Jump to content

Infection


Voods

Recommended Posts

Hi there

 

I have been having multiple issues with my laptop.  Tried fixing with the various programs that are commonly used to no resolve.  My internet is really slow, takes 5 mins sometimes to download a file the size of 500kb.  Thats if it stays connected.  My connection breaks over 40 times a day.

 

 Malwarebytes only loads around 1 in 20 times, even using Chameleon doesn't work, when it did load, nothing was found, either in SuperantiSpyware either.  Out of desperation, I tried using aswmbr and combofix myself, but still to no avail.  

 I've had to borrow a computer to get online for a prolonged period of time.

 

 It's the only computer in the house that is having issues, it's also running slow.   I have also scanned with unhackme, sophos, stinger, gmer, rkill.  But still nothing found.  It's practicall like a zombie.  I had to uninstall Java, as I noticed 14 instances of javaws.exe, which was alarming. 

 Also, the system file csrss.exe has no file location or details about it, i'm sure i've noticed it pointing to system32 before.

 

 Any help would be most welcome.

 

Regards

Dave

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-12-2015

Ran by Davina-Divine (administrator) on DIVINE (03-12-2015 13:16:10)

Running from C:\Users\Davina-Divine\Downloads

Loaded Profiles: Davina-Divine (Available Profiles: Davina-Divine)

Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

() C:\Windows\System32\WLTRYSVC.EXE

(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(F-Secure Corporation) C:\Program Files\F-Secure\Freedome\Freedome\1\FreedomeService.exe

() C:\Program Files\Comodo\IceDragon\icedragon_updater.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe

() C:\Users\Davina-Divine\AppData\Roaming\Dashlane\Dashlane.exe

(Greatis Software) C:\Program Files\UnHackMe\hackmon.exe

() C:\Users\Davina-Divine\AppData\Roaming\Dashlane\DashlanePlugin.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

() C:\Users\Davina-Divine\AppData\Roaming\Dashlane\DashlanePlugin.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe

(Microsoft Corporation) C:\Windows\System32\prevhost.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [36713096 2015-11-04] (Dropbox, Inc.)

HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Run: [Dashlane] => C:\Users\Davina-Divine\AppData\Roaming\Dashlane\Dashlane.exe [227712 2015-10-28] ()

HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Run: [DashlanePlugin] => C:\Users\Davina-Divine\AppData\Roaming\Dashlane\DashlanePlugin.exe [285568 2015-10-28] ()

HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-19] (Piriform Ltd)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

BootExecute: autocheck autochk * PartizanPCloudBroom.exe \systemroot\system32\BroomData.bit

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{1C861901-1A62-4C31-A871-8A33AE4073AA}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip\..\Interfaces\{26B12864-EF32-48D9-8560-C4F1D327A274}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{DA754577-4946-4694-ACEF-8F0EF042C470}: [DhcpNameServer] 172.20.10.1

 

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-2091952882-4294398361-615148702-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-2091952882-4294398361-615148702-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-2091952882-4294398361-615148702-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-2091952882-4294398361-615148702-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Davina-Divine\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2015-10-28] (Dashlane)

 

FireFox:

========

FF ProfilePath: C:\Users\Davina-Divine\AppData\Roaming\Mozilla\Firefox\Profiles\hiuj3mky.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()

FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [No File]

FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [No File]

FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-09-07] ()

FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-09-07] ()

FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-09-07] ()

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2015-11-19] ()

FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2015-11-19] (Hola)

FF Plugin HKU\S-1-5-21-2091952882-4294398361-615148702-1000: @hola.org/FlashPlayer -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox\app\flash\NPSWF32_18_0_0_232.dll [2015-11-11] ()

FF Plugin HKU\S-1-5-21-2091952882-4294398361-615148702-1000: @hola.org/vlc -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [2015-11-11] (Hola)

FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-09-07] [not signed]

FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-09-07] [not signed]

FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-09-07] [not signed]

FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com

FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com

FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com

FF HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Firefox\Extensions: [jetpack-extension@dashlane.com] - C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\Extensions\JetPack_expanded\jetpack-extension@dashlane.com

FF Extension: Dashlane - C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\Extensions\JetPack_expanded\jetpack-extension@dashlane.com [2015-10-28] [not signed]

 

Chrome: 

=======

CHR Profile: C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-07]

CHR Extension: (Google Docs) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-07]

CHR Extension: (Google Drive) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]

CHR Extension: (YouTube) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]

CHR Extension: (Google Search) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]

CHR Extension: (Kaspersky Protection) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-09-07]

CHR Extension: (Session Buddy) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-09-18]

CHR Extension: (Dashlane) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2015-11-25]

CHR Extension: (Google Sheets) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-07]

CHR Extension: (Google Docs Offline) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]

CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-12-02]

CHR Extension: (Webproxy.net - Unblock any website) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpmikmnnnoacchojfpdgfdgpkfgajhim [2015-10-17]

CHR Extension: (Similar Sites) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2015-10-07]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]

CHR Extension: (Gmail) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-07]

CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh [2015-12-01]

CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)

R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-27] (Kaspersky Lab ZAO)

S2 BAsfIpM; C:\Windows\system32\basfipm.exe [77824 2004-04-01] (Broadcom Corp.) [File not signed]

S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-03-14] (Intel Corporation)

S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-07] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-07] (Dropbox, Inc.)

