Pollyanna584 Posted February 17, 2015 ID:940531 Share Posted February 17, 2015 My computer has been infected with Bikiniland which is opening as my home page and making my computer run a lot slower. I've gone through some of the threads that have already been opened on this subject but they seemed to be solved in a case specific manner. What can I do to fix this problem? Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted February 17, 2015 ID:940532 Share Posted February 17, 2015 Hello, They call me TwinHeadedEagle around here, and I'll try to help your with your issue. Before we start please read and note the following:We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.Limit your internet access to posting here, some infections just wait to steal typed-in passwords.Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me! There are no silly questions. Never be afraid to ask if in doubt! Rules and policies We won't support any piracy. That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding! Failure to follow these guidelines will result with closing your topic and withdrawning any assistance. Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.Only one of them will run on your system, that will be the right version. Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Link to post Share on other sites More sharing options...
Pollyanna584 Posted February 17, 2015 Author ID:940548 Share Posted February 17, 2015 Ran,: FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015Ran by Courtneylynn (administrator) on LENOVO-PC on 17-02-2015 17:16:50Running from C:\Users\Courtneylynn\DesktopLoaded Profiles: Courtneylynn (Available profiles: Courtneylynn)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe() C:\Program Files\CyberLink\Shared files\RichVideo64.exe(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe() C:\Windows\SysWOW64\UMonit64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Realtek semiconductor) C:\Windows\RTFTrack.exe(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe(Dropbox, Inc.) C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\Dropbox.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13648600 2013-08-29] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-03-26] (Lenovo (Beijing) Limited)HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-03-26] (Lenovo(beijing) Limited)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)HKLM\...\Run: [MouseDriver] => C:\windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM-x32\...\Run: [updateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643576 2014-11-13] (McAfee, Inc.)HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exeHKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1055952 2014-12-02] (Carbonite, Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGONHKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Run: [Google Update] => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-20] (Google Inc.)AppInit_DLLs-x32: C:/PROGRA~3/{CD422~1/191~1.1/laci.dll => C:/PROGRA~3/{CD422~1/191~1.1/laci.dll [964608 2015-02-17] ()Startup: C:\Users\Courtneylynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\Courtneylynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnkShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-4076630929-1860452621-1202726728-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://binkiland.com/?f=1&a=bnk_omxmedia_15_08&cd=2XzuyEtN2Y1L1Qzu0A0EyB0B0AtCyEyBzz0A0AtCzy0AyE0CtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFyBtFzytN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0FzztA0ByE0DtCtGtDtB0CyCtGtB0AyD0CtGzyyD0E0CtGyE0FtAzztB0AtAyBtB0FyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtDyCzytAyEtAyBtGyC0FtAyEtGyEzy0D0BtGzytDzzyCtGyB0C0C0FyC0FyDyE0FyD0CyD2Q&cr=379844675&ir=HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJBHKU\S-1-5-21-4076630929-1860452621-1202726728-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.comSearchScopes: HKLM -> DefaultScope {AE2CD9D7-53F0-4D2F-9471-CE81163B5332} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_suma_14_30_ie&cd=2XzuyEtN2Y1L1Qzu0A0EyB0B0AtCyEyBzz0A0AtCzy0AyE0CtN0D0Tzu0SzytAyBtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0B0EyDtB0A0CyCtGtByBzztDtGzytCtB0EtG0BtD0BzztGtC0F0FyEyE0CtByEyEtDyCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtByDyE0A0ByDzztG0C0CtBtDtGyEtCzz0AtG0AtB0DzytG0FtCyBtAyB0E0C0C0ByC0AyC2Q&cr=2094637768&ir=SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = SearchScopes: HKLM -> {AE2CD9D7-53F0-4D2F-9471-CE81163B5332} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_suma_14_30_ie&cd=2XzuyEtN2Y1L1Qzu0A0EyB0B0AtCyEyBzz0A0AtCzy0AyE0CtN0D0Tzu0SzytAyBtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0B0EyDtB0A0CyCtGtByBzztDtGzytCtB0EtG0BtD0BzztGtC0F0FyEyE0CtByEyEtDyCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtByDyE0A0ByDzztG0C0CtBtDtGyEtCzz0AtG0AtB0DzytG0FtCyBtAyB0E0C0C0ByC0AyC2Q&cr=2094637768&ir=SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002 -> DefaultScope {F5FB6AE5-D24B-4863-A665-908D8B3A97F0} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US0D20140801&p={searchTerms}SearchScopes: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002 -> {BDCD7192-B320-11E4-8287-AC7BA1478AA5} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_omxmedia_15_08&cd=2XzuyEtN2Y1L1Qzu0A0EyB0B0AtCyEyBzz0A0AtCzy0AyE0CtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFyBtFzytN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0FzztA0ByE0DtCtGtDtB0CyCtGtB0AyD0CtGzyyD0E0CtGyE0FtAzztB0AtAyBtB0FyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtDyCzytAyEtAyBtGyC0FtAyEtGyEzy0D0BtGzytDzzyCtGyB0C0C0FyC0FyDyE0FyD0CyD2Q&cr=379844675&ir=SearchScopes: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002 -> {F5FB6AE5-D24B-4863-A665-908D8B3A97F0} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US0D20140801&p={searchTerms}BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO: Consumer Input DCA BHO -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> C:\Program Files (x86)\Consumer Input\InternetExplorer\x64\dca-bho.dll No FileBHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll ()BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox:========FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKU\S-1-5-21-4076630929-1860452621-1202726728-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Courtneylynn\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKU\S-1-5-21-4076630929-1860452621-1202726728-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Courtneylynn\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKU\S-1-5-21-4076630929-1860452621-1202726728-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Courtneylynn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-08-01]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-08-01]FF HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12099.xpi Chrome: =======CHR HomePage: Default -> hxxp://binkiland.com/?f=1&a=bnk_omxmedia_15_08&cd=2XzuyEtN2Y1L1Qzu0A0EyB0B0AtCyEyBzz0A0AtCzy0AyE0CtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFyBtFzytN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0FzztA0ByE0DtCtGtDtB0CyCtGtB0AyD0CtGzyyD0E0CtGyE0FtAzztB0AtAyBtB0FyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtDyCzytAyEtAyBtGyC0FtAyEtGyEzy0D0BtGzytDzzyCtGyB0C0C0FyC0FyDyE0FyD0CyD2Q&cr=379844675&ir=CHR StartupUrls: Default -> "hxxp://binkiland.com/?f=7&a=bnk_omxmedia_15_08&cd=2XzuyEtN2Y1L1Qzu0A0EyB0B0AtCyEyBzz0A0AtCzy0AyE0CtN0D0Tzu0StCtCyEtAtN1L2XzutAtFyBtFyBtFzytN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0FzztA0ByE0DtCtGtDtB0CyCtGtB0AyD0CtGzyyD0E0CtGyE0FtAzztB0AtAyBtB0FyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtDyCzytAyEtAyBtGyC0FtAyEtGyEzy0D0BtGzytDzzyCtGyB0C0C0FyC0FyDyE0FyD0CyD2Q&cr=379844675&ir=", "hxxp://homepage-web.com/?s=lenovo&m=start"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-20]CHR Extension: (Google Drive) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-20]CHR Extension: (YouTube) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-20]CHR Extension: (Google Cast) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-09-20]CHR Extension: (Adblock Plus) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-20]CHR Extension: (Google Search) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]CHR Extension: (SiteAdvisor) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-08-01]CHR Extension: (Reddit Enhancement Suite) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-07-22]CHR Extension: (Google Wallet) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]CHR Extension: (Hover Zoom) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-08-30]CHR Extension: (Gmail) - C:\Users\Courtneylynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20]CHR HKLM\...