Jump to content

Recommended Posts

Computer now runs slow. Malwarebytes show no current infection. When I ran it late last week it show'd 8 infections (if I remember correctly; may have been more). This morning this computer is running super slow. Like it has to think about what it's going to do before it does it. On line or off it reacts the same.

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by User1 at 2015-06-05 13:23:11
Running from C:\Users\User1\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1811926671-1166010024-57519386-500 - Administrator - Disabled)
Guest (S-1-5-21-1811926671-1166010024-57519386-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-1811926671-1166010024-57519386-1041 - Limited - Enabled) => C:\Users\UpdatusUser
User1 (S-1-5-21-1811926671-1166010024-57519386-1000 - Administrator - Enabled) => C:\Users\User1

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop Elements (HKLM-x32\...\Adobe Photoshop Elements 1.0) (Version: 1.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 4.8 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Curse Client (HKU\S-1-5-21-1811926671-1166010024-57519386-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.12 - NCH Software)
DisplayFusion (HKLM-x32\...\Steam App 227260) (Version:  - Binary Fortress Software)
DisplayFusion 7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.1.0.0 - Binary Fortress Software)
EPSON Printer Software (HKLM-x32\...\EPSON Printer and Utilities) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.6.0.0 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.314 - McAfee, Inc.)
Media Player Codec Pack 3.9.6 (HKLM-x32\...\Media Player - Codec Pack) (Version:  - Media Player Codec Pack)
MediaInfo 0.7.72 (HKLM\...\MediaInfo) (Version: 0.7.72 - MediaArea.net)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Graphics Driver 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
PlutoTV version 0.0.5 (HKLM-x32\...\PlutoTV_is1) (Version: 0.0.5 - PlutoTV)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Serif MoviePlus Starter Edition (HKLM-x32\...\{2A9D6191-23DB-463E-BB1B-1642C9756B7C}) (Version: 1.0.0.008 - Serif (Europe) Ltd)
Serif MoviePlus X5 (HKLM-x32\...\{93C40A12-0098-46B1-972E-E8083686A7A0}) (Version: 7.0.2.018 - Serif (Europe) Ltd)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1811926671-1166010024-57519386-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World of Goo (HKLM-x32\...\{BD624CE2-CAD5-421C-B845-F29F4A8BA57B}) (Version: 1.2 - Brighter Minds Media)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1811926671-1166010024-57519386-1000_Classes\CLSID\{37d54f02-46b1-4064-86ed-0083621fefd5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================