R2 Freedome Service; C:\Program Files\F-Secure\Freedome\Freedome\1\FreedomeService.exe [379432 2015-10-21] (F-Secure Corporation)

S3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)

R2 IceDragonUpdater; C:\Program Files\Comodo\IceDragon\icedragon_updater.exe [1972408 2015-10-05] ()

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [242928 2013-07-17] ()

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1253376 2007-03-16] (Dell Inc.) [File not signed]

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2525936 2013-07-17] (Intel® Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 Acceler; C:\Windows\System32\DRIVERS\accelern.sys [44144 2012-05-23] (ST Microelectronics)

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)

R3 BTWAMPFL; C:\Windows\system32\drivers\btwampfl.sys [302120 2015-09-06] (Broadcom Corporation.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-06-27] (Kaspersky Lab UK Ltd)

R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [368392 2013-02-20] (Intel Corporation)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-27] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-06-27] (Kaspersky Lab ZAO)

R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-06-27] (Kaspersky Lab ZAO)

R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44208 2015-06-27] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [692920 2015-10-06] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-06-27] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [36208 2015-06-27] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [35696 2015-06-27] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-06-27] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-27] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [72560 2015-06-27] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-10-06] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-12-03] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)

R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [48928 2013-01-23] (Intel Corporation)

R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn00.sys [10375680 2013-05-29] (Intel Corporation)

U0 Partizan; C:\Windows\System32\drivers\Partizan.sys [35816 2015-11-25] (Greatis Software)

S3 RegGuard; C:\Windows\system32\Drivers\regguard.sys [24416 2015-12-01] (Greatis Software)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17904 2011-07-15] (ST Microelectronics)

R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [30248 2015-10-21] (The OpenVPN Project)

S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]

S3 catchme; \??\C:\Users\DAVINA~1\AppData\Local\Temp\catchme.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-12-03 13:16 - 2015-12-03 13:16 - 00019515 _____ C:\Users\Davina-Divine\Downloads\FRST.txt

2015-12-03 13:15 - 2015-12-03 13:16 - 00000000 ____D C:\FRST

2015-12-03 13:14 - 2015-12-03 13:14 - 01721344 _____ (Farbar) C:\Users\Davina-Divine\Downloads\FRST.exe

2015-12-02 00:22 - 2015-12-02 00:22 - 00198491 _____ C:\ComboFix.txt

2015-12-01 20:59 - 2015-12-02 00:22 - 00000000 ____D C:\Qoobox

2015-12-01 20:59 - 2015-12-02 00:19 - 00000000 ____D C:\Windows\erdnt

2015-12-01 20:59 - 2011-06-26 06:45 - 00256000 _____ C:\Windows\PEV.exe

2015-12-01 20:59 - 2010-11-07 17:20 - 00208896 _____ C:\Windows\MBR.exe

2015-12-01 20:59 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2015-12-01 20:59 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2015-12-01 20:59 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2015-12-01 20:59 - 2000-08-31 00:00 - 00098816 _____ C:\Windows\sed.exe

2015-12-01 20:59 - 2000-08-31 00:00 - 00080412 _____ C:\Windows\grep.exe

2015-12-01 20:59 - 2000-08-31 00:00 - 00068096 _____ C:\Windows\zip.exe

2015-12-01 20:55 - 2015-12-01 20:57 - 05639299 ____R (Swearware) C:\Users\Davina-Divine\Downloads\ComboFix.exe

2015-12-01 19:57 - 2015-12-01 19:57 - 00013182 _____ C:\Users\Davina-Divine\Desktop\attach.txt

2015-12-01 19:57 - 2015-12-01 19:56 - 00020164 _____ C:\Users\Davina-Divine\Desktop\dds.txt

2015-12-01 19:54 - 2015-12-01 19:55 - 00688992 ____R (Swearware) C:\Users\Davina-Divine\Downloads\dds.com

2015-12-01 19:28 - 2015-12-01 19:28 - 00002933 _____ C:\Users\Davina-Divine\Desktop\aswMBR.txt

2015-12-01 19:28 - 2015-12-01 19:28 - 00000512 _____ C:\Users\Davina-Divine\Desktop\MBR.dat

2015-12-01 17:50 - 2015-12-01 17:50 - 00000558 _____ C:\Windows\system32\BroomData.bit

2015-12-01 17:14 - 2015-12-01 17:15 - 05200384 _____ (AVAST Software) C:\Users\Davina-Divine\Downloads\aswmbr.exe

2015-12-01 16:59 - 2015-12-01 17:00 - 00380416 _____ C:\Users\Davina-Divine\Downloads\dolmkye1.exe

2015-12-01 16:47 - 2015-12-01 16:47 - 00001240 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk

2015-12-01 16:46 - 2015-12-01 16:46 - 00001266 _____ C:\Users\Public\Desktop\herdProtect.lnk

2015-12-01 16:45 - 2015-12-01 16:45 - 00001227 _____ C:\Users\Davina-Divine\Desktop\Should I Remove It.lnk

2015-12-01 16:45 - 2015-12-01 16:45 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin

2015-12-01 16:45 - 2015-12-01 16:45 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It

2015-12-01 00:16 - 2015-12-01 00:17 - 01125626 _____ C:\Users\Davina-Divine\Downloads\ProcessExplorer.zip

2015-12-01 00:02 - 2015-12-01 00:02 - 00086076 _____ C:\TDSSKiller.2.6.20.0_01.12.2015_00.02.04_log.txt

2015-11-29 18:39 - 2015-11-29 18:44 - 568565930 _____ C:\Users\Davina-Divine\Downloads\Slender - The Arrival (Www.ApunKaGames.Net).zip

