Jump to content

Computer running really slow.


MCL

Recommended Posts

You all have helped me before and I need it again.

Here's mr FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by Mlaukha (administrator) on CDG07001538 on 21-09-2014 20:07:13
Running from C:\Users\mlaukha\Downloads
Platform: Windows 7 Enterprise Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
(IBM) C:\Program Files\IBM\Lotus\Notes\nsd.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(IBM Corp) C:\Program Files\IBM\Lotus\Notes\ntmulti.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Mozy, Inc.) C:\Program Files\MozyPro\mozyprobackup.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Mozy, Inc.) C:\Program Files\MozyPro\mozyprobackup.exe
(Specops Software) C:\Windows\System32\SppClient.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Sysinternals) C:\Windows\Scripts\BGinfo\Bginfo.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Mozy, Inc.) C:\Program Files\MozyPro\mozyprostat.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_152_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [bGInfo] => C:\Windows\Scripts\BGINFO.bat [97 2011-03-08] ()
HKLM\...\Run: [specops Password Client] => C:\Windows\system32\SppClient.exe [858328 2010-11-23] (Specops Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [505720 2011-07-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [OfficeScanNT Monitor] => C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe [1533720 2013-11-20] (Trend Micro Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKU\S-1-5-21-150485414-301174314-2440751699-8203\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3905920 2012-03-07] (SUPERAntiSpyware.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyPro Status.lnk
ShortcutTarget: MozyPro Status.lnk -> C:\Program Files\MozyPro\mozyprostat.exe (Mozy, Inc.)
ShellIconOverlayIdentifiers: mozypro -> {71B8CED8-5D67-4f57-89B1-F64CE6302A1E} => C:\Program Files\MozyPro\mozyproshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: mozypro2 -> {CBAFE103-79DA-46ca-BD9A-63CBF6282882} => C:\Program Files\MozyPro\mozyproshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: mozypro3 -> {8B99EA55-1AFF-4539-80A0-A71C6011CD84} => C:\Program Files\MozyPro\mozyproshell.dll (Mozy, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Updater For Verizon Toolbar -> {96673559-e653-4cdc-8923-f89347a952c0} -> C:\Program Files\verizontb\auxi\verizonAu.dll (Visicom Media)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Verizon Toolbar - {f8d96645-337c-419b-8792-b6c126145811} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {00134F72-5284-44F7-95A8-52A619F70751} https://usherwip12:4343/officescan/console/html/ClientInstall/WinNTChk.cab
DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} https://usherwip12:4343/officescan/console/html/ClientInstall/setup.cab
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.gameofficials.net/utility/smsx.cab
DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} https://usherwip12:4343/officescan/console/html/root/AtxEnc.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {9B815712-2EF0-4F81-8505-72EDC73B5626} https://na19.salesforce.com/dwnld/offline2/offline2.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://bio-rad.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://connect.bio-rad.com/dana-cached/sc/JuniperSetupClient.cab
DPF: {F8A2314A-16E1-48CB-8EE7-A221207CBEEE} http://usherisx01.global.bio-rad.com/ucontent/8acc281bae9f42d187f9ee729af1a677_en-US/gh/html//assets/cab/rwdsot.CAB
Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\mlaukha\AppData\Local\Citrix\Plugins\92\npappdetector.dll (Citrix Online)
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension [2013-05-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR RestoreOnStartup: Default -> "hxxp://www.google.com/"
CHR CustomProfile: C:\Users\mlaukha\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\mlaukha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-01]
CHR Extension: (Google Search) - C:\Users\mlaukha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-01]
CHR Extension: (Gmail) - C:\Users\mlaukha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S2 CcmExec; C:\WINDOWS\CCM\CcmExec.exe [1090656 2012-11-21] (Microsoft Corporation)
S4 CmRcService; C:\WINDOWS\CCM\RemCtrl\CmRcService.exe [470112 2012-11-21] (Microsoft Corporation)
S2 dsiasrv; C:\Program Files\Dell\SysMgt\dsia\bin\DsiaSrv32.exe [149416 2011-01-12] (Dell Inc.)
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [615720 2009-12-09] (Juniper Networks)
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [358984 2014-05-21] (Verizon) [File not signed]
R2 Lotus Notes Diagnostics; C:\Program Files\IBM\Lotus\Notes\nsd.exe [3417480 2011-03-23] (IBM)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [48744 2012-08-02] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [48744 2012-08-02] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 mozyprobackup; C:\Program Files\MozyPro\mozyprobackup.exe [54600 2013-12-11] (Mozy, Inc.)