\Chrome\Extension: [elggllhppljlljkgfeokjpehmdamkejk] - No PathCHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-12]CHR HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Chrome\Extension: [elggllhppljlljkgfeokjpehmdamkejk] - No PathCHR HKLM-x32\...\Chrome\Extension: [elggllhppljlljkgfeokjpehmdamkejk] - No PathCHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-12]StartMenuInternet: Google Chrome - chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-11-01] (BitRaider, LLC)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-23] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-12] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [660544 2014-12-04] (McAfee, Inc.)R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [604448 2014-12-17] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [228000 2014-12-19] (McAfee, Inc.)R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [312952 2014-12-20] (McAfee, Inc.)R2 mfevtp; C:\windows\system32\mfevtps.exe [221320 2014-12-19] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()S2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugincontainer.exe [577272 2015-02-17] () [File not signed]R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [126568 2015-02-17] (RaMMicHaeL)S2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [384760 2015-02-17] () [File not signed]S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)S2 TeamViewer9; "C:\Users\Courtneylynn\Desktop\TeamViewer_Service.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-11-01] (BitRaider)R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70984 2014-12-19] (McAfee, Inc.)U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-15] (GenesysLogic)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-23] (Intel Corporation)S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-17] (Malwarebytes Corporation)R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-10-09] (McAfee, Inc.)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [368904 2014-12-19] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [340192 2014-12-19] (McAfee, Inc.)R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [100080 2014-12-19] (McAfee, Inc.)S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82584 2014-12-19] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [532424 2014-12-19] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [886488 2014-12-19] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2014-11-08] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2014-11-08] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [349328 2014-12-19] (McAfee, Inc.)R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)S3 ETDSMBus; \SystemRoot\system32\DRIVERS\ETDSMBus.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-17 17:16 - 2015-02-17 17:17 - 00034387 _____ () C:\Users\Courtneylynn\Desktop\FRST.txt2015-02-17 17:16 - 2015-02-17 17:16 - 02085888 _____ (Farbar) C:\Users\Courtneylynn\Downloads\FRST64 (1).exe2015-02-17 17:16 - 2015-02-17 17:16 - 02085888 _____ (Farbar) C:\Users\Courtneylynn\Desktop\FRST64.exe2015-02-17 17:16 - 2015-02-17 17:16 - 00000000 ____D () C:\FRST2015-02-17 17:10 - 2015-02-17 17:12 - 00053018 _____ () C:\windows\WindowsUpdate.log2015-02-17 16:30 - 2015-02-17 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices2015-02-17 16:28 - 2015-02-17 16:28 - 00000348 _____ () C:\windows\setupact.log2015-02-17 16:28 - 2015-02-17 16:28 - 00000000 _____ () C:\windows\setuperr.log2015-02-17 15:57 - 2015-02-17 15:57 - 05325208 _____ (Piriform Ltd) C:\Users\Courtneylynn\Downloads\ccsetup502.exe2015-02-17 15:57 - 2015-02-17 15:57 - 05325208 _____ (Piriform Ltd) C:\Users\Courtneylynn\Downloads\ccsetup502 (1).exe2015-02-17 15:56 - 2015-02-17 15:56 - 00000629 _____ () C:\Users\Courtneylynn\Desktop\JRT.txt2015-02-17 15:28 - 2015-02-17 15:28 - 00003886 _____ () C:\windows\System32\Tasks\Adobe Acrobat Update Task2015-02-17 15:20 - 2015-02-17 15:21 - 01388274 _____ (Thisisu) C:\Users\Courtneylynn\Downloads\JRT.exe2015-02-17 13:06 - 2015-02-17 13:06 - 00070295 _____ () C:\Users\Courtneylynn\Desktop\tree.psd2015-02-17 13:00 - 2015-02-17 13:00 - 00220831 _____ () C:\Users\Courtneylynn\Desktop\treeee.psd2015-02-17 12:58 - 2015-02-17 12:58 - 00219933 _____ () C:\Users\Courtneylynn\Desktop\Untitled-1.psd2015-02-17 11:31 - 2015-02-17 11:31 - 00000041 _____ () C:\Users\Courtneylynn\AppData\Roaming\WB.CFG2015-02-17 09:32 - 2015-02-17 09:34 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Local\Binkiland2015-02-17 09:32 - 2015-02-17 09:32 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2015-02-17 09:32 - 2015-02-17 09:32 - 00002050 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk2015-02-17 09:31 - 2015-02-17 16:31 - 00000798 _____ () C:\windows\Tasks\Binkiland laci.job2015-02-17 09:31 - 2015-02-17 16:31 - 00000332 _____ () C:\windows\Tasks\Binkiland.job2015-02-17 09:31 - 2015-02-17 09:31 - 00003814 _____ () C:\windows\System32\Tasks\Binkiland laci2015-02-17 09:31 - 2015-02-17 09:31 - 00002670 _____ () C:\windows\System32\Tasks\Binkiland2015-02-17 09:31 - 2015-02-17 09:31 - 00000000 ____D () C:\ProgramData\{CD422581-9DC0-F407-2C46-8485FCC4570B}2015-02-17 09:30 - 2015-02-17 15:19 - 00000000 ____D () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce2015-02-17 09:30 - 2015-02-17 09:31 - 00000000 ____D () C:\Program Files (x86)\WSE_Binkiland2015-02-17 09:30 - 2015-02-17 09:30 - 00000000 ____D () C:\ProgramData\Unchecky2015-02-17 09:30 - 2015-02-17 09:30 - 00000000 ____D () C:\Program Files (x86)\Unchecky2015-02-17 09:30 - 2015-02-17 09:30 - 00000000 ____D () C:\Program Files (x86)\Strong Signal2015-02-17 09:30 - 2015-02-17 09:30 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input2015-02-17 09:29 - 2015-02-17 09:29 - 00740032 _____ (Web Program Generic ) C:\Users\Courtneylynn\Downloads\Adobe Reader.exe2015-02-13 16:14 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2015-02-13 16:14 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2015-02-12 19:29 - 2015-02-12 19:30 - 00010482 _____ () C:\Users\Courtneylynn\Documents\Uninstall STAR WARS The Old Republic.log2015-02-10 16:41 - 2015-01-15 16:43 - 00563504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys2015-02-10 16:41 - 2015-01-15 16:43 - 00177984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys2015-02-10 16:41 - 2015-01-13 22:22 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll2015-02-10 16:41 - 2015-01-13 21:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll2015-02-10 16:41 - 2015-01-13 16:11 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll2015-02-10 16:41 - 2015-01-13 16:04 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll2015-02-10 16:41 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2015-02-10 16:41 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2015-02-10 16:41 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2015-02-10 16:41 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2015-02-10 16:41 - 2015-01-11 20:34 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll2015-02-10 16:41 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2015-02-10 16:41 