30-05-2015 22:35:20 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {077B0D1F-5DB5-42D4-B0D6-944E16788609} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0CAA03B9-E799-4367-85C0-2A5B30B2E6EC} - System32\Tasks\{B5BACBBC-3A8A-4CF7-8675-146E4A3F39DD} => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [2015-01-07] (Binary Fortress Software)
Task: {38B65DEB-9F30-4421-9207-9F0E04076188} - System32\Tasks\RealCreateProcessScheduledTask5441611S-1-5-21-1811926671-1166010024-57519386-1000 => C:\Program Files (x86)\Real\RealPlayer\realplay.exe
Task: {519574CF-F9AB-4579-BE5C-8B7646C5F455} - System32\Tasks\{41392FC1-F5AC-4545-A88F-A26A2C303DA8} => C:\Program Files (x86)\Serif\MoviePlus\5.0\Program\MoviePlus.exe
Task: {53115995-5317-4A1A-AD2B-F676ADDF83FB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {53E4A291-4B7B-47FF-91D5-A487F2D0363D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-20] (Microsoft Corporation)
Task: {5BB1BAC1-EBCE-4014-BD11-1F03DBC9A858} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {62A2B745-BFFB-492F-84E5-197FE6A0D921} - System32\Tasks\{66EFD634-93DF-4D94-A0C1-6BC24F7E0046} => pcalua.exe -a D:\setup.exe -d D:\
Task: {67A00963-C622-46FE-A894-FFDD1CBB376E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: {6AC05CC6-C4A1-4BE6-9F22-C1398457F006} - System32\Tasks\{1B6F46F5-3106-4FEF-B82D-4ECF36E223D2} => C:\Program Files (x86)\OBS\OBS.exe [2015-03-25] ()
Task: {82CC3F8B-F073-414B-B785-FCE1C1606C62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21] (Adobe Systems Incorporated)
Task: {9C740AF5-F27C-478E-B340-4AB26AECE156} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {CAEFEBCB-56BF-4AEF-8D54-98176FF4A1E2} - System32\Tasks\{0363DD29-873F-4A20-AE70-A7EB7CA4A7E2} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {D2864E78-FFC8-49C8-9E72-04906F3E65C0} - System32\Tasks\Security Updater => C:\Users\User1\AppData\Roaming\Updater\winupd.exe <==== ATTENTION
Task: {DD8D5609-0059-44D2-83E8-62BF5FAF7B91} - System32\Tasks\{23D58A0F-9778-4326-AE48-603B30EB0BCA} => C:\Program Files (x86)\Serif\MoviePlus\5.0\Program\MoviePlus.exe
Task: {E0A69EF5-1821-430C-BDEC-2DDCDFCD7279} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {E1758D69-51E5-4550-8F92-6D2D98B1808B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E56A7556-F0F9-4103-85FD-4BADF423CD4E} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {E5A02A89-79FC-4A49-9163-B76CEE73D0B0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E7DA2A44-173B-4D98-99D1-3A00E056CE12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: {ECC7CB81-DEA2-42BF-B948-2BB71EC6154C} - System32\Tasks\{E5C4AF8A-59BF-4181-B9A7-4B0897ECCCF0} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {F250825E-B81A-473B-9E2B-D08F10FEED1D} - System32\Tasks\{7A0C476E-A10B-4EC9-A893-114FA1469799} => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [2015-01-07] (Binary Fortress Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-19 16:03 - 2015-01-30 20:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-12 10:54 - 2014-08-19 15:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-10-09 15:51 - 2014-10-09 15:51 - 00016384 ____N () C:\Users\User1\AppData\Local\Apps\2.0\KCWBV7HE.218\XV82A937.8W2\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
2013-09-02 11:56 - 2013-09-02 11:55 - 00035840 _____ () C:\Users\User1\AppData\Local\Apps\2.0\KCWBV7HE.218\XV82A937.8W2\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
2014-10-09 15:51 - 2014-10-09 15:51 - 00099840 ____N () C:\Users\User1\AppData\Local\Apps\2.0\KCWBV7HE.218\XV82A937.8W2\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1811926671-1166010024-57519386-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User1\AppData\Local\DisplayFusion\Wallpaper_2
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\Windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^User1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^User1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PlutoTV.lnk => C:\Windows\pss\PlutoTV.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BingSvc => C:\Users\User1\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: CmPCIaudio => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
MSCONFIG\startupreg: DisplayFusion => "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\User1\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User1\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1C8D8AF-5FA4-4E3B-8416-1EF626CA1E19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{C5CCC5ED-CD71-433D-A983-62E60EB67BB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{461C2F31-4255-499E-A6B4-FCC08950351A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{0A57A46A-FE94-4AF2-9DCB-79BEE47F232C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{ABA50634-F7D4-4398-9227-719970E20D0D}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{7E8F07F9-1E48-4422-B538-062CFC87E4E0}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{3FC18F56-ED86-4FE5-A9DF-AE2BE02B0922}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1656104-A6AC-4F54-A74A-C4A49C5E6D25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3A68FED-EBD1-4518-A60E-73B85571F3B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BA629523-C0A1-45C1-AD0A-CDCECC19A1A2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{837279A4-8436-4768-AD53-D5F3C75F7D1B}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{58CB9C61-C37A-4118-8AAF-9E88F2CB101B}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{C88B1415-3D70-4F88-8727-7C7C36459DD5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{A4AC4043-4909-4E52-9832-A5466C139BD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{2FBFE27D-AAB4-4A90-AE45-9B74CCF04232}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{A63B6ED3-CB41-4E2C-BBF2-49836CD48761}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{76DAEA56-BE96-4A52-B325-008704D1F8E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{063750FA-B514-4C7A-8A83-65953E479E05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{4A0D5575-E37C-409B-B8A8-0FADFF4ADF63}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{EC86BF20-4B7F-4EB1-A4A0-58F6200D4690}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{9A4F94EC-3551-4376-8908-5AC5920D46A4}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{E7879D82-7687-4729-806D-14C3920ECA03}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{12335807-7B8A-47A9-B084-2FF5D4BDDC80}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{779F2D6B-1D3F-4A54-84A2-92FC9332E40C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{1651A20E-6538-41E1-B4F5-A72346B6F6FA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D6719047-A965-43F9-B585-2E8E232D5C75}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EB1E8E11-CFE3-4C95-A8D8-46D45616CA6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