Jump to content

How to Remove Pup.Optional.Astromenda.A


Recommended Posts

I was following the other thread and yesterday I had a clean scan yesterdat with Malware Bytes but I still could not remove Google Chrome from programs so I wondered if it had something to do with the hijacker (I was going to remove Google Chrome Browser and reinstall).  When I ran Malwarebytes today, I got a bunch more popping up.  Suggestions would be appreciated.post-171414-0-98053200-1408378699_thumb.

 

I ran FRST  (says my post is too long so I deleted the second file and I will add it to next post)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Janicekla (administrator) on JANICE on 18-08-2014 10:56:00
Running from C:\Users\Janicekla\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(Wyse Technology.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Spotify Ltd) C:\Users\Janicekla\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dell) C:\Users\Janicekla\AppData\Local\Apps\2.0\972EXY1L.CYA\GZ02VQJX.B9T\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
(Smilebox, Inc.) C:\Users\Janicekla\AppData\Roaming\Smilebox\SmileboxTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3320592263-4229570666-3514765505-1001\...\Run: [spotify Web Helper] => C:\Users\Janicekla\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-11-28] (Spotify Ltd)
HKU\S-1-5-21-3320592263-4229570666-3514765505-1001\...\Run: [Google Update] => C:\Users\Janicekla\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-30] (Google Inc.)
HKU\S-1-5-21-3320592263-4229570666-3514765505-1001\...\Run: [DellSystemDetect] => C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-3320592263-4229570666-3514765505-1001\...\Run: [smileboxTray] => C:\Users\Janicekla\AppData\Roaming\Smilebox\SmileboxTray.exe [342312 2014-08-01] (Smilebox, Inc.)
HKU\S-1-5-21-3320592263-4229570666-3514765505-1001\...\Run: [GoogleChromeAutoLaunch_360A2B65D4C6D8DF091DDFBC02655E10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
HKU\S-1-5-21-3320592263-4229570666-3514765505-1001\...\MountPoints2: {f5846f06-d796-11e3-be86-0c84dc26ec54} - "E:\VZW_Software_upgrade_assistant.exe" 
Startup: C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 5530 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP ENVY 5530 series.lnk -> C:\Program Files\HP\HP ENVY 5530 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Janicekla\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {861C79DF-C95F-4C81-9E0A-A95DB38742AF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {861C79DF-C95F-4C81-9E0A-A95DB38742AF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {861C79DF-C95F-4C81-9E0A-A95DB38742AF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - {861C79DF-C95F-4C81-9E0A-A95DB38742AF} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF ProfilePath: C:\Users\Janicekla\AppData\Roaming\Mozilla\Firefox\Profiles\7zze3h5x.default
FF DefaultSearchEngine: Astromenda
FF SelectedSearchEngine: Astromenda
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Janicekla\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Janicekla\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Docs) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-19]
CHR Extension: (Google Drive) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-19]
CHR Extension: (YouTube) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-19]
CHR Extension: (Google Cast) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-06-19]
CHR Extension: (Adblock Plus) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-19]
CHR Extension: (Google Search) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-19]
CHR Extension: (Google Wallet) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-19]
CHR Extension: (Gmail) - C:\Users\Janicekla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-19]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-18] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915408 2013-10-10] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-06-21] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1436160 2012-11-29] (Wyse Technology.) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-03-02] (Atheros)
S2 HPSLPSVC; C:\Users\JANICE~1\AppData\Local\Temp\7zS1BBB\hpslpsvc64.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-06-30] (AVG Technologies CZ, s.r.o.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-06-01] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 iscFlash; \??\C:\Users\JANICE~1\AppData\Local\Temp\7zSD138.tmp\iscflashx64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 ___RD () C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-08-17 12:35 - 2014-08-17 12:35 - 00070258 _____ () C:\Users\Janicekla\Downloads\Blog Template saved 2014_08_17.xml
2014-08-17 11:07 - 2014-08-18 10:56 - 00023964 _____ () C:\Users\Janicekla\Downloads\FRST.txt
2014-08-17 11:06 - 2014-08-17 11:06 - 00001361 _____ () C:\Users\Janicekla\Desktop\FRST64 - Shortcut.lnk
2014-08-17 09:06 - 2014-08-17 13:56 - 00042599 _____ () C:\Users\Janicekla\Downloads\Addition.txt
2014-08-17 08:51 - 2014-08-18 10:56 - 00000000 ____D () C:\FRST
2014-08-17 08:51 - 2014-08-17 08:51 - 02101760 _____ (Farbar) C:\Users\Janicekla\Downloads\FRST64.exe
2014-08-17 01:10 - 2014-08-17 01:10 - 00003257 _____ () C:\Users\Janicekla\Desktop\Sophos Virus Removal Tool.lnk
2014-08-17 01:10 - 2014-08-17 01:10 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-08-17 01:10 - 2014-08-17 01:10 - 00000000 ____D () C:\ProgramData\Sophos
2014-08-17 01:10 - 2014-08-17 01:10 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-08-17 01:05 - 2013-08-22 09:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140817-010543.backup
2014-08-17 00:42 - 2014-08-17 00:43 - 96063296 _____ (Sophos Limited) C:\Users\Janicekla\Downloads\Sophos Virus Removal Tool.exe
2014-08-16 23:11 - 2014-08-16 23:11 - 00001409 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-16 23:11 - 2014-08-16 23:11 - 00001397 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-16 23:11 - 2014-08-16 23:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-16 23:11 - 2014-08-16 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-16 23:10 - 2014-08-17 00:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-16 23:10 - 2014-08-16 23:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-16 23:10 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-08-16 23:08 - 2014-08-16 23:09 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Janicekla\Downloads\spybot-2.4.exe