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2015-02-10 16:41 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2015-02-10 16:41 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2015-02-10 16:41 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2015-02-10 16:41 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2015-02-10 16:41 - 2015-01-11 19:58 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll2015-02-10 16:41 - 2015-01-11 19:55 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll2015-02-10 16:41 - 2015-01-11 19:51 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll2015-02-10 16:41 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2015-02-10 16:41 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2015-02-10 16:41 - 2015-01-11 19:48 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2015-02-10 16:41 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2015-02-10 16:41 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2015-02-10 16:41 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2015-02-10 16:41 - 2015-01-11 19:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll2015-02-10 16:41 - 2015-01-11 19:30 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll2015-02-10 16:41 - 2015-01-11 19:27 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll2015-02-10 16:41 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2015-02-10 16:41 - 2015-01-11 19:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll2015-02-10 16:41 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2015-02-10 16:41 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2015-02-10 16:41 - 2015-01-11 19:23 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2015-02-10 16:41 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2015-02-10 16:41 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2015-02-10 16:41 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2015-02-10 16:41 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2015-02-10 16:41 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2015-02-10 16:41 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2015-02-10 16:41 - 2015-01-10 03:10 - 07472960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2015-02-10 16:41 - 2015-01-10 03:10 - 01733440 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll2015-02-10 16:41 - 2015-01-10 02:28 - 01498360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll2015-02-10 16:41 - 2015-01-10 01:00 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll2015-02-10 16:41 - 2015-01-10 00:38 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll2015-02-10 16:41 - 2014-12-08 21:45 - 00393728 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll2015-02-10 16:41 - 2014-12-08 19:56 - 00538624 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll2015-02-10 16:41 - 2014-10-28 20:51 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll2015-02-10 16:41 - 2014-10-28 20:50 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll2015-02-10 16:41 - 2014-10-28 20:06 - 00736768 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll2015-02-10 16:41 - 2014-10-28 20:06 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll2015-02-10 16:41 - 2014-10-28 20:02 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll2015-02-10 16:41 - 2014-10-28 20:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll2015-02-10 16:41 - 2014-10-28 19:57 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll2015-02-10 16:41 - 2014-10-28 19:31 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll2015-02-10 16:41 - 2014-10-28 19:15 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll2015-02-10 16:41 - 2014-10-28 19:15 - 00005632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll2015-02-10 16:41 - 2014-10-28 19:14 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe2015-02-10 16:41 - 2014-10-28 19:13 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe2015-02-10 16:41 - 2014-10-28 19:13 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe2015-02-10 16:40 - 2015-01-10 02:22 - 04175872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys2015-02-07 20:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll2015-02-07 20:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll2015-02-07 20:00 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll2015-02-07 20:00 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll2015-02-07 20:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll2015-02-07 20:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll2015-02-07 20:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll2015-02-07 20:00 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll2015-02-07 20:00 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll2015-02-07 20:00 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll2015-02-07 20:00 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll2015-02-07 20:00 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll2015-02-07 20:00 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll2015-02-07 20:00 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll2015-02-07 20:00 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll2015-02-07 20:00 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll2015-02-07 20:00 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll2015-02-07 20:00 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll2015-02-07 20:00 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll2015-02-07 20:00 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll2015-02-07 20:00 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll2015-02-07 20:00 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll2015-02-07 20:00 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll2015-02-07 20:00 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll2015-02-07 20:00 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll2015-02-07 20:00 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll2015-02-07 20:00 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_41.dll2015-02-07 20:00 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll2015-02-07 20:00 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_41.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll2015-02-07 20:00 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll2015-02-07 20:00 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll2015-02-07 20:00 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll2015-02-07 20:00 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll2015-02-07 20:00 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll2015-02-07 20:00 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll2015-02-07 20:00 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll2015-02-07 20:00 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll2015-02-07 20:00 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll2015-02-07 20:00 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll2015-02-07 20:00 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll2015-02-07 20:00 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll2015-02-07 20:00 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll2015-02-07 20:00 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll2015-02-07 20:00 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll2015-02-07 20:00 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll2015-02-07 20:00 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll2015-02-07 20:00 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll2015-02-07 20:00 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll2015-02-07 20:00 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll2015-02-07 20:00 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll2015-02-07 20:00 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll2015-02-07 20:00 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll2015-02-07 20:00 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll2015-02-07 20:00 