{0AC6BAA9-CC55-497C-813F-FF2F0BF31B61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{2E1405FD-F951-4D14-B107-6D87A85189CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{242F74F2-B9AF-4D2A-960C-FB53ACDAD092}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{9EF2ED81-AD17-4CF1-86B9-83F95795AB6F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4AD44C7A-16D4-4862-9EC2-B814158D6BC0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{90A58860-533F-4945-A3A1-26B49B2305B4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9B9481EF-3285-4959-A5FF-061F3F6BB8B6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C34C8115-6741-44DA-A033-8E5219652354}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{DE7FEBE6-31A2-4EA4-A80C-0803F8FEC121}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{04A518F2-4762-4A7F-8FA5-A803520BE1E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{56D167A6-7D72-4EF3-8D20-D5412703186D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{F7F51AAB-D548-4F00-94CA-4DBFB1734A1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3709BB27-1A67-4F6D-AA2C-704E7E7A456F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{65D1F2C6-9516-4CDC-8FE6-9015EA3B353E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6351DB2C-1120-4CE9-969D-F6099D902D65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{0191D022-D07E-4C09-97D6-A9FA44A66766}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{81E342D3-3A2D-4866-9212-9C20747B9221}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{FC0B86B5-6D2C-4724-B055-7A42A0F3FF02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{CBE1C5AD-A5CC-444F-BEE4-1BD8A3F2E310}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{F7F38B5A-5586-4FAD-8922-1EF18CF9E483}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{0A98D337-E3FB-405F-9D8B-C31429623307}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{4FF0236F-DC95-4026-96CF-14A3F64F217F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{88C15321-936B-4DC8-A68F-2952265EBCC6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{CDD7C2BE-16A5-465D-BB5A-3D29933B6E7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{E3E26005-85C9-4EC6-80BE-541E43B5554F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{3195F04C-18EB-4B60-9A86-1A9E08A1A21C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{25E99548-B7EB-4318-9E10-CB26F78B5662}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1EE07B84-BC8B-4641-997A-6124359FDFC6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{BB0839DA-ECA4-47DC-A9CB-8E8D08FFA147}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{B9A2E970-5313-4785-98C1-3A8B4B449660}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{269EA293-BB63-4C07-BADA-81FDD701ACBE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{5C235CE9-C364-4FCF-9EAB-E9CD206C8EAC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{170404EF-E784-46F9-8762-39E90F89749E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B7B40B6C-FE92-44F6-A4BA-3C612B2E5E5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{413B222E-58E5-4475-997E-334A652D06E8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{295428B7-5D50-41E9-A483-0CD31A718C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{A91FAAAA-F5E0-4CAE-A5C7-FDF869245A7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{0EE2D9C5-EC14-4DEA-86BB-9ABC68A548F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{4417F3B6-30DC-4FBA-A760-C676214765AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{CF9F708E-BEA5-4D93-B781-4539632C30AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D0AFB091-043C-49A7-A136-694EBBA3E684}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{72650EE3-90CD-448D-AA71-C2662A115852}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{C2B7E496-5493-4678-B49D-A51D1C30D896}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{3444814A-BB68-455E-BED3-93D1DA0E9D32}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{E7A56C48-82B2-4031-AC3F-BFE3190F90E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{60D18968-FEC3-4F32-B688-9BBD642C7F6B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{FE91A974-549F-42DC-85B9-E0F4A6A9EB2B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{56FAEB78-EC2F-43D3-972F-51C10E6CD4AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{68C435AF-39D6-4BD8-AEB8-68746FA5BE31}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{ED40F9DD-EDFE-4694-9543-C978F312FE4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{EEEC68A9-A300-4581-A4B0-1C367855F152}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{05C84FE9-DFFC-457A-8342-F4F2498EA9CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7A1BB1F5-AE53-4AD1-B189-B7BA380F9776}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [uDP Query User{C95BF1F0-854C-4C83-8525-CCD107E40F0D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{0EC361C7-38A3-4BF9-ADDA-F7D108E0F102}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{21B140F6-6D6B-4632-801D-25EA05EFD5B1}] => (Allow) LPort=2869
FirewallRules: [{51441211-C16B-40E6-9C1F-E15F4EFEA8D8}] => (Allow) LPort=1900
FirewallRules: [{B41F84E0-3CEB-4037-B6D0-612B651BE458}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{218370AD-355E-44D4-AED3-28028C8F6B29}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{589AC941-CC76-40D6-B1C2-9646FA9D3A4D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{3E259734-6607-487A-B9A4-52B64A048232}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{5C897336-CBD4-4746-932D-25BF9C7FFBCC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{EA1836F9-466F-4B6D-A507-705C1DE75A31}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0260C353-6DEB-45C2-9AC2-F6BF5B41513D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{2AD5B2E7-471B-45AF-A98A-5704D2C4A988}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{F695CC5E-B544-4542-B971-751046004BF3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1170AB00-E13D-420C-9659-7A21C57EEDD6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{59D00261-0800-4A41-885A-742C0ABBFD15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E98310E-7985-48A6-A710-48B86CB6BC51}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4F8207B8-9EA4-4C50-AA72-AAEA5A305477}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{62091503-3764-4943-873A-871A91C0816A}] => (Allow) C:\Users\User1\AppData\Local\Temp\nsv2BE3.tmp\CnetInstaller-10073040.exe
FirewallRules: [{7815E8B1-A960-4779-B20B-4FFE29836C67}] => (Allow) C:\Users\User1\AppData\Local\Temp\nsv2BE3.tmp\CnetInstaller-10073040.exe
FirewallRules: [{C1B5BEC6-35F6-42A1-AB14-1A7FFE9DBB87}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2015 09:22:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 6.1.2.19865 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b3c