2015-11-29 17:24 - 2015-11-29 17:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\37CE5554.sys

2015-11-28 17:30 - 2015-11-28 17:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\51860BDA.sys

2015-11-28 17:19 - 2015-11-28 17:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\068903AA.sys

2015-11-28 14:13 - 2015-12-01 00:01 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\CrashDumps

2015-11-26 11:12 - 2015-11-26 11:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-11-26 11:08 - 2015-11-26 11:32 - 00000000 ____D C:\Users\Davina-Divine\Desktop\mbar

2015-11-26 11:08 - 2015-11-26 11:08 - 00001535 _____ C:\Users\Davina-Divine\Desktop\JRT1.txt

2015-11-26 11:04 - 2015-11-26 11:04 - 00002474 _____ C:\Users\Davina-Divine\Desktop\Rkill1.txt

2015-11-26 11:02 - 2015-11-30 23:58 - 00002250 _____ C:\Users\Davina-Divine\Desktop\Rkill.txt

2015-11-26 10:43 - 2015-11-26 10:44 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Davina-Divine\Downloads\rkill.exe

2015-11-26 10:43 - 2015-11-26 10:44 - 01599336 _____ (Malwarebytes) C:\Users\Davina-Divine\Downloads\JRT.exe

2015-11-26 10:41 - 2015-11-26 10:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Davina-Divine\Downloads\mbar-1.09.3.1001.exe

2015-11-26 09:59 - 2015-11-26 10:03 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Dashlane

2015-11-26 09:59 - 2015-11-26 09:59 - 00513832 _____ (Dashlane inc.) C:\Users\Davina-Divine\Downloads\Dashlane_Launcher_bchrome-1441010438.exe

2015-11-26 09:49 - 2015-11-26 09:49 - 00038064 _____ C:\Users\Davina-Divine\Desktop\zoek-results.txt

2015-11-26 09:27 - 2015-11-26 00:41 - 00024064 _____ C:\Windows\zoek-delete.exe

2015-11-26 00:11 - 2015-11-26 00:11 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\OpenOffice

2015-11-25 23:30 - 2015-11-25 23:30 - 00262144 _____ C:\Windows\system32\config\elam

2015-11-25 22:54 - 2015-12-03 13:16 - 00000000 ____D C:\ProgramData\RegRun

2015-11-25 22:49 - 2015-11-25 22:50 - 00000000 ____D C:\Users\Davina-Divine\Desktop\RK_Quarantine

2015-11-25 22:33 - 2015-12-02 12:18 - 00000264 _____ C:\Windows\system32\PARTIZAN.TXT

2015-11-25 22:30 - 2015-11-25 22:30 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe

2015-11-25 22:25 - 2015-12-01 00:11 - 00024416 _____ (Greatis Software) C:\Windows\system32\Drivers\regguard.sys

2015-11-25 22:11 - 2015-11-25 22:11 - 00504554 _____ C:\Users\Davina-Divine\Desktop\regrunlog.txt

2015-11-25 21:45 - 2015-11-25 21:45 - 00003090 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-11-25 21:40 - 2015-11-25 21:40 - 00184620 _____ C:\Users\Davina-Divine\Downloads\JavaRa-2.6.1.zip

2015-11-25 21:35 - 2015-11-25 21:35 - 00000000 ____D C:\Windows\system32\appmgmt

2015-11-25 21:03 - 2015-11-25 23:26 - 00000000 ____D C:\zoek_backup

2015-11-25 17:56 - 2015-11-25 17:56 - 00002747 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk

2015-11-25 17:56 - 2015-11-25 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

2015-11-25 17:43 - 2015-11-25 17:50 - 139457000 _____ (Sophos Limited) C:\Users\Davina-Divine\Downloads\Sophos Virus Removal Tool.exe

2015-11-25 17:42 - 2015-11-25 17:56 - 00000000 ____D C:\Program Files\Sophos

2015-11-25 17:42 - 2015-11-25 17:55 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2015-11-25 17:42 - 2015-11-25 17:42 - 00000000 ____D C:\ProgramData\Sophos

2015-11-25 17:38 - 2015-11-25 17:38 - 00000130 ___RH C:\Users\Davina-Divine\Downloads\Stinger.opt

2015-11-25 17:10 - 2015-11-25 17:15 - 00000821 _____ C:\Users\Davina-Divine\Downloads\Stinger_25112015_171009.html

2015-11-25 17:10 - 2015-11-25 17:10 - 00000000 ____D C:\Program Files\McAfee

2015-11-25 17:07 - 2015-11-25 17:08 - 15624560 _____ (McAfee Inc) C:\Users\Davina-Divine\Downloads\stinger32.exe

2015-11-25 16:15 - 2015-11-25 16:16 - 30625033 _____ C:\Users\Davina-Divine\Desktop\regrunck_result.txt

2015-11-25 15:55 - 2015-12-01 00:10 - 00000000 ____D C:\Users\Public\Documents\regruninfo

2015-11-25 15:55 - 2015-12-01 00:04 - 00000000 ____D C:\Users\Davina-Divine\Documents\RegRun2

2015-11-25 15:55 - 2015-11-25 15:55 - 00035816 _____ (Greatis Software) C:\Windows\system32\Drivers\Partizan.sys

2015-11-25 15:55 - 2015-11-25 15:55 - 00000913 _____ C:\Users\Davina-Divine\Desktop\UnHackMe.lnk

2015-11-25 15:55 - 2015-11-25 15:55 - 00000002 RSHOT C:\Windows\winstart.bat

2015-11-25 15:55 - 2015-11-25 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe

2015-11-25 15:55 - 2013-09-05 10:19 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\system32\Drivers\UnHackMeDrv.sys

2015-11-25 15:54 - 2015-12-01 00:03 - 00000000 ____D C:\Program Files\UnHackMe

2015-11-25 02:45 - 2015-12-01 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect

2015-11-25 02:45 - 2015-12-01 16:45 - 00000000 ____D C:\Program Files\Reason

2015-11-25 01:21 - 2015-11-25 01:21 - 00030454 _____ C:\Users\Davina-Divine\Downloads\DashlaneExport.xls

2015-11-25 01:08 - 2015-12-01 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security

2015-11-25 01:08 - 2015-11-25 01:08 - 00000000 ____D C:\Program Files\Panda Security

2015-11-25 00:56 - 2015-12-01 00:01 - 00000000 ____D C:\AdwCleaner

2015-11-25 00:52 - 2015-11-25 15:36 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Exploit

2015-11-25 00:52 - 2015-11-25 03:52 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2015-11-25 00:44 - 2015-11-30 23:54 - 00001070 _____ C:\Users\Davina-Divine\Desktop\JRT.txt

2015-11-25 00:34 - 2015-11-25 00:34 - 00085176 _____ C:\TDSSKiller.2.6.20.0_25.11.2015_00.34.06_log.txt

2015-11-22 13:58 - 2015-11-22 14:25 - 120133206 _____ C:\Users\Davina-Divine\Downloads\480P_200k_28498621.mp4

2015-11-15 11:11 - 2015-11-15 11:11 - 00000388 _____ C:\Users\Davina-Divine\Documents\cc_20151115_111119.reg

2015-11-12 18:36 - 2015-12-03 12:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-11-12 14:24 - 2015-11-03 17:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-11-12 01:18 - 2015-11-12 01:18 - 00000011 _____ C:\Users\Davina-Divine\Documents\skype.txt

2015-11-11 23:06 - 2015-11-25 21:38 - 00000000 ____D C:\Program Files\Mozilla Firefox

2015-11-11 21:55 - 2015-11-25 15:36 - 00000000 ____D C:\Program Files\Common Files\Java

2015-11-11 21:52 - 2015-11-11 21:54 - 05617377 _____ C:\Users\Davina-Divine\Downloads\classtab.zip

2015-11-11 21:50 - 2015-11-11 21:50 - 00584288 _____ (Oracle Corporation) C:\Users\Davina-Divine\Downloads\jxpiinstall.exe

2015-11-11 21:40 - 2014-10-06 08:36 - 00287478 ____N C:\Users\Davina-Divine\Desktop\jszip.js

2015-11-11 21:40 - 2014-10-06 08:36 - 00007747 ____N C:\Users\Davina-Divine\Desktop\FileSaver.js

2015-11-11 21:39 - 2015-11-11 21:39 - 00075942 _____ C:\Users\Davina-Divine\Downloads\instatake-master.zip

2015-11-11 19:57 - 2015-11-11 19:58 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\iWesoft

2015-11-11 19:57 - 2015-11-11 19:57 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Instagram Downloader

2015-11-11 19:57 - 2015-11-11 19:57 - 00000000 ____D C:\Program Files\Instagram Downloader

2015-11-11 19:53 - 2015-11-11 19:54 - 03998208 _____ (iWesoft) C:\Users\Davina-Divine\Downloads\InstagramDownloader_setup.exe

2015-11-11 19:34 - 2015-11-03 21:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-11-11 19:34 - 2015-10-30 22:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-11-11 19:34 - 2015-10-30 22:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-11-11 19:34 - 2015-10-30 22:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-11-11 19:34 - 2015-10-30 22:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-11-11 19:34 - 2015-10-30 22:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-11-11 19:34 - 2015-10-30 22:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-11-11 19:34 - 2015-10-30 22:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-11-11 19:34 - 2015-10-30 22:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-11-11 19:34 - 2015-10-30 22:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-11-11 19:34 - 2015-10-30 22:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-11-11 19:34 - 2015-10-30 22:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-11-11 19:34 - 2015-10-30 22:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-11-11 19:34 - 2015-10-30 22:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-11-11 19:34 - 2015-10-30 22:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-11-11 19:34 - 2015-10-30 22:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-11-11 19:34 - 2015-10-30 22:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-11-11 19:34 - 2015-10-30 22:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-11-11 19:34 - 2015-10-30 22:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-11-11 19:34 - 2015-10-30 22:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-11-11 19:34 - 2015-10-30 22:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-11-11 19:34 - 2015-10-30 22:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-11-11 19:34 - 2015-10-30 22:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-11-11 19:34 - 2015-10-30 22:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2015-11-11 19:34 - 2015-10-30 22:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-11-11 19:34 - 2015-10-30 22:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-11-11 19:34 - 2015-10-30 22:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-11-11 19:34 - 2015-10-30 22:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-11-11 19:34 - 2015-10-30 22:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-11-11 19:34 - 2015-10-30 22:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-11-11 19:34 - 2015-10-30 22:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-11-11 19:34 - 2015-10-30 21:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-11-11 19:34 - 2015-10-30 21:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-11-11 19:34 - 2015-10-30 21:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-11-11 19:34 - 2015-10-20 00:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2015-11-11 19:34 - 2015-10-20 00:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-11-11 19:34 - 2015-10-20 00:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-11-11 19:34 - 2015-10-20 00:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-11-11 19:34 - 2015-10-20 00:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-11-11 19:34 - 2015-10-20 00:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-11-11 19:34 - 2015-10-20 00:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-11-11 19:34 - 2015-10-20 00:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-11-11 19:34 - 2015-10-20 00:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-11-11 19:34 - 2015-10-20 00:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-11-11 19:34 - 2015-10-20 00:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-11-11 19:34 - 2015-10-20 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-11-11 19:34 - 2015-10-20 00:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-11-11 19:34 - 2015-10-20 00:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-11-11 19:34 - 2015-10-19 23:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-11-11 19:34 - 2015-10-19 23:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-11-11 19:34 - 2015-10-19 23:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-11-11 19:34 - 2015-10-13 16:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2015-11-11 19:34 - 2015-10-13 16:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2015-11-11 19:34 - 2015-10-13 04:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2015-11-11 19:31 - 2015-09-23 13:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2015-11-11 19:31 - 2015-09-23 13:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll

2015-11-11 19:30 - 2015-10-20 17:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-11-11 19:30 - 2015-10-20 17:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-11-11 19:30 - 2015-10-20 17:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-11-11 19:30 - 2015-10-20 17:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-11-11 19:30 - 2015-10-20 17:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-11-11 19:30 - 2015-10-20 17:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-11-11 19:30 - 2015-10-20 17:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-11-11 19:30 - 2015-10-20 17:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-11-11 19:30 - 2015-10-20 17:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-11-11 19:30 - 2015-10-20 17:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-11-11 19:30 - 2015-10-20 17:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-11-11 19:30 - 2015-10-01 17:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll

2015-11-11 19:30 - 2015-10-01 17:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll

2015-11-10 17:00 - 2015-11-10 17:01 - 07368965 _____ C:\Users\Davina-Divine\Downloads\TL-WN722N_V1_140918.zip

2015-11-10 09:42 - 2015-11-10 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-11-06 00:58 - 2015-11-06 00:58 - 04619566 _____ C:\Users\Davina-Divine\Documents\vmbjqhyc.flv

2015-11-06 00:54 - 2015-11-06 00:56 - 09055670 _____ C:\Users\Davina-Divine\Documents\raddakgq.flv

2015-11-04 16:51 - 2015-11-04 16:52 - 05650915 _____ C:\Users\Davina-Divine\Downloads\Movie.wmv

2015-11-04 02:28 - 2015-11-14 13:02 - 00000000 ____D C:\Users\Davina-Divine\Documents\classtab

2015-11-03 01:39 - 2015-11-03 01:58 - 60728165 _____ C:\Users\Davina-Divine\Downloads\480P_600K_59658781.mp4

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-12-03 13:16 - 2009-07-14 02:37 - 00000000 ____D C:\Windows

2015-12-03 13:06 - 2015-09-07 12:47 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-12-03 12:58 - 2015-09-07 12:53 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job

2015-12-03 12:46 - 2015-09-07 12:29 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2015-12-03 12:41 - 2015-09-07 12:47 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-12-03 01:13 - 2015-09-06 22:03 - 00000000 ___HD C:\Windows\system32\WLANProfiles

2015-12-03 00:32 - 2015-10-03 14:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-12-02 13:58 - 2015-09-07 12:53 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job

2015-12-02 13:20 - 2015-09-08 14:43 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\MPC-HC

2015-12-02 12:26 - 2009-07-14 04:34 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-12-02 12:26 - 2009-07-14 04:34 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-12-02 12:24 - 2010-11-20 21:01 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI

2015-12-02 12:24 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf

2015-12-02 12:20 - 2015-09-30 13:30 - 00000000 ___RD C:\Users\Davina-Divine\Dropbox

2015-12-02 12:20 - 2015-09-07 12:52 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\Dropbox

2015-12-02 12:18 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-12-02 00:16 - 2009-07-14 02:04 - 00000215 _____ C:\Windows\system.ini

2015-12-01 21:04 - 2015-09-07 22:58 - 00000000 ____D C:\ProgramData\TEMP

2015-12-01 16:47 - 2015-09-08 13:10 - 00000000 ____D C:\Users\Davina-Divine\Downloads\clean

2015-11-28 14:16 - 2015-09-07 22:55 - 00000000 ____D C:\Program Files\System Ninja

2015-11-28 10:26 - 2015-09-14 01:55 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\vlc

2015-11-26 11:08 - 2015-09-07 13:01 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-11-26 10:03 - 2015-09-07 12:36 - 00001731 _____ C:\Users\Davina-Divine\Desktop\Dashlane.lnk

2015-11-26 10:03 - 2015-09-07 12:36 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane

2015-11-25 23:10 - 2009-07-14 02:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy

2015-11-25 21:41 - 2014-04-20 11:57 - 00000000 ____D C:\Users\Davina-Divine\Desktop\JavaRa-2.6

2015-11-25 21:38 - 2015-09-07 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2015-11-25 21:36 - 2015-09-07 12:48 - 00000000 ____D C:\Program Files\Java

2015-11-25 15:55 - 2009-07-14 02:04 - 00002577 _____ C:\Windows\system32\config.nt

2015-11-25 15:55 - 2009-07-14 02:04 - 00001688 _____ C:\Windows\system32\autoexec.nt

2015-11-25 15:38 - 2015-09-05 20:36 - 00000000 ____D C:\Users\Davina-Divine

2015-11-25 15:37 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\AppCompat

2015-11-25 15:36 - 2015-09-09 16:59 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Comodo