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll2015-02-07 20:00 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll2015-02-07 20:00 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll2015-02-07 20:00 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll2015-02-07 20:00 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll2015-02-07 20:00 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll2015-02-07 20:00 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll2015-02-07 20:00 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll2015-02-07 20:00 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll2015-02-07 20:00 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll2015-02-07 20:00 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll2015-02-07 20:00 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll2015-02-07 20:00 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll2015-02-07 20:00 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll2015-02-07 20:00 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll2015-02-07 20:00 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll2015-02-07 20:00 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll2015-02-07 20:00 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll2015-02-07 20:00 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll2015-02-07 20:00 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll2015-02-07 20:00 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll2015-02-07 20:00 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll2015-02-07 20:00 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll2015-02-07 20:00 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll2015-02-07 20:00 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll2015-02-07 20:00 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll2015-02-07 20:00 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll2015-02-07 20:00 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll2015-02-07 20:00 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll2015-02-07 19:59 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll2015-02-07 19:59 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll2015-02-07 19:59 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll2015-02-07 19:59 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll2015-02-07 19:59 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll2015-02-07 19:59 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll2015-02-07 19:59 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll2015-02-07 19:59 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll2015-02-07 19:59 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll2015-02-07 19:59 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll2015-02-07 19:59 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll2015-02-07 19:59 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll2015-02-07 19:59 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll2015-02-07 19:59 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll2015-02-07 19:59 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll2015-02-07 19:59 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll2015-02-07 19:59 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll2015-02-07 19:59 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll2015-02-07 19:59 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll2015-02-07 19:59 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll2015-02-07 19:59 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll2015-02-07 19:59 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll2015-02-07 19:59 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll2015-02-07 19:59 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll2015-02-07 19:59 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll2015-02-07 19:59 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll2015-02-07 19:59 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll2015-02-07 19:59 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll2015-02-07 19:59 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll2015-02-07 19:59 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll2015-02-07 19:59 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll2015-02-07 19:59 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll2015-02-07 19:59 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll2015-02-07 19:59 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll2015-02-07 19:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll2015-02-07 19:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll2015-02-07 19:59 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll2015-02-07 19:59 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll2015-02-07 19:59 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll2015-02-07 19:59 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll2015-02-07 19:59 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll2015-02-07 19:59 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll2015-02-07 19:59 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll2015-02-07 19:59 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll2015-02-07 19:59 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll2015-02-07 19:59 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll2015-02-07 19:59 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll2015-02-07 19:59 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll2015-02-07 19:59 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll2015-02-07 19:59 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll2015-02-07 19:59 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll2015-02-07 19:59 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_1.dll2015-02-07 19:59 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll2015-02-07 19:59 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_1.dll2015-02-07 19:59 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll2015-02-07 19:59 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll2015-02-07 19:59 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll2015-02-07 19:59 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll2015-02-07 19:59 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll2015-02-07 19:59 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_0.dll2015-02-07 19:59 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll2015-02-07 19:59 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll2015-02-07 19:59 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll2015-02-07 19:59 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll2015-02-07 19:58 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll2015-02-07 19:58 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll2015-02-07 19:58 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll2015-02-07 19:58 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll2015-02-07 19:58 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll2015-02-07 19:58 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll2015-02-06 20:08 - 2015-02-06 20:08 - 00472830 _____ () C:\Users\Courtneylynn\Downloads\TreeCampusUSA_logo.eps2015-02-03 19:54 - 2015-02-17 16:59 - 00000956 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d0401d85fdf62e.job2015-02-03 19:54 - 2015-02-15 19:59 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d0401d85d53b5b.job2015-02-03 19:54 - 2015-02-03 19:54 - 00003916 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d0401d85fdf62e2015-02-03 19:54 - 2015-02-03 19:54 - 00003536 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d0401d85d53b5b2015-01-29 13:41 - 2015-01-29 13:42 - 00012168 _____ () C:\Users\Courtneylynn\Desktop\Jan28LSA.xlsx2015-01-28 20:14 - 2015-01-28 20:15 - 00000000 ____D () C:\Users\Courtneylynn\Downloads\ITunes2015-01-27 16:41 - 2015-01-27 17:21 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\Apple Computer2015-01-27 