Start Time: 01d09a5fab555c70

Termination Time: 822

Application Path: C:\Program Files (x86)\World of Warcraft\Wow-64.exe

Report Id: 57c4969f-066a-11e5-9636-003018a7b979

Error: (05/28/2015 01:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSACore.exe, version: 4.0.0.274, time stamp: 0x554139f4
Faulting module name: saupkeep.dll_unloaded, version: 0.0.0.0, time stamp: 0x554138ac
Exception code: 0xc0000005
Fault offset: 0x000007fef02ac163
Faulting process id: 0x998
Faulting application start time: 0xMcSACore.exe0
Faulting application path: McSACore.exe1
Faulting module path: McSACore.exe2
Report Id: McSACore.exe3

Error: (05/27/2015 01:42:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSACore.exe, version: 4.0.0.274, time stamp: 0x554139f4
Faulting module name: saupkeep.dll_unloaded, version: 0.0.0.0, time stamp: 0x554138ac
Exception code: 0xc0000005
Fault offset: 0x000007fef0dbc163
Faulting process id: 0x970
Faulting application start time: 0xMcSACore.exe0
Faulting application path: McSACore.exe1
Faulting module path: McSACore.exe2
Report Id: McSACore.exe3

Error: (05/24/2015 11:10:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PhotoshopElements.exe version 1.0.128.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1338

Start Time: 01d096338d0a67a4

Termination Time: 29

Application Path: C:\Program Files (x86)\Adobe\Photoshop Elements\PhotoshopElements.exe

Report Id: f1c30a91-0226-11e5-bfc2-003018a7b979

Error: (05/23/2015 03:32:16 PM) (Source: MsiInstaller) (EventID: 11920) (User: User1-PC)
Description: Product: iTunes -- Error 1920. Service 'Apple Mobile Device Service' (Apple Mobile Device Service) failed to start.  Verify that you have sufficient privileges to start system services.

Error: (05/23/2015 02:19:10 PM) (Source: MsiInstaller) (EventID: 11920) (User: User1-PC)
Description: Product: iTunes -- Error 1920. Service 'Apple Mobile Device Service' (Apple Mobile Device Service) failed to start.  Verify that you have sufficient privileges to start system services.

Error: (05/22/2015 03:04:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 794

Start Time: 01d094bcf238706e

Termination Time: 11156

Application Path: C:\Windows\Explorer.EXE

Report Id: 578729e1-00b5-11e5-a163-003018a7b979

Error: (05/22/2015 01:20:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WINWORD.EXE version 11.0.8411.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12c0

Start Time: 01d094b320df0772

Termination Time: 11

Application Path: C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

Report Id: b116a9c3-00a6-11e5-90a8-003018a7b979

Error: (05/19/2015 03:14:15 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: User1-PC)
Description: Application or service 'RealPlayer Update Service' could not be restarted.

Error: (05/19/2015 03:13:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/03/2015 03:36:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (06/02/2015 08:06:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (06/02/2015 05:26:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/01/2015 03:04:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:47:29 PM on ‎6/‎1/‎2015 was unexpected.

Error: (06/01/2015 10:38:29 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/31/2015 03:23:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/31/2015 11:04:53 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}

Error: (05/30/2015 01:19:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/29/2015 11:58:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/29/2015 02:12:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}


Microsoft Office:
=========================
Error: (05/29/2015 09:22:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.1.2.19865b3c01d09a5fab555c70822C:\Program Files (x86)\World of Warcraft\Wow-64.exe57c4969f-066a-11e5-9636-003018a7b979

Error: (05/28/2015 01:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSACore.exe4.0.0.274554139f4saupkeep.dll_unloaded0.0.0.0554138acc0000005000007fef02ac16399801d0995a8dd78218C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exesaupkeep.dlld0ab55ae-055f-11e5-af33-003018a7b979

Error: (05/27/2015 01:42:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSACore.exe4.0.0.274554139f4saupkeep.dll_unloaded0.0.0.0554138acc0000005000007fef0dbc16397001d098922afd5f72C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exesaupkeep.dllcc3b293f-0497-11e5-999e-003018a7b979

Error: (05/24/2015 11:10:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PhotoshopElements.exe1.0.128.0133801d096338d0a67a429C:\Program Files (x86)\Adobe\Photoshop Elements\PhotoshopElements.exef1c30a91-0226-11e5-bfc2-003018a7b979

Error: (05/23/2015 03:32:16 PM) (Source: MsiInstaller) (EventID: 11920) (User: User1-PC)
Description: Product: iTunes -- Error 1920. Service 'Apple Mobile Device Service' (Apple Mobile Device Service) failed to start.  Verify that you have sufficient privileges to start system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/23/2015 02:19:10 PM) (Source: MsiInstaller) (EventID: 11920) (User: User1-PC)
Description: Product: iTunes -- Error 1920. Service 'Apple Mobile Device Service' (Apple Mobile Device Service) failed to start.  Verify that you have sufficient privileges to start system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/22/2015 03:04:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756779401d094bcf238706e11156C:\Windows\Explorer.EXE578729e1-00b5-11e5-a163-003018a7b979

Error: (05/22/2015 01:20:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE11.0.8411.012c001d094b320df077211C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXEb116a9c3-00a6-11e5-90a8-003018a7b979

Error: (05/19/2015 03:14:15 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: User1-PC)
Description: 0RealPlayerUpdateSvc.exeRealPlayer Update Service03026217816520

Error: (05/19/2015 03:13:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{9F3B20DF-76F2-47F4-9372-F0F56485A58D}\recordingmanager.exe


==================== Memory info ===========================

Processor: AMD Athlon 64 X2 Dual Core Processor 4200+
Percentage of memory in use: 49%
Total physical RAM: 4095.3 MB
Available physical RAM: 2052.38 MB
Total Pagefile: 8188.82 MB
Available Pagefile: 5749.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:762.84 GB) NTFS
Drive f: () (Removable) (Total:29.74 GB) (Free:29.74 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B343B343)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by User1 (administrator) on USER1-PC on 05-06-2015 13:21:39
Running from C:\Users\User1\Downloads
Loaded Profiles: User1 & UpdatusUser (Available Profiles: User1 & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Spotify Ltd) C:\Users\User1\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Curse) C:\Users\User1\AppData\Local\Apps\2.0\KCWBV7HE.218\XV82A937.8W2\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1811926671-1166010024-57519386-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [6886752 2015-01-07] (Binary Fortress Software)
HKU\S-1-5-21-1811926671-1166010024-57519386-1000\...\Run: [spotify Web Helper] => C:\Users\User1\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-05-18] (Spotify Ltd)
HKU\S-1-5-21-1811926671-1166010024-57519386-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File not found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" File not found
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-05-22] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1811926671-1166010024-57519386-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1811926671-1166010024-57519386-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
SearchScopes: HKU\S-1-5-21-1811926671-1166010024-57519386-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-05-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-05-25] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-05-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-05-25] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.foxnews.com/
FF Keyword.URL: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1811926671-1166010024-57519386-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF SearchPlugin: C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\searchplugins\bing-.xml [2015-04-10]
FF SearchPlugin: C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\searchplugins\google-default.xml [2015-03-11]
FF Extension: Bing Search - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\bingsearch.full@microsoft.com [2015-04-10]
FF Extension: BlackFox V2 - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\zigboom@hotmail.com [2015-05-03]
FF Extension: Bloody Red - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2013-09-04]
FF Extension: Flash and Video Download - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-05-28]
FF Extension: Reddit Enhancement Suite - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2013-09-04]
FF Extension: NASA Night Launch - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\nasanightlaunch@example.com.xpi [2015-03-10]
FF Extension: ShadGlo Library Toolbar Skin - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\{0a6525b8-7c08-451e-b443-970c9bc2f246}.xpi [2015-03-10]
FF Extension: Black Skin - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\{2aa024bd-65c3-4256-8343-d32e1047acff}.xpi [2015-03-10]
FF Extension: Download YouTube Videos as MP4 - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-04-30]
FF Extension: Adblock Plus - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\a0r3d5ft.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-09-01]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-09-01]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-01]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-07] (Advanced Micro Devices, Inc.) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [3169648 2015-01-07] (Binary Fortress Software)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-05-25] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2013-09-01] (C-Media Inc)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 13:21 - 2015-06-05 13:22 - 00019523 _____ C:\Users\User1\Downloads\FRST.txt
2015-06-05 13:20 - 2015-06-05 13:20 - 02108928 _____ (Farbar) C:\Users\User1\Downloads\FRST64.exe
2015-06-05 10:56 - 2015-06-05 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-06-01 12:20 - 2015-06-01 12:20 - 00000000 ____D C:\Users\User1\AppData\Local\GWX
2015-05-27 22:06 - 2015-05-27 22:06 - 00001159 _____ C:\Users\User1\Desktop\Mozilla Firefox.lnk
2015-05-26 19:52 - 2015-05-26 19:55 - 116850676 _____ C:\Users\User1\Downloads\The Sugar Hill Gang - Rapper's Delight ( HQ, Full Version ).mp4
2015-05-24 20:31 - 2015-05-24 20:35 - 153091664 _____ C:\Users\User1\Downloads\Steven Universe Temple Pilot Version Part 4.mp4
2015-05-23 22:37 - 2015-05-23 22:38 - 42096984 _____ (Apple Inc.) C:\Users\User1\Downloads\QuickTimeInstaller.exe
2015-05-23 21:14 - 2015-05-23 21:26 - 391135775 _____ C:\Users\User1\Downloads\Steven Universe Temple Pilot Version Part 3.mp4
2015-05-23 14:17 - 2015-05-23 14:17 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-05-23 14:17 - 2015-05-23 14:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-23 14:14 - 2015-05-23 14:17 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-23 14:14 - 2015-05-23 14:17 - 00000000 ____D C:\Program Files\iTunes
2015-05-23 14:14 - 2015-05-23 14:14 - 00000000 ____D C:\Program Files\iPod
2015-05-23 14:14 - 2015-05-23 14:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-05-23 13:56 - 2015-05-23 14:00 - 152362800 _____ (Apple Inc.) C:\Users\User1\Downloads\iTunes6464Setup.exe
2015-05-22 15:01 - 2015-05-22 15:46 - 00000000 ____D C:\Users\User1\Downloads\ebay
2015-05-19 11:37 - 2015-05-19 11:37 - 00003424 _____ C:\Windows\System32\Tasks\RealDownloader Update Check
2015-05-19 11:37 - 2015-05-19 11:37 - 00003162 _____ C:\Windows\System32\Tasks\RealCreateProcessScheduledTask5441611S-1-5-21-1811926671-1166010024-57519386-1000
2015-05-19 11:37 - 2015-05-19 11:37 - 00000000 ____D C:\Users\User1\AppData\Local\Real
2015-05-19 11:36 - 2015-05-19 11:36 - 00000000 ____D C:\Users\User1\AppData\Local\CrashRpt
2015-05-19 11:34 - 2015-05-19 15:14 - 00000000 ____D C:\Program Files (x86)\Real
2015-05-19 11:33 - 2015-05-19 15:13 - 00000000 ____D C:\Users\User1\AppData\Roaming\Real
2015-05-19 11:30 - 2015-05-19 15:13 - 00000000 ____D C:\ProgramData\Real
2015-05-18 23:14 - 2015-05-23 11:05 - 00000000 ____D C:\Users\User1\AppData\Local\Spotify
2015-05-18 23:14 - 2015-05-18 23:14 - 00001767 _____ C:\Users\User1\Desktop\Spotify.lnk
2015-05-18 23:14 - 2015-05-18 23:14 - 00001753 _____ C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-05-18 23:12 - 2015-05-23 11:04 - 00000000 ____D C:\Users\User1\AppData\Roaming\Spotify
2015-05-17 18:01 - 2015-05-17 18:10 - 254770981 _____ C:\Users\User1\Downloads\▶ Yma Sumac - The Ultimate Collection (COMPLETO) - YouTube [720p].mp4
2015-05-17 17:55 - 2015-05-17 17:56 - 12822260 _____ C:\Users\User1\Downloads\Towa Tei - Luv Connection.mp4