2014-08-16 21:27 - 2014-08-16 21:32 - 00000000 ____D () C:\Users\Janicekla\Documents\My Kindle Content
2014-08-16 21:27 - 2014-08-16 21:27 - 00002269 _____ () C:\Users\Janicekla\Desktop\Kindle.lnk
2014-08-16 21:27 - 2014-08-16 21:27 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-08-16 21:26 - 2014-08-16 21:27 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\Amazon
2014-08-16 21:25 - 2014-08-16 21:26 - 38157960 _____ (Amazon.com) C:\Users\Janicekla\Downloads\KindleForPC-installer.exe
2014-08-16 17:48 - 2014-08-16 20:30 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\calibre-cache
2014-08-16 16:40 - 2014-08-16 21:30 - 00000000 ____D () C:\Users\Janicekla\Documents\Calibre Library
2014-08-16 16:40 - 2014-08-16 20:36 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\calibre
2014-08-16 16:40 - 2014-08-16 16:40 - 00000974 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-16 16:40 - 2014-08-16 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-16 16:40 - 2014-08-16 16:40 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-16 16:25 - 2014-08-16 16:38 - 56419840 _____ () C:\Users\Janicekla\Downloads\calibre-1.48.0.msi
2014-08-16 12:46 - 2014-08-18 10:34 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-16 12:46 - 2014-08-16 12:46 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-16 12:46 - 2014-08-16 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-16 12:46 - 2014-08-16 12:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-16 12:46 - 2014-05-12 08:19 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-16 12:46 - 2014-05-12 08:19 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-16 12:46 - 2014-05-12 08:19 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-16 12:43 - 2014-08-16 12:43 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Janicekla\Downloads\mbam_premium (1).exe
2014-08-16 10:31 - 2014-08-16 10:31 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-16 10:31 - 2014-08-16 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 10:30 - 2014-08-16 10:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 10:30 - 2014-08-16 10:31 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 10:30 - 2014-08-16 10:31 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 10:30 - 2014-08-16 10:30 - 00000000 ____D () C:\Program Files\iPod
2014-08-15 19:59 - 2014-08-01 20:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-15 19:59 - 2014-08-01 20:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 16:50 - 2014-08-18 10:50 - 00000320 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-15 16:50 - 2014-08-15 16:50 - 00862064 _____ ( ) C:\Users\Janicekla\Downloads\Adobe_Flash_Setup (1).exe
2014-08-15 16:50 - 2014-08-15 16:50 - 00002658 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-15 16:50 - 2014-08-15 16:50 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\WSE_Astromenda
2014-08-15 16:49 - 2014-08-15 16:48 - 18607792 _____ (Adobe Systems Incorporated) C:\Users\Janicekla\Downloads\install_flash_player_ax.exe
2014-08-15 16:48 - 2014-08-15 16:48 - 00862064 _____ ( ) C:\Users\Janicekla\Downloads\Adobe_Flash_Setup.exe
2014-08-14 23:09 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-14 23:09 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-14 23:09 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-14 23:09 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-14 23:09 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-14 23:09 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-14 23:09 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-14 23:09 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-14 23:09 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-14 23:09 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-14 23:09 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-14 23:09 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-14 23:09 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-14 23:09 - 2014-07-25 07:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-14 23:09 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-14 23:09 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-14 23:09 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-14 23:09 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-14 23:09 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-14 23:09 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-14 23:09 - 2014-07-25 07:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-14 23:09 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-14 23:09 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-14 23:09 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-14 23:09 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-14 23:09 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-14 23:09 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-14 23:08 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-14 23:08 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-14 23:08 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-14 23:08 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-14 23:08 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-14 23:08 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 23:08 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-14 23:08 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-14 23:07 - 2014-06-19 21:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-14 23:07 - 2014-06-19 19:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-14 23:07 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-14 23:07 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-14 23:07 - 2014-05-31 02:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-14 23:03 - 2014-07-15 14:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-14 23:03 - 2014-07-15 04:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-14 23:03 - 2014-07-15 04:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-14 23:03 - 2014-07-15 04:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-14 