S3 MSSQL$NR2007; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Multi-user Cleanup Service; C:\Program Files\IBM\Lotus\Notes\ntmulti.exe [58760 2011-03-23] (IBM Corp)
R2 ntrtscan; C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe [2320640 2013-11-16] (Trend Micro Inc.)
R2 O2FLASH; C:\WINDOWS\system32\DRIVERS\o2flash.exe [72296 2011-07-08] (O2Micro International)
S3 PSEXESVC; C:\WINDOWS\PSEXESVC.EXE [181064 2014-02-20] (Sysinternals)
S3 smstsmgr; C:\WINDOWS\CCM\TSManager.exe [275536 2012-11-21] (Microsoft Corporation)
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [345112 2013-10-23] (Trend Micro Inc.)
S2 tmlisten; C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe [2260128 2013-11-16] (Trend Micro Inc.)
S3 TmPfw; C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe [497272 2011-04-15] (Trend Micro Inc.)
S3 TmProxy; C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe [689176 2013-07-01] (Trend Micro Inc.)
S2 Winmgmt; C:\WINDOWS\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Acceler; C:\WINDOWS\System32\DRIVERS\Accelern.sys [43888 2011-07-08] (ST Microelectronics)
R3 dsNcAdpt; C:\WINDOWS\System32\DRIVERS\dsNcAdpt.sys [26624 2009-12-09] (Juniper Networks)
R3 e1cexpress; C:\WINDOWS\System32\DRIVERS\e1c6232.sys [238760 2010-10-28] (Intel Corporation)
S3 MEI; C:\WINDOWS\system32\drivers\HECI.sys [41088 2011-07-08] (Intel Corporation)
R1 mozyproFilter; C:\WINDOWS\System32\DRIVERS\mozypro.sys [55520 2013-12-11] (Mozy, Inc.)
R3 NETwNs32; C:\WINDOWS\System32\DRIVERS\NETwNs32.sys [7434240 2011-07-08] (Intel Corporation)
S3 nusb3hub; C:\WINDOWS\system32\drivers\nusb3hub.sys [62208 2011-07-08] (Renesas Electronics Corporation)
S3 nusb3xhc; C:\WINDOWS\system32\drivers\nusb3xhc.sys [141568 2011-07-08] (Renesas Electronics Corporation)
S3 O2MDFRDR; C:\WINDOWS\system32\drivers\O2MDFw7.sys [60904 2011-07-08] (O2Micro )
S3 O2MDRRDR; C:\WINDOWS\system32\drivers\O2MDRw7.sys [62440 2011-07-08] (O2Micro )
R3 O2SDJRDR; C:\WINDOWS\System32\DRIVERS\o2sdjw7.sys [63976 2011-07-08] (O2Micro )
S3 prepdrvr; C:\WINDOWS\System32\DRIVERS\prepdrv.sys [20840 2012-11-21] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [17648 2010-08-20] (ST Microelectronics)
R2 tmactmon; C:\WINDOWS\System32\DRIVERS\tmactmon.sys [75600 2013-08-29] (Trend Micro Inc.)
R2 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [263072 2013-09-02] (Trend Micro Inc.)
R2 tmevtmgr; C:\WINDOWS\System32\DRIVERS\tmevtmgr.sys [62704 2013-08-29] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys [263968 2013-08-14] (Trend Micro Inc.)
R1 TmLwf; C:\WINDOWS\System32\DRIVERS\tmlwf.sys [146232 2012-06-21] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys [36128 2013-08-14] (Trend Micro Inc.)
R1 tmtdi; C:\WINDOWS\System32\DRIVERS\tmtdi.sys [90712 2013-01-09] (Trend Micro Inc.)
R2 tmWfp; C:\WINDOWS\System32\DRIVERS\tmwfp.sys [282936 2012-06-21] (Trend Micro Inc.)
R2 VSApiNt; C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys [1517600 2013-08-14] (Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 20:07 - 2014-09-21 20:07 - 00017934 _____ () C:\Users\mlaukha\Downloads\FRST.txt
2014-09-21 20:06 - 2014-09-21 20:07 - 00000000 ____D () C:\FRST
2014-09-21 20:06 - 2014-09-21 20:06 - 01097728 _____ (Farbar) C:\Users\mlaukha\Downloads\FRST.exe
2014-09-18 06:47 - 2014-09-18 06:47 - 00000027 _____ () C:\WINDOWS\system32\u
2014-09-18 06:21 - 2014-09-18 06:21 - 12363264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 09739776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 03695416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dat
2014-09-18 06:21 - 2014-09-18 06:21 - 02382848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-18 06:21 - 2014-09-18 06:21 - 01810432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 01427968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-18 06:21 - 2014-09-18 06:21 - 01137664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-09-18 06:21 - 2014-09-18 06:21 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00353584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieaksie.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieakui.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msls31.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieakeng.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\admparse.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetIEInstalledDate.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RegisterIEPKEYs.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\icardie.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-09-18 06:21 - 2014-09-18 06:21 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmler.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-09-18 06:20 - 2014-09-18 06:22 - 00003629 _____ () C:\WINDOWS\IE9_main.log
2014-09-14 21:37 - 2014-09-14 21:37 - 00047104 _____ () C:\WINDOWS\system32\ctwvddy.dll
2014-09-14 21:37 - 2014-09-14 21:37 - 00037376 _____ () C:\Users\mlaukha\AppData\Roaming\peclze.dll
2014-09-14 21:37 - 2014-09-14 21:37 - 00000000 _____ () C:\WINDOWS\system32\znpkf.dll
2014-09-11 18:28 - 2014-09-11 18:28 - 00000000 ____D () C:\Program Files\Adblock Plus for IE