2015-05-17 17:31 - 2015-05-17 17:32 - 47142785 _____ C:\Users\User1\Downloads\Cool Dub Music Dubnova (Part1_2) (TOWA TEI).mp4
2015-05-17 17:27 - 2015-05-17 17:27 - 05118359 _____ C:\Users\User1\Downloads\Towa Tei - La Douce Vie.mp4
2015-05-17 17:20 - 2015-05-17 17:20 - 13826164 _____ C:\Users\User1\Downloads\Towa Tei - Son of Bambi (Walk Tuff).mp4
2015-05-16 19:08 - 2015-05-16 19:08 - 00002934 _____ C:\Windows\System32\Tasks\{1B6F46F5-3106-4FEF-B82D-4ECF36E223D2}
2015-05-16 18:42 - 2015-05-16 19:13 - 00000000 ____D C:\Users\User1\AppData\Roaming\OBS
2015-05-16 18:40 - 2015-05-16 18:40 - 00000935 _____ C:\Users\User1\Desktop\Open Broadcaster Software.lnk
2015-05-16 18:40 - 2015-05-16 18:40 - 00000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-05-16 18:40 - 2015-05-16 18:40 - 00000000 ____D C:\Program Files\OBS
2015-05-16 18:39 - 2015-05-16 18:40 - 00000000 ____D C:\Program Files (x86)\OBS
2015-05-14 19:15 - 2015-06-05 10:51 - 00007112 _____ C:\Windows\setupact.log
2015-05-14 19:15 - 2015-05-14 19:15 - 00000000 _____ C:\Windows\setuperr.log
2015-05-13 09:18 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 09:18 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 09:18 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 09:18 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 09:18 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 09:18 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 09:18 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 09:18 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 09:18 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 09:18 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 09:18 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 09:18 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 09:18 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 09:18 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 09:18 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 09:18 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 09:18 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 09:18 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 09:18 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 09:18 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 09:18 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 09:18 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 09:18 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 09:18 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 09:18 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 09:18 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 09:18 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 09:18 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 09:18 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 09:18 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 09:18 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 09:18 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 09:18 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 09:18 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 09:18 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 09:18 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 09:18 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 09:18 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 09:18 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 09:18 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 09:18 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 09:18 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 09:18 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 09:18 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 09:18 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 09:18 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 09:18 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 09:18 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 09:18 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 09:18 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 09:18 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 09:18 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 09:18 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 09:18 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 09:18 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 09:18 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 09:18 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 09:18 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 09:18 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 09:18 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 09:00 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 09:00 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 09:00 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 09:00 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 08:55 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 08:55 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 08:55 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 08:55 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 08:55 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 08:55 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 08:55 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 08:55 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 08:55 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 08:55 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 08:55 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 08:55 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 08:55 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 08:55 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 08:55 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 08:55 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 08:55 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 08:55 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 08:55 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 08:55 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 08:55 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 08:55 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 08:55 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 08:55 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 08:55 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 08:55 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 08:55 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 08:55 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 08:55 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 08:55 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 08:55 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 08:55 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:55 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:55 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:54 