23:03 - 2014-07-10 00:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-14 23:03 - 2014-07-10 00:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-14 23:03 - 2014-07-09 23:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-14 23:03 - 2014-06-12 21:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-14 23:03 - 2014-06-12 21:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-14 23:03 - 2014-06-12 20:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-14 23:03 - 2014-06-06 07:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-14 23:03 - 2014-05-13 03:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-14 23:03 - 2014-05-13 01:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-14 23:03 - 2014-05-13 00:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-14 23:03 - 2014-05-13 00:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-14 23:03 - 2014-05-12 23:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-14 23:03 - 2014-05-12 23:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-14 23:03 - 2014-05-03 07:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-14 23:03 - 2014-05-03 05:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-14 23:03 - 2014-05-03 01:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-14 23:03 - 2014-05-03 01:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-14 23:03 - 2014-05-03 01:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-14 23:03 - 2014-05-03 00:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-14 23:03 - 2014-05-03 00:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-14 23:03 - 2014-05-03 00:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-14 23:03 - 2014-05-01 01:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-14 23:03 - 2014-04-30 02:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-14 23:03 - 2014-04-30 02:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-14 23:03 - 2014-04-30 02:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-14 23:03 - 2014-04-30 02:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-14 23:03 - 2014-04-30 01:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-14 23:03 - 2014-04-30 00:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-14 23:03 - 2014-04-30 00:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-14 23:03 - 2014-04-30 00:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-14 23:03 - 2014-04-30 00:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-14 23:03 - 2014-04-30 00:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-14 23:03 - 2014-04-30 00:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-14 23:03 - 2014-04-29 23:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-14 23:03 - 2014-04-29 23:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-14 23:03 - 2014-04-29 23:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-14 23:03 - 2014-04-29 23:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-14 23:03 - 2014-04-29 23:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-14 23:03 - 2014-04-29 23:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-14 23:03 - 2014-04-28 18:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-14 23:03 - 2014-04-26 18:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-14 23:03 - 2014-04-26 16:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-14 23:03 - 2014-04-26 12:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-14 23:03 - 2014-04-14 05:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-14 23:03 - 2014-04-14 04:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-14 23:03 - 2014-04-09 02:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-14 23:03 - 2014-04-09 01:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-14 23:02 - 2014-05-03 01:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-14 23:02 - 2014-05-02 19:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-14 23:02 - 2014-04-14 01:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-14 22:59 - 2014-06-05 10:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-14 22:59 - 2014-06-05 09:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-14 22:59 - 2014-06-01 22:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-14 22:59 - 2014-05-31 06:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-14 22:59 - 2014-05-31 06:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-14 22:59 - 2014-05-31 06:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-14 22:59 - 2014-05-31 06:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-14 22:59 - 2014-05-31 06:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-14 22:59 - 2014-05-31 02:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-14 22:59 - 2014-05-31 02:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-14 22:59 - 2014-05-31 02:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-14 22:59 - 2014-05-31 00:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-14 22:59 - 2014-05-31 00:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-14 22:59 - 2014-05-31 00:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-14 22:59 - 2014-05-27 11:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-14 22:59 - 2014-05-27 05:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-14 22:59 - 2014-05-27 05:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-14 22:59 - 2014-05-17 00:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-14 22:59 - 2014-05-17 00:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-14 22:58 - 2014-08-06 18:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-14 22:58 - 2014-08-02 01:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-14 22:58 - 2014-08-01 23:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-14 22:58 - 2014-06-04 05:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-14 22:58 - 2014-06-04 01:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-14 22:58 - 2014-06-04 01:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-14 22:58 - 2014-06-04 00:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-14 22:58 - 2014-06-04 00:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-14 22:58 - 2014-06-03 22:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-14 22:58 - 2014-06-03 22:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-14 22:57 - 2014-08-06 22:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-14 22:57 - 2014-08-06 18:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-14 22:57 - 2014-08-01 23:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-14 22:57 - 2014-07-12 00:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-06 04:26 - 2013-07-12 21:36 - 77660160 _____ () C:\Users\Janicekla\Downloads\Pinalpal Children Singing.MTS
2014-08-01 23:59 - 2014-08-01 23:59 - 00006183 _____ () C:\Users\Janicekla\Downloads\08042014xvand.ics
2014-08-01 15:11 - 2014-08-14 10:07 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-01 15:11 - 2014-08-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-01 15:11 - 2014-08-01 15:11 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-01 15:09 - 2014-08-01 15:09 - 04755832 _____ (AVG Technologies) C:\Users\Janicekla\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-08-01 15:04 - 2014-08-01 15:04 - 04462440 _____ (AVG Technologies) C:\Users\Janicekla\Downloads\avg_avct_stb_all_2014_4335_welcomecmp.exe
2014-07-27 07:44 - 2014-07-27 07:44 - 00000896 _____ () C:\Users\Janicekla\Downloads\Documents - Shortcut.lnk
2014-07-24 19:53 - 2014-08-15 17:31 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-24 19:52 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-23 22:58 - 2014-07-23 22:58 - 00000000 ____D () C:\Users\Janicekla\Downloads\Preparing for the Conference Notes
2014-07-23 22:55 - 2014-08-06 04:25 - 00000000 ____D () C:\Users\Janicekla\Downloads\SheSpeaks2014_PreparingFortheConference_AudioandNotes
2014-07-23 18:48 - 2014-07-23 18:48 - 05823739 _____ () C:\Users\Janicekla\Documents\HOPE5x7lay EDITED 2012_07_05.oxps
2014-07-23 13:11 - 2014-07-23 13:14 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\Avery
2014-07-23 13:07 - 2014-07-23 13:08 - 113017552 _____ (Avery Dennison Corp.) C:\Users\Janicekla\Downloads\Avery Wizard 5.0_20140331.exe
2014-07-23 12:54 - 2014-07-23 12:54 - 00000000 ____D () C:\Users\Janicekla\Downloads\en.U-0113-02.10UpTexturedBusinessCard.0909-01indd
2014-07-22 18:27 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-22 16:39 - 2014-07-23 05:52 - 00014248 _____ () C:\Users\Janicekla\Downloads\Giving Report July 22.Lawrence.xlsx
2014-07-21 23:53 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-21 23:53 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-21 23:53 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-21 23:53 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-21 23:53 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-21 23:53 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-21 23:53 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-21 23:53 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-21 23:53 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-21 23:50 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-21 23:50 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-21 23:50 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-21 23:50 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-21 23:50 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-21 23:50 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-21 23:50 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-21 23:50 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-21 23:50 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-21 23:50 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-21 23:50 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-21 23:50 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-21 23:50 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-21 23:50 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-21 23:50 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-21 23:50 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-21 23:50 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-21 23:44 - 2014-07-21 23:44 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-18 10:56 - 2014-08-17 11:07 - 00023964 _____ () C:\Users\Janicekla\Downloads\FRST.txt
2014-08-18 10:56 - 2014-08-17 08:51 - 00000000 ____D () C:\FRST
2014-08-18 10:50 - 2014-08-15 16:50 - 00000320 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-08-18 10:34 - 2014-08-16 12:46 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 10:31 - 2013-11-30 12:50 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3320592263-4229570666-3514765505-1001UA.job
2014-08-18 10:28 - 2013-09-12 21:48 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3320592263-4229570666-3514765505-1001
2014-08-18 10:23 - 2014-03-15 19:57 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-18 10:05 - 2014-06-19 14:55 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-18 10:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-18 09:59 - 2014-06-19 11:46 - 01659404 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-18 09:43 - 2014-04-11 08:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 ___RD () C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-08-18 09:40 - 2014-06-19 14:56 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-18 09:40 - 2014-06-19 14:55 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 09:40 - 2014-02-03 15:56 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\Deployment
2014-08-18 09:40 - 2013-12-03 07:48 - 00000000 ___DO () C:\Users\Janicekla\SkyDrive
2014-08-18 09:40 - 2013-09-14 09:57 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\CrashDumps
2014-08-17 19:31 - 2013-11-30 12:50 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3320592263-4229570666-3514765505-1001Core.job
2014-08-17 13:57 - 2013-11-14 03:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-17 13:56 - 2014-08-17 09:06 - 00042599 _____ () C:\Users\Janicekla\Downloads\Addition.txt
2014-08-17 12:35 - 2014-08-17 12:35 - 00070258 _____ () C:\Users\Janicekla\Downloads\Blog Template saved 2014_08_17.xml
2014-08-17 11:45 - 2014-02-10 11:13 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\Mozilla
2014-08-17 11:06 - 2014-08-17 11:06 - 00001361 _____ () C:\Users\Janicekla\Desktop\FRST64 - Shortcut.lnk
2014-08-17 08:51 - 2014-08-17 08:51 - 02101760 _____ (Farbar) C:\Users\Janicekla\Downloads\FRST64.exe
2014-08-17 01:10 - 2014-08-17 01:10 - 00003257 _____ () C:\Users\Janicekla\Desktop\Sophos Virus Removal Tool.lnk
2014-08-17 01:10 - 2014-08-17 01:10 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-08-17 01:10 - 2014-08-17 01:10 - 00000000 ____D () C:\ProgramData\Sophos
2014-08-17 01:10 - 2014-08-17 01:10 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-08-17 00:50 - 2014-08-16 23:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-17 00:43 - 2014-08-17 00:42 - 96063296 _____ (Sophos Limited) C:\Users\Janicekla\Downloads\Sophos Virus Removal Tool.exe
2014-08-16 23:21 - 2014-08-16 23:10 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-16 23:11 - 2014-08-16 23:11 - 00001409 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-16 23:11 - 2014-08-16 23:11 - 00001397 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-16 23:11 - 2014-08-16 23:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-16 23:11 - 2014-08-16 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-16 23:09 - 2014-08-16 23:08 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Janicekla\Downloads\spybot-2.4.exe
2014-08-16 21:32 - 2014-08-16 21:27 - 00000000 ____D () C:\Users\Janicekla\Documents\My Kindle Content
2014-08-16 21:30 - 2014-08-16 16:40 - 00000000 ____D () C:\Users\Janicekla\Documents\Calibre Library
2014-08-16 21:27 - 2014-08-16 21:27 - 00002269 _____ () C:\Users\Janicekla\Desktop\Kindle.lnk
2014-08-16 21:27 - 2014-08-16 21:27 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-08-16 21:27 - 2014-08-16 21:26 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\Amazon
2014-08-16 21:26 - 2014-08-16 21:25 - 38157960 _____ (Amazon.com) C:\Users\Janicekla\Downloads\KindleForPC-installer.exe
2014-08-16 20:36 - 2014-08-16 16:40 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\calibre
2014-08-16 20:30 - 2014-08-16 17:48 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\calibre-cache
2014-08-16 18:01 - 2014-06-19 14:52 - 00002384 _____ () C:\WINDOWS\setupact.log
2014-08-16 16:40 - 2014-08-16 16:40 - 00000974 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-16 16:40 - 2014-08-16 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-16 16:40 - 2014-08-16 16:40 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-16 16:38 - 2014-08-16 16:25 - 56419840 _____ () C:\Users\Janicekla\Downloads\calibre-1.48.0.msi
2014-08-16 12:46 - 2014-08-16 12:46 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-16 12:46 - 2014-08-16 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-16 12:46 - 2014-08-16 12:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-16 12:43 - 2014-08-16 12:43 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Janicekla\Downloads\mbam_premium (1).exe
2014-08-16 10:31 - 2014-08-16 10:31 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-16 10:31 - 2014-08-16 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-16 10:31 - 2014-08-16 10:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-16 10:31 - 2014-08-16 10:30 - 00000000 ____D () C:\Program Files\iTunes
2014-08-16 10:31 - 2014-08-16 10:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-16 10:30 - 2014-08-16 10:30 - 00000000 ____D () C:\Program Files\iPod
2014-08-15 20:08 - 2013-08-30 04:37 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-08-15 19:58 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-15 19:56 - 2013-08-22 10:44 - 00484248 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-15 19:55 - 2014-06-19 10:59 - 00005288 _____ () C:\WINDOWS\PFRO.log
2014-08-15 17:32 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-15 17:31 - 2014-07-24 19:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 17:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-15 17:31 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-15 17:31 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-15 17:31 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-15 17:31 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-15 17:31 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-15 16:50 - 2014-08-15 16:50 - 00862064 _____ ( ) C:\Users\Janicekla\Downloads\Adobe_Flash_Setup (1).exe
2014-08-15 16:50 - 2014-08-15 16:50 - 00002658 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-08-15 16:50 - 2014-08-15 16:50 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\WSE_Astromenda
2014-08-15 16:48 - 2014-08-15 16:49 - 18607792 _____ (Adobe Systems Incorporated) C:\Users\Janicekla\Downloads\install_flash_player_ax.exe
2014-08-15 16:48 - 2014-08-15 16:48 - 00862064 _____ ( ) C:\Users\Janicekla\Downloads\Adobe_Flash_Setup.exe
2014-08-15 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-15 14:12 - 2013-09-14 11:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-15 14:04 - 2013-09-14 11:11 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-14 22:57 - 2014-06-17 08:43 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-14 22:57 - 2014-06-17 08:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-14 22:57 - 2014-04-09 19:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-14 22:56 - 2014-06-17 08:42 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-14 22:56 - 2014-06-17 08:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-14 22:56 - 2014-06-17 08:41 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-14 22:56 - 2014-06-17 08:41 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-14 22:56 - 2014-06-17 08:41 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-14 22:56 - 2014-06-17 08:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-14 22:56 - 2014-06-17 08:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-14 22:56 - 2014-06-17 08:41 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-14 22:56 - 2014-06-17 08:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 22:56 - 2014-05-03 13:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-14 22:56 - 2014-05-03 10:51 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-14 22:56 - 2014-05-03 10:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-14 22:56 - 2014-04-09 19:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-14 22:50 - 2014-04-28 09:04 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-14 22:49 - 2014-06-12 07:43 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-14 10:07 - 2014-08-01 15:11 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-14 10:07 - 2014-08-01 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-12 10:31 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-10 10:55 - 2013-09-12 21:54 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-08 09:20 - 2014-06-20 14:39 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\Smilebox
2014-08-06 22:12 - 2014-08-14 22:57 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-06 21:16 - 2013-09-13 22:49 - 00000000 ____D () C:\Users\Janicekla\Documents\My Files
2014-08-06 18:39 - 2014-08-14 22:57 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-06 18:38 - 2014-08-14 22:58 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 04:25 - 2014-07-23 22:55 - 00000000 ____D () C:\Users\Janicekla\Downloads\SheSpeaks2014_PreparingFortheConference_AudioandNotes
2014-08-02 22:42 - 2013-09-12 09:50 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\Packages
2014-08-02 01:44 - 2014-08-14 22:58 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 23:59 - 2014-08-01 23:59 - 00006183 _____ () C:\Users\Janicekla\Downloads\08042014xvand.ics
2014-08-01 23:56 - 2014-08-14 22:57 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-01 23:11 - 2014-08-14 22:58 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 20:17 - 2014-08-15 19:59 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 20:17 - 2014-08-15 19:59 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 15:12 - 2014-04-11 08:25 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-01 15:11 - 2014-08-01 15:11 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-01 15:11 - 2014-04-11 08:25 - 00000000 ___HD () C:\$AVG
2014-08-01 15:11 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-01 15:09 - 2014-08-01 15:09 - 04755832 _____ (AVG Technologies) C:\Users\Janicekla\Downloads\avg_free_stb_all_2014_4744_cnet.exe
2014-08-01 15:04 - 2014-08-01 15:04 - 04462440 _____ (AVG Technologies) C:\Users\Janicekla\Downloads\avg_avct_stb_all_2014_4335_welcomecmp.exe
2014-08-01 14:51 - 2014-04-11 08:08 - 00000000 ____D () C:\Users\Janicekla\AppData\Local\Avg2014
2014-07-27 07:44 - 2014-07-27 07:44 - 00000896 _____ () C:\Users\Janicekla\Downloads\Documents - Shortcut.lnk
2014-07-26 22:19 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-25 10:52 - 2014-08-14 23:09 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 09:51 - 2014-08-14 23:09 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 09:28 - 2014-08-14 23:08 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 09:25 - 2014-08-14 23:09 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 09:25 - 2014-08-14 23:08 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 08:59 - 2014-08-14 23:09 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 08:40 - 2014-08-14 23:09 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 08:34 - 2014-08-14 23:08 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 08:30 - 2014-08-14 23:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 08:28 - 2014-08-14 23:09 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 08:28 - 2014-08-14 23:08 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 08:21 - 2014-08-14 23:09 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 08:17 - 2014-08-14 23:09 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 08:10 - 2014-08-14 23:09 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 08:08 - 2014-08-14 23:09 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 08:06 - 2014-08-14 23:09 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 07:52 - 2014-08-14 23:09 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 07:47 - 2014-08-14 23:09 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 07:43 - 2014-08-14 23:09 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 07:43 - 2014-08-14 23:08 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 07:42 - 2014-08-14 23:09 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 07:39 - 2014-08-14 23:09 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 07:34 - 2014-08-14 23:09 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 07:29 - 2014-08-14 23:09 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 07:23 - 2014-08-14 23:09 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 07:13 - 2014-08-14 23:09 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 07:09 - 2014-08-14 23:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 07:07 - 2014-08-14 23:09 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 07:03 - 2014-08-14 23:09 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 06:52 - 2014-08-14 23:08 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 06:26 - 2014-08-14 23:09 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 06:17 - 2014-08-14 23:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 06:09 - 2014-08-14 23:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 06:05 - 2014-08-14 23:08 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 06:00 - 2014-08-14 23:09 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-24 19:53 - 2013-11-14 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-24 19:53 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-24 19:53 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-24 19:53 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-24 19:51 - 2014-02-03 15:33 - 00000000 ____D () C:\Users\Janicekla
2014-07-23 22:58 - 2014-07-23 22:58 - 00000000 ____D () C:\Users\Janicekla\Downloads\Preparing for the Conference Notes
2014-07-23 20:31 - 2014-06-26 19:52 - 00000000 ____D () C:\Users\Janicekla\Downloads\BangUpBookProposalNotes
2014-07-23 18:48 - 2014-07-23 18:48 - 05823739 _____ () C:\Users\Janicekla\Documents\HOPE5x7lay EDITED 2012_07_05.oxps
2014-07-23 13:14 - 2014-07-23 13:11 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\Avery
2014-07-23 13:08 - 2014-07-23 13:07 - 113017552 _____ (Avery Dennison Corp.) C:\Users\Janicekla\Downloads\Avery Wizard 5.0_20140331.exe
2014-07-23 12:54 - 2014-07-23 12:54 - 00000000 ____D () C:\Users\Janicekla\Downloads\en.U-0113-02.10UpTexturedBusinessCard.0909-01indd
2014-07-23 05:52 - 2014-07-22 16:39 - 00014248 _____ () C:\Users\Janicekla\Downloads\Giving Report July 22.Lawrence.xlsx
2014-07-22 18:22 - 2013-09-12 22:11 - 00000000 ____D () C:\Users\Janicekla\AppData\Roaming\PCDr
2014-07-21 23:44 - 2014-07-21 23:44 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-18 10:43
 

==================== End Of Log ============================

   

Link to post
Share on other sites

 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Janicekla at 2014-08-18 10:57:23
Running from C:\Users\Janicekla\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Aff Packages (HKCU\...\Aff Packages) (Version:  - ) <==== ATTENTION
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4745 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4745 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{DD649DA2-BBD9-4247-85DD-E04F7C1E8552}) (Version: 1.48.0 - Kovid Goyal)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.2417 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.2413 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4828.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.1 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.1 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.13.5 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP ENVY 5530 series Basic Device Software (HKLM\...\{C58798FA-F727-484D-831C-3AF5B931555C}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM-x32\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PocketCloud (HKLM-x32\...\{AAF1E996-6AE6-4684-88A8-41F4E98E2899}) (Version: 2.6.21 - Wyse Technology)
Product Improvement Study for HP ENVY 5530 series (HKLM\...\{378A8D84-75A9-4CFB-A291-F7E31D42F72F}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6927 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.27704 - Smilebox, Inc.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.2 - Sophos Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3320592263-4229570666-3514765505-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Janicekla\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3320592263-4229570666-3514765505-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Janicekla\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3320592263-4229570666-3514765505-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Janicekla\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
01-08-2014 12:53:32 Installed AVG 2014
15-08-2014 17:50:30 Windows Update
16-08-2014 00:03:44 restore from 08/14/2014
17-08-2014 05:09:20 Installed Sophos Virus Removal Tool.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2014-08-17 01:05 - 00450709 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {023BEB90-F73C-401F-ADD9-BC1FA5166302} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {060ABE99-8C00-45C7-82A9-A155A1783D6D} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [2013-11-29] (Hewlett-Packard Co.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {18B9A878-26D4-4DC6-BFE8-15FE92F1DB27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-20] (Microsoft Corporation)
Task: {1B5E951B-E59E-4620-A58E-E746C1D06809} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2311FF97-E7A1-4CC3-978E-9C9AD702DA1F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3320592263-4229570666-3514765505-1001Core => C:\Users\Janicekla\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-30] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {30E873C1-2C80-4704-BD23-39AA8D427DA7} - \MySearchDial No Task File <==== ATTENTION
Task: {32BDA023-0F11-4A7C-879F-A20CF1E5B6B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
Task: {333C3284-2133-489A-BCD8-7C8EC679FE79} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WPCRDPVirtualChannelServer.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {352FC612-3DB5-450E-A1B6-D4A0A5F9C351} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {39F1559A-D0B6-4683-81D8-104AA159951B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {43E0401B-913F-4003-9FE5-4CFA31BA3931} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4F425307-63A5-4A73-ABAC-3D3A6F1C69EB} - System32\Tasks\HP AR Program Upload - ab37f8e8c5024933bb58a5d7d22274da00d9ee7ad88d4be8bacb83540e2715cc => C:\Program Files\HP\HP ENVY 5530 series\bin\HPRewards.exe [2013-11-29] (TODO: <Company name>)
Task: {5637AD52-7E28-4C1E-B67D-DD9DC04F08D6} - System32\Tasks\PocketCloud => C:\Program
Task: {58520B56-A441-4A8B-91A8-C8BC23486C0C} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {59C23EDF-5792-43FD-985E-B9EE9B2F9A46} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {61C399B1-DCF2-468E-AEC4-A638B298EDE5} - System32\Tasks\WSE_Astromenda => C:\Users\JANICE~1\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {62F489B2-42A5-4814-99DB-7C99CEF3DF33} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {64631B30-D050-4D0A-B655-C5F4080EBBD1} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {67C83C8A-F04C-4DA7-AD1A-65C055E123C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-20] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77C02695-6A0F-40B9-9001-18C1FBCA1011} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9289C5A-4A5D-4956-8344-45422ADC18F6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AF49F3EF-4E8B-4273-9AD0-764D4E44264C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
Task: {AF848401-3073-4819-92F8-16D08CF930B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3320592263-4229570666-3514765505-1001UA => C:\Users\Janicekla\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-30] (Google Inc.)
Task: {B0816509-E027-43FD-B885-59AE26BA8F2A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {C5103A9A-2887-43BC-801C-0AE267773518} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {C60D808A-79C0-4A0B-A34F-BB38B2BBE997} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {C9804EFD-786C-4B94-BA37-AA5D0489B7C2} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-05] (Synaptics Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DEBBEE39-4252-498C-A308-9C636D16895E} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {E558D8B0-57DF-47B5-BB71-33F99CC3E4F3} - System32\Tasks\HP AR Program Upload - af9753adfd504d63a43369a7dbd57eb72aca626c3dc043b195e78b76d248447c => C:\Program Files\HP\HP ENVY 5530 series\bin\HPRewards.exe [2013-11-29] (TODO: <Company name>)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E8B26E3F-8EC7-487A-8485-9E2C0F7AE578} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {EFC53E1F-1B83-4188-8715-4FE10A21D3D1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {F0BB462A-D810-4E92-939B-5B3B3894E6E9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3320592263-4229570666-3514765505-1001Core.job => C:\Users\Janicekla\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3320592263-4229570666-3514765505-1001UA.job => C:\Users\Janicekla\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements (1).job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\JANICE~1\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-04-10 17:12 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-30 04:35 - 2012-04-24 22:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-06-21 21:46 - 2013-06-21 21:46 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-06-21 21:35 - 2013-06-21 21:35 - 00032256 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-06-21 21:31 - 2013-06-21 21:31 - 00035840 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2014-07-21 23:52 - 2014-05-20 12:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-02-28 22:14 - 2013-02-28 22:14 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 22:11 - 2013-02-28 22:11 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 22:15 - 2013-02-28 22:15 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-08-05 10:12 - 2014-08-05 10:12 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-08-30 04:24 - 2013-06-01 08:31 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-16 23:10 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-16 23:10 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-16 23:10 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-16 23:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-16 23:10 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-21 23:52 - 2014-05-20 06:11 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-08-15 17:26 - 2014-08-06 23:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 17:26 - 2014-08-06 23:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2013-08-30 04:33 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-08-15 17:26 - 2014-08-06 23:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 17:26 - 2014-08-06 23:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 17:26 - 2014-08-06 23:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 17:26 - 2014-08-06 23:20 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libexif.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Janicekla\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Janicekla\Downloads\noname.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: HP LaserJet 4000 Series
Description: HP LaserJet 4000 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: HP LaserJet 4050 Series
Description: HP LaserJet 4050 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/18/2014 09:40:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process id: 0x126c
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3
Faulting package full name: UA.exe4
Faulting package-relative application ID: UA.exe5
 
Error: (08/17/2014 00:17:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20573 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 17d8
 
Start Time: 01cfba359c02ded2
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: e9523e6a-2629-11e4-be97-0c84dc26ec54
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/17/2014 11:01:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 16.8.2014.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 172c
 
Start Time: 01cfba2bf14c2fb9
 
Termination Time: 4294967295
 
Application Path: C:\Users\Janicekla\Downloads\FRST64.exe
 
Report Id: 6ac5c3f4-261f-11e4-be97-0c84dc26ec54
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/17/2014 11:01:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 16.8.2014.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1fcc
 
Start Time: 01cfba2bf065332e
 
Termination Time: 4294967295
 
Application Path: C:\Users\Janicekla\Downloads\FRST64.exe
 
Report Id: 6dcf2479-261f-11e4-be97-0c84dc26ec54
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/16/2014 11:11:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDWelcome.exe, version: 2.4.40.130, time stamp: 0x535a5196
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x0eedfade
Fault offset: 0x00011d4d
Faulting process id: 0x1c30
Faulting application start time: 0xSDWelcome.exe0
Faulting application path: SDWelcome.exe1
Faulting module path: SDWelcome.exe2
Report Id: SDWelcome.exe3
Faulting package full name: SDWelcome.exe4
Faulting package-relative application ID: SDWelcome.exe5
 
Error: (08/16/2014 11:11:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x0eedfade
Fault offset: 0x00011d4d
Faulting process id: 0x3a4
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
 
Error: (08/16/2014 10:37:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process id: 0x1d8
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3
Faulting package full name: UA.exe4
Faulting package-relative application ID: UA.exe5
 
Error: (08/16/2014 10:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process id: 0xf70
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3
Faulting package full name: UA.exe4
Faulting package-relative application ID: UA.exe5
 
Error: (08/16/2014 03:41:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process id: 0x18f0
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3
Faulting package full name: UA.exe4
Faulting package-relative application ID: UA.exe5
 
Error: (08/16/2014 00:42:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Exception code: 0x40000015
Fault offset: 0x0007da8a
Faulting process id: 0x1c8c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5
 
 
System errors:
=============
Error: (08/16/2014 00:42:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 4 time(s).
 
Error: (08/16/2014 00:16:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (08/16/2014 00:09:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (08/15/2014 08:01:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error: 
%%126
 
Error: (08/15/2014 07:58:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/15/2014 07:57:35 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (08/15/2014 05:11:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 4 time(s).
 
Error: (08/15/2014 02:29:23 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{659ec51d-7e88-446a-b019-1b7df51b7cdc}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6D34021F-0D91-47A1-935D-3B571EECBA42}
 
Error: (08/15/2014 01:55:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Internet Explorer Flash Player for Windows 8.1 for x64-based Systems (KB2982794).
 
Error: (08/13/2014 11:32:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 3 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (08/18/2014 09:40:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: UA.exe1.0.0.153463944MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d126c01cfbae9f606c6dbC:\Users\Janicekla\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll3843cfc8-26dd-11e4-be97-0c84dc26ec54
 
Error: (08/17/2014 00:17:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2057317d801cfba359c02ded24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exee9523e6a-2629-11e4-be97-0c84dc26ec54microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/17/2014 11:01:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe16.8.2014.4172c01cfba2bf14c2fb94294967295C:\Users\Janicekla\Downloads\FRST64.exe6ac5c3f4-261f-11e4-be97-0c84dc26ec54
 
Error: (08/17/2014 11:01:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe16.8.2014.41fcc01cfba2bf065332e4294967295C:\Users\Janicekla\Downloads\FRST64.exe6dcf2479-261f-11e4-be97-0c84dc26ec54
 
Error: (08/16/2014 11:11:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDWelcome.exe2.4.40.130535a5196KERNELBASE.dll6.3.9600.17055532943a30eedfade00011d4d1c3001cfb9c8f864e48cC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll36b640c4-25bc-11e4-be97-0c84dc26ec54
 
Error: (08/16/2014 11:11:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.3.9600.17055532943a30eedfade00011d4d3a401cfb9c8f86aff05C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll36b1fa35-25bc-11e4-be97-0c84dc26ec54
 
Error: (08/16/2014 10:37:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UA.exe1.0.0.153463944MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d1d801cfb9c4361decffC:\Users\Janicekla\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll77d5dd0c-25b7-11e4-be97-0c84dc26ec54
 
Error: (08/16/2014 10:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UA.exe1.0.0.153463944MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1df7001cfb9c0f919efc4C:\Users\Janicekla\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll3bd74779-25b4-11e4-be97-0c84dc26ec54
 
Error: (08/16/2014 03:41:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UA.exe1.0.0.153463944MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d18f001cfb98a174f4193C:\Users\Janicekla\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll5746577e-257d-11e4-be97-0c84dc26ec54
 
Error: (08/16/2014 00:42:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a1c8c01cfb9710c2274faC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe4a9e9479-2564-11e4-be97-0c84dc26ec54
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-04-11 08:15:21.821
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-11 08:15:21.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-11 08:08:56.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-11 08:08:56.298
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 37%
Total physical RAM: 8072.96 MB
Available physical RAM: 5033.91 MB
Total Pagefile: 9352.96 MB
Available Pagefile: 6397.38 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917.55 GB) (Free:807.27 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 12BD9747)
 
Partition: GPT Partition Type.
 

==================== End Of Log ============================  

Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
P2P/Piracy Warning:
  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Step 1

Please uninstall some programs:

  • Windows 8 w8.png: Hold down the Windows logo key and press X to open a menu at the lower-left area of the screen.
  • Select Programs and Features from the menu.
  • Search and select the following programs one by one and click on Uninstall: Aff Packages
  • Reboot your computer.
Step 2

Scan with mbam.pngMalwarebytes Antimalware

  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Step 3

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select "Run As Administrator"

  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.

    Copy and paste the contents of that logfile in your next reply.

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.