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 20:07 - 2014-09-21 20:07 - 00017934 _____ () C:\Users\mlaukha\Downloads\FRST.txt
2014-09-21 20:07 - 2014-09-21 20:06 - 00000000 ____D () C:\FRST
2014-09-21 20:06 - 2014-09-21 20:06 - 01097728 _____ (Farbar) C:\Users\mlaukha\Downloads\FRST.exe
2014-09-21 19:59 - 2011-09-29 15:20 - 02054009 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-21 19:20 - 2014-04-11 15:32 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 19:15 - 2012-04-24 16:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-21 18:18 - 2009-07-14 00:34 - 00019328 ____H () C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 18:18 - 2009-07-14 00:34 - 00019328 ____H () C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 16:25 - 2011-02-08 14:21 - 00005800 _____ () C:\WINDOWS\mozypro.blk
2014-09-21 16:25 - 2011-02-08 14:21 - 00001254 _____ () C:\WINDOWS\mozypro.flt
2014-09-19 10:29 - 2011-12-09 10:17 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-18 18:52 - 2009-07-13 22:37 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-18 18:15 - 2011-05-09 14:46 - 00036158 _____ () C:\WINDOWS\setupact.log
2014-09-18 18:15 - 2009-07-14 00:53 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-18 15:39 - 2011-09-29 15:46 - 00001032 _____ () C:\WINDOWS\system32\config\netlogon.ftl
2014-09-18 06:47 - 2014-09-18 06:47 - 00000027 _____ () C:\WINDOWS\system32\u
2014-09-18 06:47 - 2013-11-22 12:29 - 00001413 _____ () C:\Users\mlaukha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-18 06:23 - 2011-10-05 16:56 - 01067534 _____ () C:\WINDOWS\PFRO.log
2014-09-18 06:22 - 2014-09-18 06:20 - 00003629 _____ () C:\WINDOWS\IE9_main.log
2014-09-18 06:21 - 2014-09-18 06:21 - 12363264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 09739776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 03695416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dat
2014-09-18 06:21 - 2014-09-18 06:21 - 02382848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-18 06:21 - 2014-09-18 06:21 - 01810432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 01427968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-18 06:21 - 2014-09-18 06:21 - 01137664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-09-18 06:21 - 2014-09-18 06:21 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00353584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieaksie.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieakui.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msls31.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieakeng.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\admparse.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetIEInstalledDate.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RegisterIEPKEYs.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\icardie.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-09-18 06:21 - 2014-09-18 06:21 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmler.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-09-18 06:21 - 2014-09-18 06:21 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-09-18 06:21 - 2014-09-18 06:21 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-09-17 06:11 - 2011-09-29 15:53 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-17 06:10 - 2011-09-29 15:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-14 21:37 - 2014-09-14 21:37 - 00047104 _____ () C:\WINDOWS\system32\ctwvddy.dll
2014-09-14 21:37 - 2014-09-14 21:37 - 00037376 _____ () C:\Users\mlaukha\AppData\Roaming\peclze.dll
2014-09-14 21:37 - 2014-09-14 21:37 - 00000000 _____ () C:\WINDOWS\system32\znpkf.dll
2014-09-13 21:54 - 2009-07-13 22:37 - 00000000 ____D () C:\WINDOWS\registration
2014-09-11 18:28 - 2014-09-11 18:28 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-09-10 01:15 - 2012-04-24 16:02 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-10 01:15 - 2011-11-07 14:34 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-09 13:50 - 2011-09-29 15:47 - 00027986 __RSH () C:\ProgramData\ntuser.pol
2014-08-25 06:53 - 2011-03-10 00:11 - 00231584 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-08-22 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\WINDOWS\system32\NDF

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-16 00:49

==================== End Of Log ============================

And the Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-09-2014 01
Ran by Mlaukha at 2014-09-21 20:07:43
Running from C:\Users\mlaukha\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adblock Plus for IE (32-bit) (HKLM\...\{DF0E7912-4A45-4B24-B472-E521C4D2C663}) (Version: 99.9 - Eyeo GmbH)
Adblock Plus for IE (HKLM\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.12.0 (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.12.0 - Ashampoo GmbH & Co. KG)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CleanUp! (HKLM\...\CleanUp!) (Version:  - )
Configuration Manager Client (Version: 5.00.7804.1000 - Microsoft Corporation) Hidden
Dell OpenManage Inventory Agent (for Dell Business Client Systems) (HKLM\...\{0804D011-EFDC-4d47-81A5-390092FA38BD}) (Version: 1.4.1 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.125 - ALPS ELECTRIC CO., LTD.)
GoToMeeting 5.4.0.1082 (HKCU\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
IHA_MessageCenter (HKLM\...\{3EECDAD2-50D8-41B2-A8BA-359ED85D2D5F}) (Version: 1.9.1 - Verizon)
iLivid (HKLM\...\iLivid) (Version: 4.0.0.2901 - Bandoo Media Inc) <==== ATTENTION
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Japanese Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-5760-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Java Auto Updater (Version: 2.0.7.2 - Sun Microsystems, Inc.) Hidden
Java 6 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
join.me (HKCU\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
Juniper Networks Network Connect 6.5.0 (HKLM\...\Juniper Network Connect 6.5.0) (Version: 6.5.0.14951 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.2.5973 - Juniper Networks)
Livelink Office Editor 3.2.3 (HKLM\...\{909D1BEB-08B6-4AE6-A848-95F95CEFA15F}) (Version: 3.2.3.368 - Open Text Corporation)
Lotus Notes 8.5.2 (HKLM\...\{07C69B3A-62B3-41BF-82EE-B3A87BD6EA0C}) (Version: 8.52.10222 - IBM)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Policy Platform (Version: 1.2.3602.0 - Microsoft Corporation) Hidden
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (NR2007) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
MozyPro (HKLM\...\{F7CED389-F093-D2B8-8495-7DDA8FF0D356}) (Version: 2.24.2.360 - Mozy, Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
Neat ADF Scanner 2008 Driver (HKLM\...\{A4A42670-82B9-4A58-8955-20271DBBF29F}) (Version: 2.0.0.61 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{58155B30-6BE9-4268-A059-149629149C63}) (Version: 2.0.0.56 - The Neat Company)
Neat Mobile Scanner (Silver) Driver (HKLM\...\{6EDB3FC5-8B7C-422A-B4FB-1D919F44F2C0}) (Version: 2.0.0.63 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{57F5920A-9897-4830-BD4A-BE85DA9734FF}) (Version: 2.0.0.69 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{11A53AF3-CAA5-4C29-887E-CCA7CEE2689B}) (Version: 2.0.0.122 - The Neat Company)
NeatWorks (HKLM\...\NeatWorks) (Version: 4.9.1.8 - The Neat Company)
NeatWorks Core Files (Version: 4.9.1.8 - The Neat Company) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
salesforce.com Offline Edition 2.0 (HKLM\...\{8F8E3F13-79E2-4045-8522-0CAE2FDDDFBC}) (Version: 1.235.228 - salesforce.com)
SAP BusinessObjects Analysis, edition for Microsoft Office (HKLM\...\SBOPAdvancedAnalysis) (Version: 1.3 - SAP AG)
SAP GUI for Windows 7.20 (HKLM\...\SAPGUI710) (Version: 7.20 Compilation 3 - SAP)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Simple Adblock (HKLM\...\{B4920103-09F6-4AD2-B150-CFC4474D2DDC}) (Version: 1.1.5 - Simple Adblock)
Specops Password Client (x86) (HKLM\...\{933A3C30-6302-44D2-8FA5-918D22A8FD46}) (Version: 4.1.1122.1 - Specops Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1146 - SUPERAntiSpyware.com)
Trend Micro OfficeScan Client (HKLM\...\OfficeScanNT) (Version: 10.6.5162 - Trend Micro)
True Burner 1.1 (HKLM\...\True Burner_is1) (Version:  - Glorylogic)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Verizon Toolbar (HKLM\...\verizontb) (Version: 6.0.0.40 - Verizon and Visicom Media Inc.)
VLC media player 1.1.7 (HKLM\...\VLC media player) (Version: 1.1.7 - VideoLAN)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.63.0 - Verizon)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-150485414-301174314-2440751699-8203_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1082\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2014-09-18 16:22 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
                          

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06BF7407-F2D9-4BFA-BF3E-CBB8BFD3D606} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection
Task: {23C9DC85-46AD-4D58-8CB1-5864CA5FBF7E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {60138A5B-A88E-4182-89D6-DB0ED86D2074} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {739DD3B2-469D-4274-8CEE-B51752924289} - System32\Tasks\{DA2EB3F7-F17D-88FA-9A29-3BD9AFF5AA9F} => C:\WINDOWS\system32\ctwvddy.dll [2014-09-14] ()
Task: {E628823A-29C8-40F8-9499-F04EC491D8CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F64152CF-3C6E-4A64-BED5-A14CFCD4D83C} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\WINDOWS\CCM\ccmeval.exe [2012-11-21] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-03-11 15:59 - 2001-10-28 20:42 - 00116224 _____ () C:\WINDOWS\System32\pdfcmnnt.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-22 17:45 - 2011-04-01 13:53 - 00499712 _____ () C:\Program Files\Trend Micro\OfficeScan Client\sqlite3.dll
2011-09-22 15:26 - 2011-07-08 08:37 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^mlaukha^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^9bjqlj6.lnk => C:\WINDOWS\pss\9bjqlj6.lnk.Startup

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2014 08:02:48 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 06:27:28 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 10:27:28 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 02:27:26 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 00:33:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/21/2014 00:33:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/20/2014 06:27:25 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/20/2014 10:27:24 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/20/2014 02:27:23 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/20/2014 00:33:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (09/21/2014 08:09:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%2

Error: (09/21/2014 08:09:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%2

Error: (09/21/2014 08:08:50 PM) (Source: DCOM) (EventID: 10016) (User: GLOBAL)
Description: application-specificLocalActivation{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}GLOBALMlaukhaS-1-5-21-150485414-301174314-2440751699-8203LocalHost (Using LRPC)

Error: (09/21/2014 08:08:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%2

Error: (09/21/2014 08:08:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%2

Error: (09/21/2014 08:07:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%2

Error: (09/21/2014 08:05:56 PM) (Source: DCOM) (EventID: 10016) (User: GLOBAL)
Description: application-specificLocalActivation{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}GLOBALMlaukhaS-1-5-21-150485414-301174314-2440751699-8203LocalHost (Using LRPC)

Error: (09/21/2014 08:05:19 PM) (Source: DCOM) (EventID: 10016) (User: GLOBAL)
Description: application-specificLocalActivation{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}GLOBALMlaukhaS-1-5-21-150485414-301174314-2440751699-8203LocalHost (Using LRPC)

Error: (09/21/2014 08:04:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%2

Error: (09/21/2014 08:04:15 PM) (Source: DCOM) (EventID: 10016) (User: GLOBAL)
Description: application-specificLocalActivation{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}GLOBALMlaukhaS-1-5-21-150485414-301174314-2440751699-8203LocalHost (Using LRPC)

Microsoft Office Sessions:
=========================
Error: (09/21/2014 08:02:48 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 06:27:28 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 10:27:28 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 02:27:26 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/21/2014 00:33:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Common Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe

Error: (09/21/2014 00:33:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Research In Motion\BlackBerry Desktop\MailServerMAPIProxy64.exe

Error: (09/20/2014 06:27:25 PM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/20/2014 10:27:24 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/20/2014 02:27:23 AM) (Source: AutoEnrollment) (EventID: 6) (User: )
Description: GLOBAL\Mlaukha0x8007003aThe specified server cannot perform the requested operation.

Error: (09/20/2014 00:33:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Common Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe

CodeIntegrity Errors:
===================================
  Date: 2014-02-20 16:52:09.201
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-20 16:30:44.036
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-20 16:17:27.247
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2011-05-09 14:52:28.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2011-05-09 14:44:28.257
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2011-05-09 14:27:52.657
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2011-05-09 14:15:33.986
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2011-05-09 14:02:12.241
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2011-05-09 13:51:09.562
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2011-05-05 18:24:22.927
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core i5-2540M CPU @ 2.60GHz
Percentage of memory in use: 46%
Total physical RAM: 3240.9 MB
Available physical RAM: 1739.8 MB
Total Pagefile: 6480.09 MB
Available Pagefile: 4456.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1869.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:161.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: DBCEB924)
Partition 1: (Not Active) - (Size=100 MB) - (Type=12)
Partition 2: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Thanks in advance

Mike

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Upload a File to Virustotal
Go to http://www.virustotal.com/

  • Click the Choose file button
  • Navigate to the file C:\WINDOWS\system32\ctwvddy.dll
  • Click the Scan it tab
  • If you get a message saying File has already been analyzed: click Reanalyze file now
  • Copy and paste the results back here please.
  • Repeat the above steps for the following files

C:\WINDOWS\system32\znpkf.dll

C:\Users\mlaukha\AppData\Roaming\peclze.dll

 

Next,

 

Open Malwarebytes Anti-Malware, from the Dashboard please Check for Updates by clicking the Update Now... link

When the update completes select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

 

When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

 

In most cases, a restart will be required.

 

 

Wait for the prompt to restart the computer to appear, then click on Yes.

 

 

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en'>https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

 

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window

In the "Scan Type" window, select Quick Scan

Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

 

1) Select the Windows key and R key together to open the "Run" function

2) Type or Copy/Paste the following command to the "Run Line" and Press Enter

notepad c:\windows\debug\mrt.log

 

Let me see those logs in your next reply....

 

Thank you,

 

Kevin..

 

 

Link to post
Share on other sites

Hi Kevin,

Thanks so much for helping me with this. I am pasting the first three Virustotal logs. The znpkf was in use and I didn't know how to shut it down:

 

Antivirus

Result

Update

AVG

Downloader.Generic14.ARY

20140922

Ad-Aware

Gen:Variant.Zusy.107369

20140922

Agnitum

Trojan.DL.Cerabit!

20140921

AhnLab-V3

Dropper/Win32.Necurs

20140922

Antiy-AVL

Trojan[Dropper]/Win32.Injector

20140922

Avast

Win32:Malware-gen

20140922

Avira

TR/Crypt.XPACK.Gen2

20140922

Baidu-International

Trojan.MSIL.Injector.BFIP

20140922

BitDefender

Gen:Variant.Zusy.107369

20140922

DrWeb

Trojan.DownLoader11.33314

20140922

ESET-NOD32

a variant of MSIL/Injector.FIP

20140922

Emsisoft

Gen:Variant.Zusy.107369 (B)

20140922

F-Secure

Gen:Variant.Zusy.107369

20140921

GData

Gen:Variant.Zusy.107369

20140922

Ikarus

Trojan.MSIL.Injector

20140922

Kingsoft

Win32.Troj.Undef.(kcloud)

20140922

McAfee

Artemis!0AEE2117A657

20140922

McAfee-GW-Edition

Artemis

20140922

MicroWorld-eScan

Gen:Variant.Zusy.107369

20140922

NANO-Antivirus

Trojan.Win32.XPACK.dffakl

20140922

Qihoo-360

Win32/Trojan.417

20140922

Sophos

Mal/Generic-S

20140922

VBA32

TScope.Trojan.MSIL

20140922

VIPRE

Trojan.Win32.Generic!BT

20140922

AegisLab

 

20140922

Bkav

 

20140922

ByteHero

 

20140922

CAT-QuickHeal

 

20140922

CMC

 

20140922

ClamAV

 

20140922

Comodo

 

20140922

Cyren

 

20140922

F-Prot

 

20140922

Fortinet

 

20140922

Jiangmin

 

20140921

K7AntiVirus

 

20140919

K7GW

 

20140919

Kaspersky

 

20140922

Malwarebytes

 

20140922

Microsoft

 

20140922

Norman

 

20140922

Panda

 

20140922

Rising

 

20140922

SUPERAntiSpyware

 

20140922

Symantec

 

20140922

Tencent

 

20140922

TheHacker

 

20140919

TotalDefense

 

20140922

ViRobot

 

20140922

Zillya

 

20140921

Zoner

 

20140919

nProtect

 

20140922

 

Znpkf.dll
This file is in use.
Enter a new name or close the file in another program.

 

Antivirus

Result

Update

AVG

Downloader.Generic14.ARY

20140922

Ad-Aware

Gen:Variant.Zusy.107369

20140922

Agnitum

Trojan.DL.Cerabit!

20140921

AhnLab-V3

Dropper/Win32.Necurs

20140922

Antiy-AVL

Trojan[Dropper]/Win32.Injector

20140922

Avast

Win32:Malware-gen

20140922

Avira

TR/Crypt.XPACK.Gen2

20140922

Baidu-International

Trojan.MSIL.Injector.BFIP

20140922

BitDefender

Gen:Variant.Zusy.107369

20140922

DrWeb

Trojan.DownLoader11.33314

20140922

ESET-NOD32

a variant of MSIL/Injector.FIP

20140922

Emsisoft

Gen:Variant.Zusy.107369 (B)

20140922

F-Secure

Gen:Variant.Zusy.107369

20140921

GData

Gen:Variant.Zusy.107369

20140922

Ikarus

Trojan.MSIL.Injector

20140922

McAfee

Artemis!DE50F847C8BE

20140922

McAfee-GW-Edition

BehavesLike.Win32.Backdoor.nh

20140922

MicroWorld-eScan

Gen:Variant.Zusy.107369

20140922

NANO-Antivirus

Trojan.Win32.XPACK.dffakl

20140922

Sophos

Mal/Generic-S

20140922

VBA32

TScope.Trojan.MSIL

20140922

AegisLab

 

20140922

Bkav

 

20140922

ByteHero

 

20140922

CAT-QuickHeal

 

20140922

CMC

 

20140922

ClamAV

 

20140922

Comodo

 

20140922

Cyren

 

20140922

F-Prot

 

20140922

Fortinet

 

20140922

Jiangmin

 

20140921

K7AntiVirus

 

20140919

K7GW

 

20140919

Kaspersky

 

20140922

Kingsoft

 

20140922

Malwarebytes

 

20140922

Microsoft

 

20140922

Norman

 

20140922

Panda

 

20140922

Qihoo-360

 

20140922

Rising

 

20140922

SUPERAntiSpyware

 

20140922

Symantec

 

20140922

Tencent

 

20140922

TheHacker

 

20140919

TotalDefense

 

20140922

TrendMicro

 

20140922

VIPRE

 

20140922

ViRobot

 

20140922

Zillya

 

20140921

Zoner

 

20140919

nProtect

 

20140922

 

 

 

 

 

Antivirus

Result

Update

AVG

Downloader.Generic14.ARY

20140922

Ad-Aware

Gen:Variant.Zusy.107369

20140922

Agnitum

Trojan.DL.Cerabit!

20140921

AhnLab-V3

Dropper/Win32.Necurs

20140922

Antiy-AVL

Trojan[Dropper]/Win32.Injector

20140922

Avast

Win32:Malware-gen

20140922

Avira

TR/Crypt.XPACK.Gen2

20140922

Baidu-International

Trojan.MSIL.Injector.BFIP

20140922

BitDefender

Gen:Variant.Zusy.107369

20140922

DrWeb

Trojan.DownLoader11.33314

20140922

ESET-NOD32

a variant of MSIL/Injector.FIP

20140922

Emsisoft

Gen:Variant.Zusy.107369 (B)

20140922

F-Secure

Gen:Variant.Zusy.107369

20140921

GData

Gen:Variant.Zusy.107369

20140922

Ikarus

Trojan.MSIL.Injector

20140922

Kingsoft

Win32.Troj.Undef.(kcloud)

20140922

McAfee

Artemis!0AEE2117A657

20140922

McAfee-GW-Edition

Artemis

20140922

MicroWorld-eScan

Gen:Variant.Zusy.107369

20140922

NANO-Antivirus

Trojan.Win32.XPACK.dffakl

20140922

Qihoo-360

Win32/Trojan.417

20140922

Sophos

Mal/Generic-S

20140922

VBA32

TScope.Trojan.MSIL

20140922

VIPRE

Trojan.Win32.Generic!BT

20140922

AegisLab

 

20140922

Bkav

 

20140922

ByteHero

 

20140922

CAT-QuickHeal

 

20140922

CMC

 

20140922

ClamAV

 

20140922

Comodo

 

20140922

Cyren

 

20140922

F-Prot

 

20140922

Fortinet

 

20140922

Jiangmin

 

20140921

K7AntiVirus

 

20140919

K7GW

 

20140919

Kaspersky

 

20140922

Malwarebytes

 

20140922

Microsoft

 

20140922

Norman

 

20140922

Panda

 

20140922

Rising

 

20140922

SUPERAntiSpyware

 

20140922

Symantec

 

20140922

Tencent

 

20140922

TheHacker

 

20140919

TotalDefense

 

20140922

ViRobot

 

20140922

Zillya

 

20140921

Zoner

 

20140919

nProtect

 

20140922

 

Znpkf.dll
This file is in use.
Enter a new name or close the file in another program.

 

Antivirus

Result

Update

AVG

Downloader.Generic14.ARY

20140922

Ad-Aware

Gen:Variant.Zusy.107369

20140922

Agnitum

Trojan.DL.Cerabit!

20140921

AhnLab-V3

Dropper/Win32.Necurs

20140922

Antiy-AVL

Trojan[Dropper]/Win32.Injector

20140922

Avast

Win32:Malware-gen

20140922

Avira

TR/Crypt.XPACK.Gen2

20140922

Baidu-International

Trojan.MSIL.Injector.BFIP

20140922

BitDefender

Gen:Variant.Zusy.107369

20140922

DrWeb

Trojan.DownLoader11.33314

20140922

ESET-NOD32

a variant of MSIL/Injector.FIP

20140922

Emsisoft

Gen:Variant.Zusy.107369 (B)

20140922

F-Secure

Gen:Variant.Zusy.107369

20140921

GData

Gen:Variant.Zusy.107369

20140922

Ikarus

Trojan.MSIL.Injector

20140922

McAfee

Artemis!DE50F847C8BE

20140922

McAfee-GW-Edition

BehavesLike.Win32.Backdoor.nh

20140922

MicroWorld-eScan

Gen:Variant.Zusy.107369

20140922

NANO-Antivirus

Trojan.Win32.XPACK.dffakl

20140922

Sophos

Mal/Generic-S

20140922

VBA32

TScope.Trojan.MSIL

20140922

AegisLab

 

20140922

Bkav

 

20140922

ByteHero

 

20140922

CAT-QuickHeal

 

20140922

CMC

 

20140922

ClamAV

 

20140922

Comodo

 

20140922

Cyren

 

20140922

F-Prot

 

20140922

Fortinet

 

20140922

Jiangmin

 

20140921

K7AntiVirus

 

20140919

K7GW

 

20140919

Kaspersky

 

20140922

Kingsoft

 

20140922

Malwarebytes

 

20140922

Microsoft

 

20140922

Norman

 

20140922

Panda

 

20140922

Qihoo-360

 

20140922

Rising

 

20140922

SUPERAntiSpyware

 

20140922

Symantec

 

20140922

Tencent

 

20140922

TheHacker

 

20140919

TotalDefense

 

20140922

TrendMicro

 

20140922

VIPRE

 

20140922

ViRobot

 

20140922

Zillya

 

20140921

Zoner

 

20140919

nProtect

 

20140922

 

 

 

Now the MBAM log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/22/2014
Scan Time: 8:56:32 AM
Logfile: MBAM scan log 9-22-14.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.22.02
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Mlaukha

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 443819
Time Elapsed: 15 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

And the MRT log:

Microsoft Windows Malicious Software Removal Tool v3.17, March 2011
Started On Wed Mar 09 20:03:37 2011
->Scan ERROR: resource process://pid:1000 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:572 (code 0x00000490 (1168))

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Mar 09 20:04:12 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v3.18, April 2011
Started On Thu May 05 12:03:02 2011
->Scan ERROR: resource process://pid:2484 (code 0x00000490 (1168))

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu May 05 12:03:46 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.0, September 2011
Started On Wed Oct 05 13:47:13 2011
->Scan ERROR: resource process://pid:360 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4960 (code 0x00000490 (1168))

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 05 13:47:57 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.5, October 2013 (build 5.5.9502.0)
Started On Fri Oct 25 08:31:09 2013

Engine: 1.1.9901.0
Signatures: 1.159.530.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 25 08:32:47 2013

Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.10, March 2014 (build 5.10.10001.0)
Started On Wed Mar 26 16:11:46 2014

Engine: 1.1.10302.0
Signatures: 1.167.1001.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Mar 26 16:13:49 2014

Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.16, September 2014 (build 5.16.10602.0)
Started On Mon Sep 22 09:22:10 2014

Engine: 1.1.10904.0
Signatures: 1.183.882.0

Results Summary:
----------------
No infection found.
Failed to submit MAPS report: 0x80072EE2
Microsoft Windows Malicious Software Removal Tool Finished On Mon Sep 22 09:37:08 2014

Return code: 0 (0x0)

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

next,

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin.

 

(To run ESET Online Scanner in a browser other than Internet Explorer, you'll need to download ESET SMART  Installer during the process)

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is UNticked
Click on Advanced Settings, ensure the following options are checked:
 
Scan for potentially unsafe applications
Enable Anti-Stealth Technology
 
Select "Change" next to Current scan targets A new window will open, select any extra drives, Flash drives etc as required.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

let me see those logs, also give an update on any remaining issues or concerns....

 

Kevin....

Fixlist.txt

Link to post
Share on other sites

Here's the FRST text:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by Mlaukha at 2014-09-22 13:54:24 Run:1
Running from C:\Users\mlaukha\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
Toolbar: HKLM - Verizon Toolbar - {f8d96645-337c-419b-8792-b6c126145811} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
C:\WINDOWS\system32\u
C:\WINDOWS\system32\ctwvddy.dll
C:\Users\mlaukha\AppData\Roaming\peclze.dll
C:\WINDOWS\system32\znpkf.dll
Emptytemp:
End

*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{f8d96645-337c-419b-8792-b6c126145811} => value deleted successfully.
"HKCR\CLSID\{f8d96645-337c-419b-8792-b6c126145811}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
C:\WINDOWS\system32\u => Moved successfully.
C:\WINDOWS\system32\ctwvddy.dll => Moved successfully.
C:\Users\mlaukha\AppData\Roaming\peclze.dll => Moved successfully.
Could not move "C:\WINDOWS\system32\znpkf.dll" => Scheduled to move on reboot.
EmptyTemp: => Removed 170.6 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-22 14:26:53)<=

C:\WINDOWS\system32\znpkf.dll => Is moved successfully.

==== End of Fixlog ====

 

When I tried to run the ESET, I got an error saying "An add-on for this website failed to run"

My computer is working a whole lot better, so you may have fixed things, but if there's another scan you want me to run, let me know and I'll do it.

Link to post
Share on other sites

If ESET will not run leave for now and run the following instead....

 

Download Dr Web Cureit from here http://www.freedrweb.com/cureit save to your desktop. (Scroll to bottom of page)

 

  • The file will be randomly named
  • Reboot to safe mode
  • Run Dr Web
  • Tick the I agree box and select continue
  • Click select objects for scanning
     
    drwebselect.JPG
     
  • Tick all boxes as shown
  • Click the wrench and select automatically apply actions to threats
     
    drwebfolders.JPG
     
  • Press start scan
  • The scan will now commence
     
    drwebscan.JPG
     
  • Once the scan has finished click open report
     
    drwebscancomplete.JPG
     
  • A notepad will open
  • Select File > Save as..
  • Save it to your desktop

 

This log will be excessive,  Attach it to your next reply…

Link to post
Share on other sites

Yes is a very thorough scanner, log is clean so system should be ok.... Continue please:

 

Adobe Reader is outdated...

Visit http://get.adobe.com/uk/reader/otherversions/ and download the latest version of Acrobat Reader

 

Step 1 - Select your Operating System.

Step 2 - Select your Langauge.

Step 3 - Select latest version.

 

Untick the option for any security scanner or toolbar if offered.

 

Download and install.

 

Having the latest updates ensures there are no security vulnerabilities in your system.

 

Next,

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very Important

 

Next,

 

If no remaining issues or concerns run the following to clean up:

 

Download "Delfix by Xplode" and save it to your desktop.

 

Or use the following if first link is down:

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


    Activate UAC
    Remove disinfection tools
    Create registry backup
    Purge System Restore
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Part of the routine will be to create a registry back up with ERUNT,  the back up will be created here:

 

C:\Windows\ERUNT

 

When all is known to be well with your system you can delete that back up folder if you consider it as not needed...

 

Next,

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

let me know if we can close out...

 

Regards,

 

Kevin...

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.