2015-11-25 15:36 - 2015-09-09 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2015-11-25 15:36 - 2015-09-09 16:59 - 00000000 ____D C:\Program Files\Comodo

2015-11-25 15:36 - 2015-09-07 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-11-25 15:36 - 2015-09-07 13:01 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware

2015-11-25 15:36 - 2015-09-07 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-11-25 15:36 - 2015-09-07 12:48 - 00000000 ____D C:\ProgramData\Oracle

2015-11-25 15:36 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\registration

2015-11-25 15:35 - 2015-09-07 13:01 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-11-25 01:06 - 2015-09-07 12:49 - 00000000 ____D C:\Users\Davina-Divine\.oracle_jre_usage

2015-11-24 13:30 - 2015-10-25 15:53 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Hola

2015-11-23 11:15 - 2015-09-07 13:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2015-11-13 03:57 - 2009-07-14 04:33 - 00284336 _____ C:\Windows\system32\FNTCACHE.DAT

2015-11-12 18:36 - 2015-10-07 15:11 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2015-11-12 18:36 - 2015-10-07 15:11 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2015-11-12 04:04 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\rescache

2015-11-12 03:25 - 2010-11-21 00:47 - 00000000 ____D C:\Program Files\Windows Journal

2015-11-11 21:54 - 2015-09-07 12:49 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2015-11-11 18:56 - 2015-09-07 12:47 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-11-11 18:54 - 2015-09-07 22:58 - 00000000 ____D C:\Program Files\SpywareBlaster

2015-11-10 17:07 - 2015-09-06 14:52 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\ElevatedDiagnostics

2015-11-10 09:42 - 2015-09-07 12:52 - 00000000 ____D C:\Program Files\Dropbox

2015-11-07 17:45 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF

 

Some files in TEMP:

====================

C:\Users\Davina-Divine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxpi68i.dll

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-12-01 18:58

 

==================== End of FRST.txt ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-12-2015

Ran by Davina-Divine (2015-12-03 13:17:01)

Running from C:\Users\Davina-Divine\Downloads

Microsoft Windows 7 Professional  Service Pack 1 (X86) (2015-09-05 20:36:40)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2091952882-4294398361-615148702-500 - Administrator - Disabled)

Davina-Divine (S-1-5-21-2091952882-4294398361-615148702-1000 - Administrator - Enabled) => C:\Users\Davina-Divine

Guest (S-1-5-21-2091952882-4294398361-615148702-501 - Limited - Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}

AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )

AccelerometerP11 (HKLM\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.34 - STMicroelectronics)

Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)

Apple Application Support (32-bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.0.2.0 - Auslogics Labs Pty Ltd)

AvaCam v3.6.3 (HKLM\...\AvaCam_is1) (Version:  - RGS-Avance software)

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom Advanced Control Suite 2 (HKLM\...\InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}) (Version: 7.73.01 - Broadcom)

Broadcom Advanced Control Suite 2 (Version: 7.73.01 - Broadcom) Hidden

Broadcom ASF Management Applications (HKLM\...\InstallShield_{25D24E84-64A9-40D2-85CF-540B1C4A6D52}) (Version: 5.09.01 - Broadcom)

Broadcom ASF Management Applications (Version: 5.09.01 - Broadcom) Hidden

Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)

Broadcom Gigabit Integrated Controller (HKLM\...\{7E369B27-13E2-41A5-9879-358EE1C8B5AD}) (Version: 9.02.06 - Broadcom Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)

CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)

Comodo IceDragon (HKLM\...\Comodo IceDragon) (Version: 40.1.1.18 - COMODO)

CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)

Dashlane (HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Dashlane) (Version: 3.5.2.94798 - Dashlane SAS)

Dell Custom Help (Version: 16.01.1000.0235 - Intel Corporation) Hidden

Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)

Dell System Detect (HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\73f463568823ebbe) (Version: 6.6.0.1 - Dell)

Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.)

Dropbox (HKLM\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)

Dropbox Update Helper (Version: 1.3.27.35 - Dropbox, Inc.) Hidden

Freedome (HKLM\...\F-Secure Freedome) (Version: 1.0.1958.0 - F-Secure Corporation)

Google Chrome (HKLM\...\{B903EB60-537C-3462-836A-514220BAD8F3}) (Version: 66.101.32853 - Google, Inc.)

Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden

herdProtect Anti-Malware Scanner (HKLM\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)

Instagram Downloader (HKLM\...\{9DFA525A-6D12-444B-8F5A-63E2947FFC5D}) (Version: 2.3.0.0 - iWesoft)

Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation)

Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)

Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

iTunes (HKLM\...\{025E78AC-BD91-4E9E-B165-3C09D4084BA4}) (Version: 12.2.2.25 - Apple Inc.)

Kaspersky Internet Security (HKLM\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)

Kaspersky Internet Security (Version: 15.0.2.396 - Kaspersky Lab) Hidden

K-Lite Codec Pack 11.4.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.4.0 - )

Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Mouse Suite for Laptop Computers (HKLM\...\{BF13AA9D-E4CE-4015-9778-ECC1D4FB06E4}) (Version: 2.50.024 - Dell)

Mozilla Firefox 42.0 (x86 en-US) (HKLM\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)

OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)

Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.98 - Panda Security)

Pidgin (HKLM\...\Pidgin) (Version: 2.10.11 - )

PornHub Video Downloader 3.32 (HKLM\...\PornHub Video Downloader_is1) (Version:  - DownloadToolz, Inc.)

Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Should I Remove It (HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)

Should I Remove It (Version: 1.0.4 - Reason Software Company Inc.) Hidden

Skype™ 7.11 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)

Spotify (HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)

SpywareBlaster 5.2 (HKLM\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)

SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Ninja version 3.1 (HKLM\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.1 - SingularLabs)

Texas Instruments PCIxx21/x515 drivers. (HKLM\...\InstallShield_{52503B4E-149A-4731-A6FF-495067EABFDC}) (Version: 1.01.0001 - Texas Instruments Inc.)

TI_Inst (Version: 1.01.0001 - Texas Instruments Inc.) Hidden

UnHackMe 5.99 release (HKLM\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)

VC_CRT_x86 (Version: 1.02.0000 - Intel Corporation) Hidden

VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)

WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8900 - Broadcom Corporation)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-2091952882-4294398361-615148702-1000_Classes\CLSID\{cb4c77f0-ab2a-407c-93ac-963769824b18}\localserver32 -> C:\Users\DAVINA~1\AppData\Local\Temp\{b3ede298-ae75-4a1c-ab7e-1b9229b77bbe}\IDriver.NonElevated.exe  (the data entry has 10 more characters).

 

==================== Restore Points =========================

 

25-11-2015 17:41:41 Installed Sophos Virus Removal Tool.

25-11-2015 17:53:08 Revo Uninstaller's restore point - Sophos Virus Removal Tool

25-11-2015 17:56:32 Installed Sophos Virus Removal Tool.

25-11-2015 20:55:15 Windows Update

25-11-2015 21:08:45 Revo Uninstaller's restore point - Java 8 Update 65

25-11-2015 21:09:33 Removed Java 8 Update 65

25-11-2015 22:24:42 RegRun Virus Scan

25-11-2015 22:29:02 RegRun Virus Scan

25-11-2015 22:52:10 zoek.exe restore point

26-11-2015 11:04:33 JRT Pre-Junkware Removal

30-11-2015 23:49:14 JRT Pre-Junkware Removal

01-12-2015 00:10:42 RegRun Virus Scan

01-12-2015 16:08:17 Windows Update

01-12-2015 16:44:56 Installed Should I Remove It

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 02:04 - 2015-12-02 00:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

 

127.0.0.1       localhost

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {123D5F91-6A76-4D65-950C-24341AF7E3AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)

Task: {238E09A4-9AE1-484C-919B-1E95FA30B03F} - System32\Tasks\{9E84CD96-E116-4AD7-B947-8C1558524361} => C:\Program Files\Skype\Phone\Skype.exe [2015-09-17] (Skype Technologies S.A.)

Task: {34E942A1-6096-42CB-A0F1-4B0ADD47B21F} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files\UnHackMe\hackmon.exe [2013-09-05] (Greatis Software)

Task: {360E4BF5-6730-499C-BA06-97FA2DB3D668} - System32\Tasks\{837B0283-DA49-42FD-AD31-0F4C551FEAA1} => pcalua.exe -a "C:\Users\Davina-Divine\Downloads\Driver stuff\R257684\Setup.exe" -d "C:\Users\Davina-Divine\Downloads\Driver stuff\R257684"

Task: {44A009F9-6305-405C-8155-795D75F53F3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)

Task: {5DB47763-2083-49D4-8159-28CD3A7EC16E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-09-07] (Dropbox, Inc.)

Task: {7593C972-EB36-4E5A-8A11-802AD57538B6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {78D377AF-6D02-4453-820E-79758E9187B4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-09-07] (Dropbox, Inc.)

Task: {ADD8DF85-71D4-4925-A602-34574D9B7A36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)

Task: {BA213375-3B46-4F29-A34F-12DF5A900AB1} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] ()

Task: {C5D46E67-4B12-4C41-BA06-0AEC09FAD9F1} - System32\Tasks\{AF7F0362-7FF7-4050-B291-3732D626DB1E} => pcalua.exe -a "C:\Users\Davina-Divine\Downloads\Driver stuff\R87462\setup.exe" -d "C:\Users\Davina-Divine\Downloads\Driver stuff\R87462"

Task: {DA3EE255-EACE-47E9-A234-584B4CC23559} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)

Task: {DD03964B-14C5-4E20-942D-BC2FAFDE000B} - System32\Tasks\{0DE96EDA-5A0A-40F2-A540-7524D3863FC6} => pcalua.exe -a C:\dell\drivers\R129472\BtSwSP2.exe -d C:\dell\drivers\R129472

Task: {F8B2E1DE-7A22-4D3C-B29F-7446D14ED010} - System32\Tasks\{37F0C711-6718-4F4A-BA17-D6C01CD4A8C6} => C:\Program Files\Skype\Phone\Skype.exe [2015-09-17] (Skype Technologies S.A.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

==================== Loaded Modules (Whitelisted) ==============

 

2015-09-06 14:33 - 2007-03-16 17:10 - 00020480 _____ () C:\Windows\System32\WLTRYSVC.EXE

2015-09-06 14:33 - 2007-03-16 17:10 - 00757760 _____ () C:\Windows\System32\bcm1xsup.dll

2015-09-07 12:51 - 2013-10-23 14:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll

2015-05-15 15:27 - 2015-05-15 15:27 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-05-15 15:27 - 2015-05-15 15:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-10-05 14:17 - 2015-10-05 14:17 - 01972408 _____ () C:\Program Files\Comodo\IceDragon\icedragon_updater.exe

2015-12-02 12:19 - 2015-12-02 12:19 - 00071168 _____ () c:\Users\Davina-Divine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxpi68i.dll