16:41 - 2015-01-27 16:41 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk2015-01-27 16:41 - 2015-01-27 16:41 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Local\Apple Computer2015-01-27 16:41 - 2015-01-27 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-01-27 16:41 - 2015-01-27 16:41 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-01-27 16:41 - 2015-01-27 16:41 - 00000000 ____D () C:\ProgramData\Apple Computer2015-01-27 16:41 - 2015-01-27 16:41 - 00000000 ____D () C:\Program Files\iTunes2015-01-27 16:41 - 2015-01-27 16:41 - 00000000 ____D () C:\Program Files\iPod2015-01-27 16:41 - 2015-01-27 16:41 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-01-27 16:41 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\windows\system32\Drivers\GEARAspiWDM.sys2015-01-27 16:40 - 2015-01-27 16:41 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-01-27 16:40 - 2015-01-27 16:40 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk2015-01-27 16:40 - 2015-01-27 16:40 - 00000000 ____D () C:\windows\System32\Tasks\Apple2015-01-27 16:40 - 2015-01-27 16:40 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Local\Apple2015-01-27 16:40 - 2015-01-27 16:40 - 00000000 ____D () C:\ProgramData\Apple2015-01-27 16:40 - 2015-01-27 16:40 - 00000000 ____D () C:\Program Files\Bonjour2015-01-27 16:40 - 2015-01-27 16:40 - 00000000 ____D () C:\Program Files (x86)\Bonjour2015-01-27 16:40 - 2015-01-27 16:40 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update2015-01-25 15:38 - 2015-01-25 15:38 - 02143232 _____ () C:\Users\Courtneylynn\Downloads\LAVU LBW TRAINER CARD (1).pub2015-01-25 13:13 - 2015-01-25 13:13 - 00021006 _____ () C:\Users\Courtneylynn\Downloads\LAVU LBW.xlsx2015-01-25 13:12 - 2015-01-25 13:12 - 02143232 _____ () C:\Users\Courtneylynn\Downloads\LAVU LBW TRAINER CARD.pub2015-01-23 22:36 - 2015-01-23 22:36 - 07971467 _____ () C:\Users\Courtneylynn\Downloads\IntroductionToElements&Principles_2_smaller.pptx2015-01-23 22:07 - 2015-01-23 22:10 - 00990266 _____ () C:\Users\Courtneylynn\Downloads\IntroductionToElements&Principles_2_smaller (1).pptx2015-01-23 01:33 - 2014-10-09 14:32 - 00076064 _____ (McAfee, Inc.) C:\windows\system32\Drivers\McPvDrv.sys2015-01-23 01:33 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-17 17:11 - 2014-06-13 12:23 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4076630929-1860452621-1202726728-10022015-02-17 17:00 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\sru2015-02-17 16:53 - 2014-10-21 21:37 - 00005004 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Courtneylynn Lenovo-PC2015-02-17 16:42 - 2014-10-19 07:32 - 00000956 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1cfeba11ab8f427.job2015-02-17 16:37 - 2014-09-20 23:27 - 00000956 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA.job2015-02-17 16:35 - 2014-06-20 09:15 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-17 16:35 - 2013-10-07 12:27 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI2015-02-17 16:31 - 2014-08-01 17:48 - 00000000 __RSD () C:\Users\Courtneylynn\Documents\McAfee Vaults2015-02-17 16:30 - 2014-12-01 15:18 - 00000000 ___RD () C:\Users\Courtneylynn\Dropbox2015-02-17 16:30 - 2014-12-01 15:16 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\Dropbox2015-02-17 16:30 - 2014-06-13 12:23 - 00000000 ___DO () C:\Users\Courtneylynn\SkyDrive2015-02-17 16:29 - 2014-06-20 09:15 - 00000922 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-17 16:28 - 2014-03-26 05:52 - 00000000 ____D () C:\ProgramData\NVIDIA2015-02-17 16:28 - 2013-08-22 08:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-02-17 16:27 - 2013-08-22 07:25 - 00524288 ___SH () C:\windows\system32\config\BBI2015-02-17 16:15 - 2014-06-13 12:32 - 00003958 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{7A1DCD80-1BF8-4E7B-805A-16B5B2983893}2015-02-17 16:00 - 2014-11-09 14:28 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\Ventrilo2015-02-17 16:00 - 2014-07-27 08:37 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\Azureus2015-02-17 16:00 - 2014-06-14 20:24 - 00000000 ____D () C:\Program Files (x86)\Steam2015-02-17 16:00 - 2013-10-07 13:23 - 00000000 ____D () C:\windows\Panther2015-02-17 15:59 - 2014-07-27 07:42 - 00000000 ____D () C:\windows\Minidump2015-02-17 15:30 - 2014-07-27 07:52 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-02-17 13:36 - 2014-06-13 12:16 - 00000000 ____D () C:\Users\Courtneylynn2015-02-17 12:53 - 2014-06-18 13:28 - 00000034 _____ () C:\Users\Courtneylynn\AppData\Roaming\AdobeWLCMCache.dat2015-02-17 11:26 - 2014-08-28 01:43 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\.minecraft2015-02-17 09:36 - 2014-09-18 07:46 - 00000000 ____D () C:\Users\Courtneylynn\Desktop\Illustrator Current Projects2015-02-17 09:36 - 2014-06-18 12:42 - 00000000 ____D () C:\ProgramData\Adobe2015-02-17 09:35 - 2014-06-18 12:36 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Local\Adobe2015-02-17 09:35 - 2014-06-13 12:17 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\Adobe2015-02-17 09:32 - 2014-06-18 12:40 - 00000000 ____D () C:\Program Files (x86)\Adobe2015-02-17 09:30 - 2014-06-20 09:16 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-16 13:06 - 2014-12-01 15:18 - 00001061 _____ () C:\Users\Courtneylynn\Desktop\Dropbox.lnk2015-02-16 13:06 - 2014-12-01 15:17 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-02-15 19:59 - 2014-11-15 09:37 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d000eac9a4140.job2015-02-15 19:55 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppReadiness2015-02-15 18:19 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\rescache2015-02-13 19:56 - 2013-08-22 09:20 - 00000000 ____D () C:\windows\CbsTemp2015-02-13 09:42 - 2014-10-19 07:32 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1cfeba11a9a2755.job2015-02-13 08:37 - 2014-09-20 23:27 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core.job2015-02-12 20:05 - 2014-08-01 17:46 - 00000000 ____D () C:\Program Files (x86)\McAfee2015-02-12 20:04 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\addins2015-02-12 19:37 - 2014-06-13 12:16 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Local\Pokki2015-02-12 19:36 - 2014-06-13 12:20 - 00002312 _____ () C:\Users\Courtneylynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk2015-02-12 19:34 - 2014-07-27 07:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-02-12 19:31 - 2014-11-05 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest2015-02-12 19:31 - 2014-11-05 21:40 - 00000000 ____D () C:\Program Files (x86)\NCWest2015-02-12 19:21 - 2013-08-22 07:25 - 00262144 ___SH () C:\windows\system32\config\ELAM2015-02-12 19:20 - 2013-08-22 08:44 - 00497840 _____ () C:\windows\system32\FNTCACHE.DAT2015-02-10 19:07 - 2014-06-14 19:25 - 00000000 ____D () C:\windows\system32\MRT2015-02-10 19:04 - 2014-06-14 19:25 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2015-02-09 08:57 - 2014-06-13 12:17 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Local\Packages2015-02-07 15:06 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\NDF2015-02-06 12:30 - 2014-06-20 09:15 - 00003898 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-06 12:30 - 2014-06-20 09:15 - 00003662 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-03 19:54 - 2014-11-15 09:37 - 00003916 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d000eacba69162015-02-03 19:54 - 2014-11-15 09:37 - 00003536 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d000eac9a41402015-02-03 19:54 - 2014-11-15 09:37 - 00000956 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d000eacba6916.job2015-02-03 13:31 - 2014-10-16 20:00 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2015-02-03 13:31 - 2014-10-16 20:00 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2015-01-31 16:44 - 2014-12-10 02:00 - 00000000 ____D () C:\Users\Courtneylynn\Documents\NCSOFT2015-01-31 16:44 - 2014-12-09 22:16 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Local\NCSOFT2015-01-31 16:44 - 2014-11-05 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT2015-01-31 16:44 - 2014-11-05 21:41 - 00000000 ____D () C:\Program Files (x86)\NCSOFT2015-01-31 12:22 - 2014-06-13 20:45 - 00002141 _____ () C:\Users\Courtneylynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk2015-01-29 14:23 - 2014-06-15 06:18 - 00000000 ____D () C:\Users\Courtneylynn\AppData\Roaming\Nitro PDF2015-01-23 01:34 - 2014-08-01 17:36 - 00000000 ____D () C:\Program Files\Common Files\McAfee2015-01-23 01:32 - 2013-08-22 09:36 - 00000000 ___HD () C:\windows\ELAMBKUP ==================== Files in the root of some directories ======= 2014-06-18 13:28 - 2015-02-17 12:53 - 0000034 _____ () C:\Users\Courtneylynn\AppData\Roaming\AdobeWLCMCache.dat2015-02-17 11:31 - 2015-02-17 11:31 - 0000041 _____ () C:\Users\Courtneylynn\AppData\Roaming\WB.CFG2014-03-26 06:01 - 2014-03-26 06:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP:====================C:\Users\Courtneylynn\AppData\Local\Temp\ConsumerInputSetup.exeC:\Users\Courtneylynn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv8xh0d.