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:54 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:54 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 08:54 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 08:54 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 08:54 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 08:54 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 08:53 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 08:53 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 08:51 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 08:51 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 08:08 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:08 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:07 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 08:07 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 08:07 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 08:07 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 08:07 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 08:07 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 08:07 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 23:50 - 2015-05-12 23:50 - 00001236 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2015-05-12 23:50 - 2015-05-12 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-05-12 23:39 - 2015-05-12 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-05-12 23:29 - 2015-05-13 21:43 - 00000000 ____D C:\Users\User1\Documents\MoviePlus X5
2015-05-12 23:28 - 2015-05-12 23:28 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif MoviePlus X5.lnk
2015-05-12 23:28 - 2015-05-12 23:28 - 00002134 _____ C:\Users\Public\Desktop\Serif MoviePlus X5.lnk
2015-05-12 22:53 - 2015-05-12 22:53 - 00000000 ____D C:\Users\User1\AppData\Local\Wondershare
2015-05-12 22:53 - 2015-05-12 22:53 - 00000000 ____D C:\ProgramData\Wondershare
2015-05-12 22:52 - 2015-05-12 22:52 - 00000000 ____D C:\ProgramData\Wondershare Video Editor
2015-05-12 22:51 - 2015-05-12 22:53 - 00000000 ____D C:\Users\User1\Documents\Wondershare Video Editor
2015-05-12 22:51 - 2015-02-27 11:33 - 02140712 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.004
2015-05-12 22:51 - 2015-02-27 11:33 - 00531496 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpeg2mux.ax
2015-05-12 22:51 - 2015-02-27 11:33 - 00375848 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcm2ve.ax
2015-05-12 22:51 - 2015-02-27 11:33 - 00257064 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcl2ae.ax
2015-05-12 22:51 - 2015-02-27 11:33 - 00244776 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgaout.dll
2015-05-12 22:51 - 2015-02-27 11:33 - 00020520 _____ (MainConcept GmbH) C:\Windows\SysWOW64\mcmpgvout.dll
2015-05-12 22:47 - 2015-05-12 22:51 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2015-05-12 22:37 - 2015-05-12 22:37 - 00000318 _____ C:\Users\User1\Desktop\Curse Client.appref-ms
2015-05-12 22:37 - 2015-05-12 22:37 - 00000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 13:21 - 2015-04-07 12:35 - 00000000 ____D C:\FRST
2015-06-05 13:16 - 2015-04-03 16:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 12:52 - 2013-09-02 11:21 - 00000000 ____D C:\Users\User1\AppData\Local\Deployment
2015-06-05 12:52 - 2013-08-31 15:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-05 12:33 - 2015-03-03 00:14 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-05 12:25 - 2009-07-14 01:13 - 00782290 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-05 10:59 - 2009-07-14 00:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-05 10:59 - 2009-07-14 00:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-05 10:54 - 2013-07-20 11:07 - 02042476 _____ C:\Windows\WindowsUpdate.log
2015-06-05 10:51 - 2015-03-03 00:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-05 10:51 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-05 10:36 - 2013-07-20 11:40 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{907F79C1-867B-4A3A-B570-D2426671F3C2}
2015-06-04 22:54 - 2014-04-15 13:47 - 00000000 ____D C:\Users\User1\AppData\Local\Battle.net
2015-06-04 15:08 - 2015-02-18 14:49 - 00003738 _____ C:\Users\User1\Desktop\key words.txt
2015-06-04 14:01 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-02 13:24 - 2014-04-15 13:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-02 11:12 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-01 15:04 - 2013-09-01 18:14 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-06-01 15:04 - 2013-07-27 10:32 - 00325376 _____ C:\Windows\PFRO.log
2015-05-31 14:57 - 2014-11-21 10:57 - 00000000 ____D C:\Users\User1\AppData\Local\DisplayFusion
2015-05-27 17:10 - 2015-04-10 19:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-24 14:13 - 2009-07-14 01:08 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-23 22:34 - 2013-09-02 12:50 - 00000000 ____D C:\ProgramData\Apple Computer
2015-05-23 14:14 - 2013-09-02 12:49 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-05-22 14:07 - 2015-03-26 10:37 - 00000000 ____D C:\Users\User1\AppData\Local\Windows Live
2015-05-21 07:54 - 2014-09-06 14:43 - 00000000 ____D C:\Users\User1\AppData\Local\Adobe
2015-05-21 07:53 - 2013-08-31 15:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 07:53 - 2013-08-31 15:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-21 07:53 - 2013-08-31 15:07 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-19 22:37 - 2015-04-04 07:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-19 22:37 - 2015-04-04 07:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 19:15 - 2013-09-02 12:52 - 00000000 ____D C:\Users\User1\AppData\Local\Apple Computer
2015-05-19 15:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Globalization
2015-05-14 22:28 - 2015-03-03 00:14 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-14 22:28 - 2015-03-03 00:14 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 21:11 - 2013-08-31 14:39 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-05-13 15:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-05-13 10:59 - 2013-09-14 02:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 10:59 - 2013-09-14 02:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 10:59 - 2009-07-14 00:45 - 00384160 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 10:56 - 2009-07-14 03:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 10:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 10:46 - 2013-08-31 15:12 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 10:40 - 2013-07-20 14:36 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 10:36 - 2013-09-14 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 23:29 - 2013-11-16 17:54 - 00000000 ____D C:\Users\User1\AppData\Local\Serif
2015-05-12 23:27 - 2013-11-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications
2015-05-12 23:27 - 2013-11-16 17:36 - 00000000 ____D C:\Program Files (x86)\Serif
2015-05-12 22:53 - 2013-07-20 11:51 - 00114112 _____ C:\Users\User1\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories =======

