Moon 24.4.1 (x86 en-US) (HKLM-x32\...\Pale Moon 24.4.1 (x86 en-US)) (Version: 24.4.1 - Mozilla)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
SeaMonkey 2.19 (x86 en-US) (HKLM-x32\...\SeaMonkey 2.19 (x86 en-US)) (Version: 2.19 - Mozilla)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

04-03-2014 06:15:59 Windows Update
06-03-2014 16:30:16 Removed Microsoft Office Excel Viewer
07-03-2014 14:36:30 Windows Update
08-03-2014 06:55:07 Installed DirectX
08-03-2014 06:57:09 Installed Microsoft Visual C++ 2005 Redistributable
08-03-2014 07:52:34 Installed 7-Zip 9.20 (x64 edition)
12-03-2014 02:02:52 Windows Update
12-03-2014 10:00:11 Windows Update
18-03-2014 14:15:28 Windows Update
19-03-2014 10:00:14 Windows Update
19-03-2014 22:13:02 Windows Update
20-03-2014 01:24:55 Windows Update
20-03-2014 10:00:16 Windows Update
21-03-2014 05:06:16 Windows Modules Installer
21-03-2014 05:11:09 Installed Windows Resource Kit Tools - SubInAcl.exe
21-03-2014 05:22:43 Restore Operation
21-03-2014 06:47:21 Windows Update
21-03-2014 07:14:47 Windows Update
21-03-2014 07:18:55 Removed Microsoft Silverlight
21-03-2014 10:00:11 Windows Update
25-03-2014 09:22:21 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {45F64B93-3068-4728-BD82-89AF8CAEE0CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-21] (Adobe Systems Incorporated)
Task: {6D1BDC36-F2B8-4F59-8DD1-898FED2E5BB6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {DDB0D999-05F3-4DE0-800E-29039A7478F1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {EC4AD6B7-ED92-4489-A0E5-5663188A0609} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-18 14:49 - 2012-08-16 18:04 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-08-18 14:49 - 2012-08-16 18:04 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-03-24 18:18 - 2014-03-15 13:01 - 03039232 _____ () C:\Users\Z\AppData\Local\Pale Moon\mozjs.dll
2014-03-21 00:50 - 2014-03-21 00:50 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Faulty Device Manager Devices =============

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2014 09:51:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/23/2014 07:33:00 PM) (Source: Application Hang) (User: )
Description: The program Gw2.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 18e4

Start Time: 01cf46f3aba65b27

Termination Time: 240

Application Path: C:\Program Files (x86)\Guild Wars 2\Gw2.exe

Report Id:

Error: (03/22/2014 10:35:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/22/2014 10:20:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 03:21:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 00:18:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 11:40:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 10:01:48 PM) (Source: Microsoft-Windows-User Profiles Service) (User: )
Description: Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, and that your network is functioning correctly.

 DETAIL - Only part of a ReadProcessMemory or WriteProcessMemory request was completed.

Error: (03/20/2014 10:01:48 PM) (Source: Microsoft-Windows-User Profiles Service) (User: )
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Error: (03/20/2014 09:55:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (03/27/2014 09:50:24 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:48:03 AM on ‎3/‎27/‎2014 was unexpected.

Error: (03/21/2014 00:16:56 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:15:17 AM on ‎3/‎21/‎2014 was unexpected.

Error: (03/20/2014 11:41:41 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (03/20/2014 11:40:15 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (03/20/2014 09:51:38 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2014 09:51:38 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2014 09:51:38 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2014 09:51:38 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2014 09:51:30 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/20/2014 09:51:30 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (03/27/2014 09:51:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/23/2014 07:33:00 PM) (Source: Application Hang)(User: )
Description: Gw2.exe1.0.0.118e401cf46f3aba65b27240C:\Program Files (x86)\Guild Wars 2\Gw2.exe

Error: (03/22/2014 10:35:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/22/2014 10:20:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 03:21:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 00:18:07 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 11:40:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2014 10:01:48 PM) (Source: Microsoft-Windows-User Profiles Service)(User: )
Description: Only part of a ReadProcessMemory or WriteProcessMemory request was completed.

Error: (03/20/2014 10:01:48 PM) (Source: Microsoft-Windows-User Profiles Service)(User: )
Description:

Error: (03/20/2014 09:55:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
  Date: 2013-07-14 22:44:35.198
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 8174.73 MB
Available physical RAM: 5290.01 MB
Total Pagefile: 16347.64 MB
Available Pagefile: 12275.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:931.41 GB) (Free:625.69 GB) NTFS
Drive f: (System) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3FACA01D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Go here: http://support.microsoft.com/kb/923737 follow the instructions to reset Internet Explorer...

 

Let me see the logs from FRST and JRT, also let me know if there are any remaining issues or concerns...

 

Kevin

 

 

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.