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-10 15:47 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Pollyanna584 Posted February 17, 2015 Author ID:940551 Share Posted February 17, 2015 Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015Ran by Courtneylynn at 2015-02-17 17:17:43Running from C:\Users\Courtneylynn\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 10 Second Ninja (HKLM-x32\...\Steam App 271670) (Version: - GameDesignDan)Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.1 - Adobe Systems Incorporated)Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)Anki (HKLM-x32\...\Anki) (Version: - )Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Bridge Builder (HKLM-x32\...\Bridge Builder) (Version: - )Bridge Building Game (HKLM-x32\...\Bridge Building Game) (Version: - )Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - )Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.1 build 4562 (Dec-02-2014) - Carbonite)ChromecastApp (HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)Consumer Input (HKLM-x32\...\Setup Support for Consumer Input) (Version: 1.0 - Sono Control Inc.) <==== ATTENTIONConsumer Input (remove only) (HKLM-x32\...\Consumer Input Installer) (Version: - Compete Inc.) <==== ATTENTIONCounter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) HiddenDemocracy 3 (HKLM-x32\...\Steam App 245470) (Version: - Positech Games)Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal)Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)Dropbox (HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)Dustforce (HKLM-x32\...\Steam App 65300) (Version: - Hitbox Team)Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)Energy Management (x32 Version: 8.0.2.14 - Lenovo) HiddenFist of Jesus (HKLM-x32\...\Steam App 321110) (Version: - Mutant Games)FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.26.9 - Google Inc.) HiddenGuacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios)Host App Service (HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Pokki) (Version: 0.269.5.460 - Pokki)ibb & obb (HKLM-x32\...\Steam App 95400) (Version: - Sparpweed)Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation)Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)Intel® PROSet/Wireless Software (HKLM-x32\...\{72814a2c-2e03-4a50-b30a-43e7884b3934}) (Version: 16.5.1 - Intel Corporation)iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)Java SE Development Kit 8 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) HiddenLenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) HiddenLenovo Reach (HKLM-x32\...\{0B5E0E89-4BCA-4035-BBA1-D1439724B6E2}) (Version: 1.1.0.166 - Stoneware, Inc.)LIMBO (HKLM-x32\...\Steam App 48000) (Version: - Playdead)Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.2.4000 - Maxthon International Limited)McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.191 - McAfee, Inc.)McAfee Total Protection (HKLM-x32\...\MSC) (Version: 14.0.207 - McAfee, Inc.)Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)Microsoft OneDrive (HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)Nimble Quest (HKLM-x32\...\Steam App 259780) (Version: - )Nitro Pro 8 (HKLM\...\{392C767D-4EE2-49B5-A3B4-A4C3AB6DC145}) (Version: 8.5.7.1 - Nitro)NVIDIA 3D Vision Driver 327.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.45 - NVIDIA Corporation)NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)NVIDIA Graphics Driver 327.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.45 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) HiddenOnekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version: - Vitali Kirpu)Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7030 - Realtek Semiconductor Corp.)Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) HiddenSHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) HiddenSid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)Slender: The Arrival (HKLM-x32\...\Steam App 252330) (Version: - Blue Isle Studios)Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)StageLight version 1.0.0.3508 (HKLM\...\StageLight) (Version: version 1.0.0.3508 - Open Labs, LLC.)Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)Starbound (HKLM-x32\...\Steam App 211820) (Version: - )Start Menu (HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\Pokki_Start_Menu) (Version: 0.269.5.460 - Pokki)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Strong Signal (HKLM-x32\...\Strong Signal) (Version: 2.0.5526.9995 - Strong Signal) <==== ATTENTION!Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh)Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version: - Bossa Studios)TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)Unchecky v0.3.6 (HKLM-x32\...\Unchecky) (Version: 0.3.6 - RaMMicHaeL)Unity Web Player (HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)UserGuide (x32 Version: 1.0.0.15 - Lenovo) HiddenVentrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)Zen Bound® 2 (HKLM-x32\...\Steam App 61600) (Version: - Secret Exit Ltd.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4076630929-1860452621-1202726728-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:25 - 2015-02-17 16:28 - 00001993 ____A C:\windows\system32\Drivers\etc\hosts0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly0.0.0.0 tracking.opencandy.com.s3.amazonaws.com0.0.0.0 media.opencandy.com0.0.0.0 cdn.opencandy.com0.0.0.0 tracking.opencandy.com0.0.0.0 api.opencandy.com0.0.0.0 installer.betterinstaller.com0.0.0.0 installer.filebulldog.com0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net0.0.0.0 inno.bisrv.com0.0.0.0 nsis.bisrv.com0.0.0.0 cdn.file2desktop.com0.0.0.0 cdn.goateastcach.us0.0.0.0 cdn.guttastatdk.us0.0.0.0 cdn.inskinmedia.com0.0.0.0 cdn.insta.oibundles2.com0.0.0.0 cdn.insta.playbryte.com0.0.0.0 cdn.llogetfastcach.us0.0.0.0 cdn.montiera.com0.0.0.0 cdn.msdwnld.com0.0.0.0 cdn.mypcbackup.com0.0.0.0 cdn.ppdownload.com0.0.0.0 cdn.riceateastcach.us0.0.0.0 cdn.shyapotato.us0.0.0.0 cdn.solimba.com0.0.0.0 cdn.tuto4pc.com0.0.0.0 cdn.appround.biz0.0.0.0 cdn.bigspeedpro.com0.0.0.0 cdn.bispd.com There are 4 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00E4B97E-7B0E-487D-8759-2A9061FFE05A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1cfeba11ab8f427 => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {074ACF18-E5D1-4035-AC26-7D81909E685F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)Task: {1792F19F-5809-4F9B-A58D-CCB2A985D741} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d000eac9a4140 => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {2627CD48-8DBD-4073-9A8C-E41303987876} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exeTask: {2926D31C-AEE4-403F-A45B-36593FB64641} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {3A76D416-BC53-4A7C-8545-BD37AF4AC592} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)Task: {3BB14BB7-DD34-4439-9341-458D4C5FB23E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)Task: {43C93DEA-754C-4647-A123-D1C76BB876E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-02-10] (Microsoft Corporation)Task: {4C539E6C-3075-4645-94D3-FCA99B952685} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)Task: {4FD2B16A-48CA-4E55-9B35-A25CF21B1A5A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {5095CFD8-18D8-4BD1-8F12-1F0077121782} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {61B47176-1A07-4F6C-BB7B-AA16F6698F17} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)Task: {63A8CE82-CC7C-43D6-A74A-7CBD1C9851A9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Courtneylynn Lenovo-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)Task: {68D4183B-0520-474D-AB4C-BA6A8C65D3EC} - System32\Tasks\Binkiland => C:\Users\COURTN~1\AppData\Roaming\BINKIL~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTIONTask: {6CC1649B-5F96-4568-B68F-CC8A900FE473} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d0401d85fdf62e => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {6F0018DF-1C39-4362-BEC6-E6AAAD2EC0BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1cfeba11a9a2755 => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {74B64609-3863-42A1-9762-F8C46E07D9D7} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-courtneylynn3001@yahoo.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)Task: {7B92E0DF-69C8-4B0F-817A-F904A1D6EA1D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4076630929-1860452621-1202726728-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exeTask: {7F94E34D-F79E-4C41-B00B-25CBA4AA3E5D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-08-01] (Maxthon International ltd.)Task: {867CECE8-EFA1-4901-9544-4ED34BB52B61} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTIONTask: {963E8B7A-3F38-4F11-951F-ED510CCFA4DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)Task: {C3C50B04-12BD-4452-A1D2-4A4FA7571626} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d000eacba6916 => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {D84C9FA4-074D-4AFD-9960-651A6979AE68} - System32\Tasks\Binkiland laci => Wscript.exe "C:\ProgramData\{CD422581-9DC0-F407-2C46-8485FCC4570B}\1.9.1.1\fiber.js" "433a2f50726f6772616d446174612f7b43443432323538312d394443302d463430372d324334362d3834383546434334353730427d2f312e392e312e312f6c6163692e646c6c" "687474703a2f2f73616f2e62696e6b702e636f6d2f" "--IsErIk"Task: {E2637612-105F-480C-80B1-A5573164C81C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)Task: {E6D24CAA-B359-4530-9D5E-E9C59A32274D} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2013-10-25] ()Task: {F75D19BB-D580-4117-ACD5-D04C68718593} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d0401d85d53b5b => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)Task: {FE87EA6F-46DB-44A3-85B1-305B803DCDBC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)Task: C:\windows\Tasks\Binkiland laci.job => C:\windows\system32\wscript.exeTask: C:\windows\Tasks\Binkiland.job => C:\Users\COURTN~1\AppData\Roaming\BINKIL~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTIONTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1cfeba11a9a2755.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d000eac9a4140.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002Core1d0401d85d53b5b.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1cfeba11ab8f427.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d000eacba6916.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4076630929-1860452621-1202726728-1002UA1d0401d85fdf62e.job => C:\Users\Courtneylynn\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-10-21 21:26 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll2014-03-26 06:22 - 2012-04-24 04:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe2014-03-26 06:09 - 2013-10-25 03:23 - 00053248 _____ () C:\windows\SysWOW64\UMonit64.exe2014-07-16 10:06 - 2014-07-16 10:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll2014-11-18 09:15 - 2014-09-23 07:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll2013-05-09 18:58 - 2013-05-09 18:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe2014-11-25 10:07 - 2014-11-25 10:07 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2015-02-17 09:30 - 2015-02-17 09:30 - 00058880 _____ () C:\Program Files (x86)\Unchecky\bin\collector.dll2015-02-10 15:00 - 2015-02-10 15:00 - 00750080 _____ () C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\libGLESv2.dll2015-02-17 16:30 - 2015-02-17 16:30 - 00043008 _____ () c:\Users\Courtneylynn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv8xh0d.dll2015-02-10 15:00 - 2015-02-10 15:00 - 00047616 _____ () C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\libEGL.dll2015-02-10 15:00 - 2015-02-10 15:00 - 00865280 _____ () C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll2015-02-10 15:00 - 2015-02-10 15:00 - 00200704 _____ () C:\Users\Courtneylynn\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll2014-11-18 09:15 - 2014-11-18 09:15 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll2014-03-26 05:59 - 2013-08-08 14:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll2015-02-06 12:36 - 2015-02-04 03:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll2015-02-06 12:36 - 2015-02-04 03:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll2015-02-06 12:36 - 2015-02-04 03:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll2010-12-17 13:56 - 2010-12-17 13:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll2013-03-07 13:53 - 2013-03-07 13:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll2010-12-17 13:56 - 2010-12-17 13:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll2010-12-17 13:56 - 2010-12-17 13:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll2010-01-12 17:55 - 2010-01-12 17:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll2010-01-12 17:55 - 2010-01-12 17:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll2010-12-16 13:16 - 2010-12-16 13:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll2010-01-18 00:34 - 2010-01-18 00:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll2013-03-07 13:55 - 2013-03-07 13:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll2013-03-07 13:58 - 2013-03-07 13:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll2013-03-07 13:54 - 2013-03-07 13:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll2010-12-17 13:56 - 2010-12-17 13:56 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll2010-12-17 13:56 - 2010-12-17 13:56 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll2010-12-17 13:56 - 2010-12-17 13:56 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows:nlsPreferencesAlternateDataStreams: C:\ProgramData\Temp:373E1720AlternateDataStreams: C:\Users\Courtneylynn\SkyDrive:ms-propertiesAlternateDataStreams: C:\Users\Courtneylynn\Desktop\Screenshot 2015-01-20 19.28.20.png:com.dropbox.attributes ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Courtneylynn\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpgDNS Servers: 209.18.47.61 - 209.18.47.62 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"HKLM\...\StartupApproved\Run: => "BTMTrayAgent"HKLM\...\StartupApproved\Run: => "OnekeyStudio"HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"HKU\S-1-5-21-4076630929-1860452621-1202726728-1002\...\StartupApproved\Run: => "Pokki" ==================== Accounts: ============================= Administrator (S-1-5-21-4076630929-1860452621-1202726728-500 - Administrator - Disabled)Courtneylynn (S-1-5-21-4076630929-1860452621-1202726728-1002 - Administrator - Enabled) => C:\Users\CourtneylynnGuest (S-1-5-21-4076630929-1860452621-1202726728-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (02/17/2015 04:29:24 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (02/17/2015 04:27:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Activation of app Microsoft.WindowsCalculator_8wekyb3d8bbwe!