2014-10-17 07:58 - 2014-12-02 09:58 - 0000001 _____ () C:\Users\User1\AppData\Local\DSI.DAT
2014-09-29 15:01 - 2014-09-29 15:48 - 0007599 _____ () C:\Users\User1\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-04 11:22

==================== End of log ============================

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll try to help your with your issue.
 
     
    
Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 



 
FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please upload them into your next reply.

Link to post
Share on other sites

FRST.gif Fix with Farbar Recovery Scan Tool
 


icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 
 
 

adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait until the database is updated.
  • Accept the Terms of use and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.
 
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

fixlist.txt

Link to post
Share on other sites

Now I have added problems:

- Going from site to site the screen goes white(er) or light (?) with the web page I'm on fading.

- Cursor changes to a clock type icon and spins when I try to go from page to page while above happens.

- Takes longer for pages to load (lag?)

- Had to request password reset on one site so far (gocomics was the site). Did not request any other password resets yet but they are all asking for re-log in when visited.

Link to post
Share on other sites

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:
 

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.


A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:
 

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.
Link to post
Share on other sites

Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          6/6/2015 6:21:14 PM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      User1-PC
Description:


Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  292864 file records processed.                                         

File verification completed.
  1795 large file records processed.                                   

  0 bad file records processed.                                     

  0 EA records processed.                                           

  68 reparse records processed.                                      

CHKDSK is verifying indexes (stage 2 of 5)...
  352912 index entries processed.                                        

Index verification completed.
  0 unindexed files scanned.                                        

  0 unindexed files recovered.                                      

CHKDSK is verifying security descriptors (stage 3 of 5)...
  292864 file SDs/SIDs processed.                                        

Cleaning up 279 unused index entries from index $SII of file 0x9.
Cleaning up 279 unused index entries from index $SDH of file 0x9.
Cleaning up 279 unused security descriptors.
Security descriptor verification completed.
  30025 data files processed.                                           

CHKDSK is verifying Usn Journal...
  34805496 USN bytes processed.                                            

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  292848 files processed.                                                

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  199967973 free clusters processed.                                        

Free space verification is complete.
Windows has checked the file system and found no problems.

 976657407 KB total disk space.
 176256792 KB in 153576 files.
    103920 KB in 30026 indexes.
         0 KB in bad sectors.
    424803 KB in use by the system.
     65536 KB occupied by the log file.
 799871892 KB available on disk.

      4096 bytes in each allocation unit.
 244164351 total allocation units on disk.
 199967973 allocation units available on disk.

Internal Info:
00 78 04 00 3e cd 02 00 18 3e 05 00 00 00 00 00  .x..>....>......
93 07 00 00 44 00 00 00 00 00 00 00 00 00 00 00  ....D...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-06-06T22:21:14.000000000Z" />
    <EventRecordID>68307</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>User1-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  292864 file records processed.                                         

File verification completed.
  1795 large file records processed.                                   

  0 bad file records processed.                                     

  0 EA records processed.                                           

  68 reparse records processed.                                      

CHKDSK is verifying indexes (stage 2 of 5)...
  352912 index entries processed.                                        

Index verification completed.
  0 unindexed files scanned.                                        

  0 unindexed files recovered.                                      

CHKDSK is verifying security descriptors (stage 3 of 5)...
  292864 file SDs/SIDs processed.                                        

Cleaning up 279 unused index entries from index $SII of file 0x9.
Cleaning up 279 unused index entries from index $SDH of file 0x9.
Cleaning up 279 unused security descriptors.
Security descriptor verification completed.
  30025 data files processed.                                           

CHKDSK is verifying Usn Journal...
  34805496 USN bytes processed.                                            

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  292848 files processed.                                                

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  199967973 free clusters processed.                                        

Free space verification is complete.
Windows has checked the file system and found no problems.

 976657407 KB total disk space.
 176256792 KB in 153576 files.
    103920 KB in 30026 indexes.
         0 KB in bad sectors.
    424803 KB in use by the system.
     65536 KB occupied by the log file.
 799871892 KB available on disk.

      4096 bytes in each allocation unit.
 244164351 total allocation units on disk.
 199967973 allocation units available on disk.

Internal Info:
00 78 04 00 3e cd 02 00 18 3e 05 00 00 00 00 00  .x..>....>......
93 07 00 00 44 00 00 00 00 00 00 00 00 00 00 00  ....D...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>

Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

Link to post
Share on other sites

Thanks, I appreciate your support :)
 
 
Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifCCleaner - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to show your appreciation for the assistance you received, then you can consider a donation: 
btn_donateCC_LG.gif

 

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.