2015-09-07 12:54 - 2015-09-03 00:11 - 00012800 _____ () C:\Program Files\Dropbox\Client\QtQuick.2\qtquick2plugin.dll

2015-09-07 12:54 - 2015-09-03 00:11 - 00779776 _____ () C:\Program Files\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll

2015-09-07 12:54 - 2015-09-03 00:11 - 00056320 _____ () C:\Program Files\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll

2015-09-07 12:54 - 2015-09-03 00:11 - 00012288 _____ () C:\Program Files\Dropbox\Client\QtQuick\Window.2\windowplugin.dll

2015-11-26 10:03 - 2015-10-28 10:08 - 00227712 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\Dashlane.exe

2015-11-26 10:02 - 2015-10-28 10:02 - 00339328 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 00422784 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 00443264 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 31263616 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 00276352 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 05762944 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 06811008 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.3.5.2.94798.dll

2015-11-26 10:03 - 2015-10-28 10:08 - 00285568 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\DashlanePlugin.exe

2015-11-26 10:02 - 2015-10-28 10:02 - 13234048 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 02073472 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.3.5.2.94798.dll

2015-11-26 10:02 - 2015-10-28 10:02 - 00338304 _____ () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.3.5.2.94798.dll

2015-11-11 18:55 - 2015-11-07 04:36 - 01532744 _____ () C:\Program Files\Google\Chrome\Application\46.0.2490.86\libglesv2.dll

2015-11-11 18:55 - 2015-11-07 04:36 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\46.0.2490.86\libegl.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

 

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\hola.org -> hxxp://hola.org

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2091952882-4294398361-615148702-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 172.20.10.1 - 194.168.4.100

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup

MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

MSCONFIG\startupreg: FreedomeAutoStart => "C:\Program Files\F-Secure\Freedome\Freedome\1\Freedome.exe" -m

MSCONFIG\startupreg: FreeFallProtection => C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe

MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe

MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe

MSCONFIG\startupreg: PMX Daemon => ICO.EXE

MSCONFIG\startupreg: RealProtect => "C:\Program Files\McAfee\Real Protect\RealProtect.exe" --run

MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Spotify => "C:\Users\Davina-Divine\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Davina-Divine\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [{63CE89A9-D1E0-4CCE-AD22-CF46E2A959BC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{7F0BC400-995A-4162-B971-8CCDE9D25647}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{D40D8763-E89C-48B5-8F8D-7490167D36E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{336868B4-63DA-43BE-8CD8-D73D5F29CF0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{7C9CEA5A-4A94-4E0D-B00D-510CA2357682}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{2A849A30-DEE1-4BC0-9E9A-2C72E7AE1324}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{9C89442A-0814-46A4-8A23-EC49CF80584C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

FirewallRules: [{6660BA3E-C6CA-44E3-8881-A9F261113F1F}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe

FirewallRules: [{437AB6EB-CF44-4099-A7FC-80E581CE764A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

FirewallRules: [{561BCB4A-4145-41CA-A2C1-9B0333D1AD61}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{C66E8C1A-CA72-4960-9015-CD61015EC475}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Mass Storage Controller

Description: Mass Storage Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: SM Bus Controller

Description: SM Bus Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: Broadcom USH

Description: Broadcom USH

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/02/2015 10:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 11876029

 

Error: (12/02/2015 10:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 11876029

 

Error: (12/02/2015 10:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/02/2015 10:09:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 11868431

 

Error: (12/02/2015 10:09:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 11868431

 

Error: (12/02/2015 10:09:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/02/2015 10:09:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 11867199

 

Error: (12/02/2015 10:09:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 11867199

 

Error: (12/02/2015 10:09:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/02/2015 10:09:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 11866169

 

 

System errors:

=============

Error: (12/02/2015 00:18:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

 

Module Path: C:\Windows\system32\athExt.dll

Error Code: 126

 

Error: (12/02/2015 00:15:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

 

Module Path: C:\Windows\system32\athExt.dll

Error Code: 126

 

Error: (12/02/2015 00:15:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Dell Wireless WLAN Tray Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (12/01/2015 09:16:38 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 21:15:20 on ‎01/‎12/‎2015 was unexpected.

 

Error: (12/01/2015 09:03:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (12/01/2015 09:00:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (12/01/2015 09:00:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Dell Wireless WLAN Tray Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (12/01/2015 05:51:37 PM) (Source: SCardSvr) (EventID: 610) (User: )

Description: The handle is invalid.Broadcom Corp Contacted SmartCard 0GET_STATEXX XX XX XX

 

Error: (12/01/2015 00:09:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

 

Module Path: C:\Windows\system32\athExt.dll

Error Code: 126

 

Error: (11/30/2015 11:55:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Dell Wireless WLAN Tray Service service terminated unexpectedly.  It has done this 1 time(s).

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i5-2520M CPU @ 2.50GHz

Percentage of memory in use: 66%

Total physical RAM: 3240.9 MB

Available physical RAM: 1098.66 MB

Total Virtual: 6480.11 MB

Available Virtual: 3525.19 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:286.75 GB) (Free:179.13 GB) NTFS

Drive e: (RECOVERY) (Fixed) (Total:11.3 GB) (Free:5.99 GB) NTFS ==>[system with boot components (obtained from drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DAB7380D)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=11.3 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=286.8 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

Link to post
Share on other sites

51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:

    createsrpoint;autoclean;emptyclsid;emptyalltemp;ipconfig /flushdns >>"%temp%\log.txt";b
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Upload it in your next reply.
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.