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/17/2015 04:27:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Activation of app Microsoft.WindowsCalculator_8wekyb3d8bbwe!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/17/2015 04:27:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Activation of app Microsoft.WindowsCalculator_8wekyb3d8bbwe!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/17/2015 04:21:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/17/2015 04:06:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors:=============Error: (02/17/2015 04:28:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Update Mgr StrongSignal service failed to start due to the following error: %%216 Error: (02/17/2015 04:28:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The TeamViewer 9 service failed to start due to the following error: %%2 Error: (02/17/2015 04:28:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Service Mgr StrongSignal service failed to start due to the following error: %%216 Error: (02/17/2015 04:27:40 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (02/17/2015 04:27:40 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (02/17/2015 04:27:40 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (02/17/2015 04:27:40 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Microsoft Office Sessions:=========================Error: (02/17/2015 04:29:24 PM) (Source: SideBySide) (EventID: 78) (User: )Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Courtneylynn\AppData\Local\Pokki\Engine\HostAppService.exe Error: (02/17/2015 04:27:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Microsoft.WindowsCalculator_8wekyb3d8bbwe!App-2144927151 Error: (02/17/2015 04:27:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Microsoft.WindowsCalculator_8wekyb3d8bbwe!App-2144927151 Error: (02/17/2015 04:27:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Microsoft.WindowsCalculator_8wekyb3d8bbwe!App-2144927151 Error: (02/17/2015 04:21:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927151 Error: (02/17/2015 04:06:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927151 CodeIntegrity Errors:=================================== Date: 2015-02-07 22:14:15.828 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 22:14:08.674 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:59:50.592 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:28:38.187 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:27:14.743 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:18:35.564 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:06:07.792 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:03:43.564 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:02:24.755 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-07 20:01:39.627 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core i7-4700MQ CPU @ 2.40GHzPercentage of memory in use: 16%Total physical RAM: 16330.27 MBAvailable physical RAM: 13559.48 MBTotal Pagefile: 18762.27 MBAvailable Pagefile: 15490.34 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.78 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:891.66 GB) (Free:675.98 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.72 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 931.5 GB) (Disk ID: E084EA1E) Partition: GPT Partition Type. ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Pollyanna584 Posted February 18, 2015 Author ID:940600 Share Posted February 18, 2015 Attachments belowFRST.txtAddition.txt Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted February 18, 2015 ID:940695 Share Posted February 18, 2015 Uninstall some programs We need to uninstall some unwanted/unneeded programs.Press the + R on your keyboard at the same time. Type appwiz.cpl and click OK.Search there for each entry mentioned below, right-click the entry and click Uninstall one at a timeThe list of programs to uninstall:Consumer InputConsumer Input (remove only)Strong SignalAfter completing uninstalls, please manually reboot your machine! Note: If you get the message like: An error occurred while trying to uninstall, just press Yes. Fix with Farbar Recovery Scan Tool This fix was created for this user for use on that particular machine. Running it on another one may cause damage and render the system unstable. Download attached fixlist.txt file and save it to the Desktop: Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!Right-click on icon and select Run as Administrator to start the tool.(XP users click run after receipt of Windows Security Warning - Open File).Press the Fix button just once and wait.If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.When finished FRST will generate a log on the Desktop, called Fixlog.txt.Please post it to your reply. Scan with Malwarebytes' Anti-Malware Please re-run Malwarebytes' Anti-Malware.First of all, select update.Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.Click the Scan tab, choose Threat Scan is checked and click Scan Now.If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the newest Scan Log.At the bottom click Export and choose Text file.Save the file to your desktop and upload your next reply.fixlist.txt Link to post Share on other sites More sharing options...
Pollyanna584 Posted February 18, 2015 Author ID:940789 Share Posted February 18, 2015 My computer restarted after malware bytes and I couldn't download the log and it isn't showing up in history but it found about 75 items that it quarantined. The fix log for FRST is attached below. The browser no longer opens to bikiniland and the computer seems to be running better in general.Fixlog.txt Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted February 18, 2015 ID:940834 Share Posted February 18, 2015 @iKNR You've already been instructed to open your own topic so please do so. @Pollyanna584 Anything else I can help with? Link to post Share on other sites More sharing options...
Pollyanna584 Posted February 20, 2015 Author ID:941278 Share Posted February 20, 2015 Nope! Unless you can teach my girlfriend not to download things from sketchy sites :-P Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted February 20, 2015 ID:941342 Share Posted February 20, 2015 Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself Recommended reading: MUST READ - security tips:Computer Security - a short guide to staying safer online.Simple and easy ways to keep your computer safe and secure on the InternetHow Malware Spreads - How did I get infectedMUST READ - general maintenance:What to do if your Computer is running slowly?The Importance of Software Updating: In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running. Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.How to configure and use Automatic Updates in WindowsHow to update JavaHow to update Adobe ReaderRecommended additional software: TFC - to clean unneeded temporary files.Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.McShield - to prevent infections spread by removable media.Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.Adblock - to surf the web without annoying ads! Post-cleanup procedures: Download DelFix by Xplode and save it to your desktop.Run the tool by right click on the icon and Run as administrator option.Make sure that these ones are checked:Remove disinfection toolsPurge system restoreReset system settingsPush Run.The program will run for a few seconds and display a notepad report. You do not need to attach it.The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFixTool deletes old system restore points and create a fresh system restore point after cleaning. My help is free for everybody.If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: Thank you! Stay safe,TwinHeadedEagle Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 17, 2015 Root Admin ID:948035 Share Posted March 17, 2015 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts