View Full Version : Problem with Silverlight update
Suemarie
2014-07-30, 06:39
Hello Suemarie,
To request assistance in the malware removal forum please see the FAQ which includes guidelines in post #1 and instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.
Previous topic: http://forums.spybot.info/showthread...-message/page5
I reposted the instructions here. The next post will be results requested.
Regarding the Farbar Log please note:
Do not check
*List BCD
*Drivers MD5
*Shortcut txt
Or your logs will be too long to post.
http://forums.spybot.info/showthread.php?t=288
Once you have the logs please copy paste them into a new topic so a volunteer analyst may advise when available. You can provide a link to this thread.
Best regards.
Suemarie
2014-07-30, 06:40
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by SueB (administrator) on SUEB-PC on 30-07-2014 00:33:12
Running from C:\Users\SueB\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\GManager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(24im LLC) C:\Program Files (x86)\24im\24im Messenger\IMC.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3890881620-3642371930-2457045338-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-3890881620-3642371930-2457045338-1001\...\Run: [InbitIMC] => C:\Program Files (x86)\24im\24im Messenger\IMC.EXE [3423744 2013-11-30] (24im LLC)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {F675470B-C135-4DA8-A601-8A3F063FA64F} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {FBF428CE-6C57-4765-978A-D21EB5B3017C} URL = https://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
FireFox:
========
FF ProfilePath: C:\Users\SueB\AppData\Roaming\Mozilla\Firefox\Profiles\7s6elucx.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\SueB\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\SueB\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\SueB\AppData\Roaming\Mozilla\Firefox\Profiles\7s6elucx.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-21]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "https://www.google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\SueB\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.600.19) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U60) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\SueB\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Google Update) - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-24]
CHR Extension: (Google Search) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-24]
CHR Extension: (avast! Online Security) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-24]
CHR Extension: (Google Wallet) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Gmail) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-12] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-12] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-12] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [145840 2012-12-25] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-20] ()
R3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [410592 2012-09-21] (Magic Control Technology Corp.)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-10-06] (The OpenVPN Project)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-30 00:33 - 2014-07-30 00:33 - 00021298 _____ () C:\Users\SueB\Desktop\FRST.txt
2014-07-30 00:32 - 2014-07-30 00:33 - 00000000 ____D () C:\FRST
2014-07-30 00:18 - 2014-07-30 00:18 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight (1).exe
2014-07-30 00:16 - 2014-07-30 00:16 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight.exe
2014-07-29 07:58 - 2014-07-29 07:58 - 00302011 _____ () C:\Users\SueB\Downloads\WindowsUpdateDiagnostic.diagcab
2014-07-29 07:46 - 2014-07-29 07:55 - 00985600 _____ () C:\Users\SueB\Downloads\MicrosoftFixit50123.msi
2014-07-29 07:33 - 2014-07-29 07:49 - 13087456 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64 (1).exe
2014-07-28 05:24 - 2014-07-29 20:35 - 00000168 _____ () C:\Windows\setupact.log
2014-07-28 05:24 - 2014-07-28 05:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 23:13 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 23:13 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 23:13 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 23:13 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 23:11 - 2014-07-18 23:11 - 00918440 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u65.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-13 00:08 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-13 00:08 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 23:51 - 2014-07-12 23:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-12 23:50 - 2014-07-12 23:50 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-12 23:43 - 2014-07-12 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 23:42 - 2014-07-12 23:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-12 23:42 - 2014-07-12 23:43 - 00000000 ____D () C:\Program Files\iTunes
2014-07-12 23:42 - 2014-07-12 23:43 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-12 23:42 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files\iPod
2014-07-09 18:57 - 2014-06-18 22:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 18:57 - 2014-06-18 22:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 18:57 - 2014-06-18 22:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 18:57 - 2014-06-18 22:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 18:57 - 2014-06-18 22:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 18:57 - 2014-06-18 22:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 18:57 - 2014-06-18 22:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 18:57 - 2014-06-18 20:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 18:57 - 2014-06-18 20:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 18:57 - 2014-06-18 20:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 18:57 - 2014-06-18 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 18:57 - 2014-06-18 19:37 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-09 18:57 - 2014-06-18 19:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-09 18:57 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 18:57 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 18:57 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 18:57 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 18:57 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 18:57 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 18:56 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 18:56 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 18:56 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 14:01 - 2014-07-06 14:01 - 04362512 _____ (Piriform Ltd) C:\Users\SueB\Downloads\dfsetup218.exe
2014-07-04 16:53 - 2014-07-04 16:54 - 00001701 _____ () C:\DelFix.txt
2014-07-04 13:50 - 2014-07-04 13:50 - 00000000 ____D () C:\Users\SueB\AppData\Local\Software
2014-07-04 09:00 - 2014-07-04 09:00 - 00000000 ____D () C:\Users\SueB\AppData\Local\Apps\2.0
2014-07-04 02:09 - 2014-07-18 21:03 - 00000000 ___RD () C:\Users\SueB\Desktop\SWAHABA
2014-07-03 22:51 - 2014-07-03 22:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-03 18:36 - 2014-07-21 16:24 - 00000000 ___RD () C:\Users\SueB\Desktop\ENTERTAINMENT
2014-07-03 18:35 - 2014-07-10 11:30 - 00000000 ___RD () C:\Users\SueB\Desktop\OFFICE SOFTWARE
2014-07-03 18:33 - 2014-07-18 23:16 - 00000000 ___RD () C:\Users\SueB\Desktop\MY SECURITY SOFTWARE
2014-07-03 18:30 - 2014-07-30 00:32 - 00000000 ___RD () C:\Users\SueB\Desktop\SPECIAL SECURITY
2014-07-03 08:50 - 2014-07-04 16:53 - 00000000 ____D () C:\Windows\ERUNT
2014-07-03 08:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 19:45 - 2014-07-02 20:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012 (1)
2014-07-02 19:35 - 2014-07-02 20:39 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012
2014-07-02 19:29 - 2014-07-02 20:41 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 08:41 - 2014-07-02 08:41 - 02083840 _____ (Farbar) C:\Users\SueB\Desktop\FRST64.exe
2014-07-02 08:27 - 2014-07-02 08:27 - 00000565 _____ () C:\Users\SueB\Documents\MBR.zip
2014-07-02 08:26 - 2014-07-02 08:24 - 00000512 _____ () C:\Users\SueB\Documents\MBR.dat
2014-07-02 08:14 - 2014-07-04 01:38 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-01 01:32 - 2014-07-01 01:33 - 13084896 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64.exe
2014-07-01 00:00 - 2014-07-01 00:00 - 00000600 _____ () C:\Users\SueB\AppData\Roaming\winscp.rnd
2014-07-01 00:00 - 2014-07-01 00:00 - 00000000 ____D () C:\CSV
2014-06-30 23:42 - 2014-06-30 23:42 - 00000000 ____D () C:\Diag-Advisor
2014-06-30 11:34 - 2014-06-30 11:34 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64 (1).exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-30 11:28 - 2014-06-30 11:28 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (2).exe
2014-06-30 08:34 - 2014-06-30 21:40 - 00000000 __SHD () C:\Jumpshot
2014-06-30 08:31 - 2014-07-01 01:42 - 00000000 ____D () C:\Windows\jumpshot.com
==================== One Month Modified Files and Folders =======
2014-07-30 00:33 - 2014-07-30 00:33 - 00021298 _____ () C:\Users\SueB\Desktop\FRST.txt
2014-07-30 00:33 - 2014-07-30 00:32 - 00000000 ____D () C:\FRST
2014-07-30 00:33 - 2013-09-05 20:49 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA.job
2014-07-30 00:32 - 2014-07-03 18:30 - 00000000 ___RD () C:\Users\SueB\Desktop\SPECIAL SECURITY
2014-07-30 00:27 - 2014-02-27 22:00 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001.job
2014-07-30 00:18 - 2014-07-30 00:18 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight (1).exe
2014-07-30 00:16 - 2014-07-30 00:16 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight.exe
2014-07-30 00:10 - 2013-11-24 14:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-30 00:03 - 2014-02-19 09:57 - 01767719 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 23:58 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 23:58 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 23:52 - 2013-12-02 17:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 20:41 - 2009-07-14 01:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-29 20:35 - 2014-07-28 05:24 - 00000168 _____ () C:\Windows\setupact.log
2014-07-29 20:35 - 2013-12-02 17:17 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 20:35 - 2013-08-30 20:14 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-07-29 20:35 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-29 15:57 - 2012-11-23 04:03 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\Skype
2014-07-29 07:58 - 2014-07-29 07:58 - 00302011 _____ () C:\Users\SueB\Downloads\WindowsUpdateDiagnostic.diagcab
2014-07-29 07:55 - 2014-07-29 07:46 - 00985600 _____ () C:\Users\SueB\Downloads\MicrosoftFixit50123.msi
2014-07-29 07:49 - 2014-07-29 07:33 - 13087456 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64 (1).exe
2014-07-28 22:40 - 2012-11-21 19:36 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\SoftGrid Client
2014-07-28 19:14 - 2012-11-21 18:58 - 00000000 ____D () C:\Users\SueB\AppData\Local\Thunderbird
2014-07-28 18:33 - 2013-09-05 20:49 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core.job
2014-07-28 05:24 - 2014-07-28 05:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-28 05:24 - 2012-11-21 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-27 23:54 - 2014-06-12 07:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-27 23:54 - 2014-05-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 23:54 - 2013-09-08 18:56 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-27 23:54 - 2013-09-08 18:56 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-25 12:06 - 2014-02-24 22:35 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-23 06:46 - 2012-11-21 18:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-21 16:24 - 2014-07-03 18:36 - 00000000 ___RD () C:\Users\SueB\Desktop\ENTERTAINMENT
2014-07-18 23:16 - 2014-07-03 18:33 - 00000000 ___RD () C:\Users\SueB\Desktop\MY SECURITY SOFTWARE
2014-07-18 23:13 - 2013-10-17 00:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-18 23:13 - 2012-11-27 18:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 23:11 - 2014-07-18 23:11 - 00918440 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u65.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-18 22:51 - 2014-06-20 20:58 - 00000000 ____D () C:\Program Files\Java
2014-07-18 21:03 - 2014-07-04 02:09 - 00000000 ___RD () C:\Users\SueB\Desktop\SWAHABA
2014-07-18 15:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-14 04:30 - 2009-07-14 01:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-13 17:46 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-13 00:09 - 2014-04-30 23:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-13 00:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-13 00:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-12 23:51 - 2014-07-12 23:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-12 23:51 - 2014-05-02 04:35 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-12 23:51 - 2014-01-04 19:05 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-12 23:51 - 2013-03-09 20:47 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-12 23:51 - 2013-03-09 20:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-12 23:51 - 2012-11-21 18:13 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-12 23:50 - 2014-07-12 23:50 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-12 23:50 - 2012-11-21 18:28 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-12 23:43 - 2014-07-12 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 23:43 - 2014-07-12 23:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-12 23:43 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files\iTunes
2014-07-12 23:43 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-12 23:42 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 03:02 - 2014-07-18 23:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-18 23:13 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-18 23:13 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-18 23:13 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 22:04 - 2007-07-11 21:49 - 00000000 ____D () C:\Windows\Panther
2014-07-10 11:30 - 2014-07-03 18:35 - 00000000 ___RD () C:\Users\SueB\Desktop\OFFICE SOFTWARE
2014-07-09 22:11 - 2009-07-14 00:45 - 00295288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 22:10 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 21:01 - 2013-08-15 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 20:59 - 2012-11-23 13:34 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-08 14:10 - 2013-11-24 14:54 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 14:10 - 2013-11-24 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 14:10 - 2013-11-24 14:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 22:05 - 2013-12-02 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-06 14:03 - 2013-02-22 09:01 - 00000000 ____D () C:\Program Files\Defraggler
2014-07-06 14:01 - 2014-07-06 14:01 - 04362512 _____ (Piriform Ltd) C:\Users\SueB\Downloads\dfsetup218.exe
2014-07-04 16:54 - 2014-07-04 16:53 - 00001701 _____ () C:\DelFix.txt
2014-07-04 16:53 - 2014-07-03 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 13:50 - 2014-07-04 13:50 - 00000000 ____D () C:\Users\SueB\AppData\Local\Software
2014-07-04 09:00 - 2014-07-04 09:00 - 00000000 ____D () C:\Users\SueB\AppData\Local\Apps\2.0
2014-07-04 02:14 - 2012-12-09 14:16 - 00000000 ____D () C:\Users\SueB\Documents\Youcam
2014-07-04 01:38 - 2014-07-02 08:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-03 22:51 - 2014-07-03 22:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-03 08:28 - 2012-11-21 17:54 - 00000000 ____D () C:\Users\SueB
2014-07-02 20:49 - 2014-07-02 19:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 20:41 - 2014-07-02 19:29 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 20:39 - 2014-07-02 19:35 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012 (1)
2014-07-02 08:41 - 2014-07-02 08:41 - 02083840 _____ (Farbar) C:\Users\SueB\Desktop\FRST64.exe
2014-07-02 08:27 - 2014-07-02 08:27 - 00000565 _____ () C:\Users\SueB\Documents\MBR.zip
2014-07-02 08:24 - 2014-07-02 08:26 - 00000512 _____ () C:\Users\SueB\Documents\MBR.dat
2014-07-01 14:25 - 2014-02-27 22:00 - 00003562 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001
2014-07-01 01:42 - 2014-06-30 08:31 - 00000000 ____D () C:\Windows\jumpshot.com
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:32 - 13084896 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64.exe
2014-07-01 00:00 - 2014-07-01 00:00 - 00000600 _____ () C:\Users\SueB\AppData\Roaming\winscp.rnd
2014-07-01 00:00 - 2014-07-01 00:00 - 00000000 ____D () C:\CSV
2014-06-30 23:42 - 2014-06-30 23:42 - 00000000 ____D () C:\Diag-Advisor
2014-06-30 23:24 - 2013-01-05 22:08 - 00000000 ____D () C:\Users\SueB\Downloads\D2000AZNEWGB_Training(1)
2014-06-30 21:40 - 2014-06-30 08:34 - 00000000 __SHD () C:\Jumpshot
2014-06-30 14:14 - 2013-05-21 09:04 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B4B6C508-3456-47A0-9DC4-7C361428BA62}
2014-06-30 12:51 - 2014-04-08 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-30 11:34 - 2014-06-30 11:34 - 30984104 _____ (Oracle Corporation) C:\Users\SueB\Downloads\jre-7u60-windows-x64 (1).exe
2014-06-30 11:29 - 2014-06-30 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-30 11:28 - 2014-06-30 11:28 - 00918952 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u60 (2).exe
2014-06-30 08:34 - 2012-11-21 17:55 - 07864320 ___SH () C:\Users\SueB\.ghost-ntfs-3g-00000000000000000009
2014-06-30 08:34 - 2009-07-13 22:34 - 77332480 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000001
2014-06-30 08:34 - 2009-07-13 22:34 - 22806528 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000003
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-28 07:53
==================== End Of Log ============================
Suemarie
2014-07-30, 06:41
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by SueB at 2014-07-30 00:33:56
Running from C:\Users\SueB\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden
24im (Remove Only) (HKLM-x32\...\24im) (Version: - 24im LLC)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11.2.392.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco WebEx Meeting Center for Internet Explorer (HKLM-x32\...\{8EAB9068-AA14-4575-B8DD-322732E1F367}) (Version: 29.4.0.23 - Cisco WebEx LLC)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.3228 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 4.0.3228 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Evernote v. 5.0.3 (HKLM-x32\...\{32D39568-3B77-11E3-88CE-00163E98E7D0}) (Version: 5.0.3.1614 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
H&R Block Deluxe + Efile + State 2012 (HKLM-x32\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.05.7803 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2013 (HKLM-x32\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.6502 - HRB Technology, LLC.)
H&R Block Georgia 2012 (HKLM-x32\...\{92DE38F8-CBF1-4A4C-B19D-DD4ADA3E6408}) (Version: 1.12.3201 - HRB Technology, LLC.)
H&R Block Virginia 2012 (HKLM-x32\...\{3CBDBF7F-2E54-4A78-B41D-7163F7BC7F06}) (Version: 1.12.3301 - HRB Technology, LLC.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3510 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
Nero Control Center 10 (x32 Version: 10.6.13200.0.12 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10022.15.0 - Nero AG) Hidden
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Pdf995 (installed by H&R Block) (HKLM-x32\...\Pdf995) (Version: - )
PdfEdit995 (installed by H&R Block) (HKLM-x32\...\PdfEdit995) (Version: - )
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6466 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
TMS CallCenter (HKLM-x32\...\{3146714B-1289-46EF-BB9B-C68208D59D8B}) (Version: 2.9.38 - National Systems Corporation)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TouchSettings (HKLM-x32\...\{75880CD4-9436-4EDD-B7E7-400EBFD60B2C}) (Version: 1.00.0006 - Acer Incorporated)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
USB Display Device (Trigger Family) 12.01.1225.3679 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 12.01.1225.3679 - StarTech)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Restore Points =========================
20-07-2014 23:00:04 Windows Backup
22-07-2014 10:01:20 Windows Update
24-07-2014 17:35:55 Windows Update
25-07-2014 03:06:55 Windows Update
25-07-2014 10:37:54 Windows Update
25-07-2014 22:33:50 Windows Update
26-07-2014 03:08:56 Windows Update
26-07-2014 11:45:25 Windows Update
27-07-2014 04:31:24 Windows Update
27-07-2014 23:00:09 Windows Backup
28-07-2014 04:12:36 Windows Update
28-07-2014 09:29:00 Windows Update
29-07-2014 02:25:14 Windows Update
29-07-2014 02:26:36 Windows Update
29-07-2014 02:36:38 Windows Update
29-07-2014 02:40:13 Windows Update
29-07-2014 11:25:05 Windows Update
29-07-2014 11:46:18 Installed Microsoft Fix it 50123
29-07-2014 20:06:32 Windows Update
30-07-2014 03:55:39 Windows Update
30-07-2014 03:59:03 Installed Microsoft Fix it 50123
==================== Hosts content: ==========================
2009-07-13 22:34 - 2014-07-10 22:09 - 00451013 ____R C:\Windows\system32\Drivers\etc\hosts
127.94.0.1 client.openvpn.net
127.94.0.2 openvpn-client.loagentvpn.liveops.com
205.167.109.11 azcad
143.61.195.18 d2000-okc
209.82.196.139 d2kappok
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {0A48CDB4-2DFD-4BE2-B56C-E25848093A75} - System32\Tasks\{BDB1BDF5-9F76-4C68-9D75-494216820199} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {0B1A5240-348B-4304-847D-F2184605D1ED} - System32\Tasks\{4752F0DE-31ED-4CBC-B01F-702B976EB8D8} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2012-09-12] (CyberLink Corp.)
Task: {0D05C315-5AB0-4861-A30E-4EE92A96BF01} - System32\Tasks\{9ACEEDF3-702F-4220-A05E-0CA93CA1E2A6} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE [2013-07-23] (Microsoft Corporation)
Task: {17DC4C4F-82CC-4486-AFC5-F9305C9FD1FB} - System32\Tasks\{1534418C-F0AB-4B71-8F01-3EE429F584FA} => C:\Users\SueB\Desktop\AZ\D2000AZNEWGB - Production\d2k32_cr.exe
Task: {1B97C20B-D968-4F77-8B2C-94F6AE744057} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {1DEB26B1-3131-44CF-9AE4-B79BC99DA0AF} - System32\Tasks\{B8681D4F-9C47-4AB0-A0FD-9DA821FEE5AA} => C:\Program Files (x86)\TMS CallCenter\TMSTouch.exe [2014-05-01] (National Systems Corporation)
Task: {20F678C9-2A19-4D6F-8258-23B50829D7DC} - System32\Tasks\{C4A595AE-B568-42EA-85F1-276B3C74A131} => C:\Users\SueB\Downloads\D2000AZNEWGB_Training(1)\D2000AZNEWGB - Training\d2k32_cr.exe
Task: {226E9CAF-1BAC-43FC-A362-B2426B3635B0} - System32\Tasks\{638E9ADC-9F84-43B3-A9F3-DA0B58579C00} => C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe [2010-09-28] ()
Task: {2A7BC5AF-D5EC-4F33-B56D-E77BD16111D4} - System32\Tasks\{6B7EE633-1721-4727-8B09-4CAD264982D5} => Chrome.exe
Task: {2FFBC69E-72B9-4168-A3ED-C14E4DFA6530} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-02] (Google Inc.)
Task: {32227CC8-7C04-447D-91BA-E4B4499CCF04} - System32\Tasks\{E619DE95-D955-49F1-99FC-47EA85FBC4FA} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {40896514-9238-4949-A4EF-5A2B6B415E6A} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {440DC7A4-F6FE-400A-8A05-9E58DE665EDE} - System32\Tasks\{93712C41-9DDC-4AEA-8C2D-458F849D80B2} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE [2013-07-23] (Microsoft Corporation)
Task: {447ED454-8A73-4D1D-AC43-23172DC61152} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {458A39D4-D0C8-4D57-90C2-0B7B73E43C73} - System32\Tasks\{BD2B32D7-2270-463B-800E-E3283A7AEE5F} => C:\Users\SueB\Downloads\D2000OK_SD_Production\D2000OK_SD Production\d2k32_cr.exe
Task: {4B1F9702-2BF4-4D2A-836D-0CB42BF67804} - System32\Tasks\{8BA08670-BED0-4AA3-8712-A7401AD34809} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE [2013-07-23] (Microsoft Corporation)
Task: {4B3F9A54-2A51-413E-B15B-CE1CEE6B9004} - System32\Tasks\{C5DED3AA-9725-481F-A072-0F9C5620DC2A} => C:\Program Files (x86)\TMS CallCenter\TMSTouch.exe [2014-05-01] (National Systems Corporation)
Task: {50FCA8F8-9AA8-491A-8A5D-D3C5485A4FD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-02] (Google Inc.)
Task: {5264931F-6FD7-4517-84DC-DF6C78F5096A} - System32\Tasks\{5343B9A1-E2D3-4CEB-ADE3-161875C0DB7B} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {57873E08-56FC-41B3-9210-AA93B8AF43A0} - System32\Tasks\{865A080C-DAA1-4C23-B0B7-9DE26F8D3135} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {5D0A1D5B-A791-4D8C-9415-1F4B551F2D28} - System32\Tasks\{71A53804-1693-4846-A123-41A936D3AF27} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {6827ACC2-63C7-4FA5-ABF6-217C21F61C9F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {6DA423E6-86DE-4BF8-96EC-0140F1F7DDD1} - System32\Tasks\{1EE24F2C-0DB4-424E-84C9-D5B553767CC3} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE [2013-07-23] (Microsoft Corporation)
Task: {7A45A029-1EF7-4437-9149-FBC27B0FE08D} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {7B0C3B06-3A28-47C1-AB53-295E20E1E1AA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {7DFBAB0C-3563-4DBE-BEC3-0871CB07C784} - System32\Tasks\{7B6AF7DA-9AA6-402B-BEBB-2A1C1739BFC3} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {821068C7-2C55-4656-884F-AC9ED4B06CA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {8670ADD4-03F9-485B-97D7-11DB7A931235} - System32\Tasks\{71943BF6-63DE-4B39-B6A3-1BCC7FBCFBB8} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {89536066-10FD-4EAA-B927-E1567E1BA3CB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {96D67F5E-A707-4751-89E5-00B9EBCA27AE} - System32\Tasks\{2052277F-5188-4418-9901-057E6D3D78A1} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {A193E4A5-A330-4296-86DB-437DF851057A} - System32\Tasks\{39F3C1C6-EC4D-402B-A504-E9D6FBAE6029} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {ADA818BB-8F20-4D45-8144-98646066610B} - System32\Tasks\{288EC824-F8B4-4E9E-819A-A41CBF90B665} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {AED3E3D0-02BB-42FF-85FF-B159F530FFB5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core => C:\Users\SueB\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-05] (Google Inc.)
Task: {B2D05C14-8C4D-4B91-852A-EC0148850C1F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA => C:\Users\SueB\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-05] (Google Inc.)
Task: {B4AD683C-6739-4229-8058-C94164C5017D} - System32\Tasks\{F5682B18-54EF-4BA1-8B80-17EE5E0BA4D4} => C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [2014-02-06] (Apple Inc.)
Task: {BD8FBBB7-34AE-4180-9D3C-5A60CBFD52E9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-12] (AVAST Software)
Task: {C160B179-789D-4D4B-95C1-012C0CA09292} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C190CB65-1728-45CD-803A-8DDBB674B702} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {C57675A7-B82B-445E-97B8-B4D0D001CCD7} - System32\Tasks\{3777E41D-3A78-4D4C-BAE6-E5E45DEE9678} => C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [2014-02-06] (Apple Inc.)
Task: {CA1A923E-4057-48ED-A708-6E3013B8C1B8} - System32\Tasks\{5F63685C-3140-4C71-AFC9-6F25CF2AF13D} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {D1AF4EF7-20FE-4D98-AC5A-C0A78662793C} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-06] (Acer Incorporated)
Task: {D893FECF-D387-4112-B1B4-7E6B066A300E} - System32\Tasks\{C823354D-877A-4D2E-813F-74EB5EBE2BFC} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
Task: {E1931CC9-1569-4FA3-B128-0BC5ABBA9962} - System32\Tasks\{5EBCD752-F3FD-4149-933E-89465BEC4685} => C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [2014-02-06] (Apple Inc.)
Task: {E7490AFC-1999-4F1C-9DED-A4E3577B7B85} - System32\Tasks\{27397021-20E6-4FA4-9E6F-B36A347219EE} => C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-07-17] (Mozilla Corporation)
Task: {F4B39FA3-7268-46F3-AE5E-F27332216409} - System32\Tasks\{77650567-5BA5-44DF-A667-22BB20EF1A55} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE [2013-07-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\1468\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core.job => C:\Users\SueB\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA.job => C:\Users\SueB\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-01-21 19:45 - 2009-01-21 19:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-03-29 22:00 - 2012-04-26 15:51 - 00040448 _____ () C:\Windows\System32\pdf995mon64.dll
2013-08-30 20:14 - 2012-08-28 14:20 - 00313432 _____ () C:\Windows\system32\GManager.exe
2013-08-30 20:14 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2014-07-12 23:50 - 2014-07-12 23:50 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-29 07:23 - 2014-07-29 07:23 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14072900\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-30 20:39 - 2013-11-30 20:39 - 00057344 _____ () C:\Program Files (x86)\24im\24im Messenger\IMHOOK2.dll
2014-04-08 17:20 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-04-08 17:20 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-04-08 17:20 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-04-08 17:20 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-08 17:20 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-12 23:50 - 2014-07-12 23:50 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-13 10:33 - 2014-02-13 10:33 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2012-04-12 22:53 - 2010-11-06 02:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-18 19:42 - 2014-07-15 05:24 - 00718664 _____ () C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-18 19:42 - 2014-07-15 05:24 - 00126280 _____ () C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-18 19:42 - 2014-07-15 05:24 - 08537928 _____ () C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-18 19:42 - 2014-07-15 05:24 - 00353096 _____ () C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-18 19:42 - 2014-07-15 05:24 - 01732936 _____ () C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Dolby PCEE4\pcee4.exe" -autostart
MSCONFIG\startupreg: FDispPos => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe Launch FixPos
MSCONFIG\startupreg: Google Update => "C:\Users\SueB\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MCTDUtil => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe Launch SuperUtil
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: TouchORB => C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/29/2014 08:35:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2014 00:19:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/29/2014 07:23:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 07:56:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (07/28/2014 05:25:35 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/28/2014 05:25:35 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
System errors:
=============
Error: (07/29/2014 11:56:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Error: (07/29/2014 04:06:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Update for Microsoft Silverlight (KB2977218).
Error: (07/29/2014 07:25:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Error: (07/28/2014 10:40:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Error: (07/28/2014 10:39:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (07/28/2014 10:38:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Error: (07/28/2014 10:27:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Error: (07/28/2014 10:26:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Error: (07/28/2014 05:29:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Error: (07/28/2014 05:26:09 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Microsoft Office Sessions:
=========================
Error: (07/29/2014 08:35:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2014 00:19:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (07/29/2014 07:23:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 07:56:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/28/2014 05:25:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (07/28/2014 05:25:35 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (07/28/2014 05:25:35 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog
Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 4034.78 MB
Available physical RAM: 1808.7 MB
Total Pagefile: 8067.73 MB
Available Pagefile: 5540.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:450.16 GB) (Free:398.85 GB) NTFS
Drive e: (Lexar) (Removable) (Total:29.81 GB) (Free:27.5 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 51B5EE98)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Suemarie
2014-07-30, 06:55
I am doing the aswMBR scan now. In the meantime, I want to say that I cannot even get Silverlight to uninstall so that I can reinstall it. I have never had that happen before.
Suemarie
2014-07-30, 06:57
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-30 00:46:45
-----------------------------
00:46:45.438 OS Version: Windows x64 6.1.7601 Service Pack 1
00:46:45.438 Number of processors: 2 586 0x2A07
00:46:45.439 ComputerName: SUEB-PC UserName: SueB
00:46:46.103 Initialize success
00:46:46.103 VM: initialized successfully
00:46:46.109 VM: Intel CPU supported virtualized
00:46:48.753 VM: supported disk I/O iaStor.sys
00:46:51.600 AVAST engine defs: 14072900
00:46:56.769 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:46:56.773 Disk 0 Vendor: WDC_WD50 17.0 Size: 476940MB BusType: 3
00:46:56.863 VM: Disk 0 MBR read successfully
00:46:56.866 Disk 0 MBR scan
00:46:56.871 Disk 0 Windows 7 default MBR code
00:46:56.875 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15872 MB offset 2048
00:46:56.898 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 32507904
00:46:56.903 Disk 0 default boot code
00:46:56.908 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 460966 MB offset 32712704
00:46:56.955 Disk 0 scanning C:\Windows\system32\drivers
00:47:03.772 Service scanning
00:47:19.455 Modules scanning
00:47:19.462 Disk 0 trace - called modules:
00:47:19.478 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:47:19.485 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064d1790]
00:47:19.491 3 CLASSPNP.SYS[fffff88001a1743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80047a5050]
00:47:20.132 AVAST engine scan C:\Windows
00:47:21.415 AVAST engine scan C:\Windows\system32
00:48:54.809 AVAST engine scan C:\Windows\system32\drivers
00:49:02.619 AVAST engine scan C:\Users\SueB
00:52:29.132 AVAST engine scan C:\ProgramData
00:53:51.834 Scan finished successfully
00:55:49.962 Disk 0 MBR has been saved successfully to "C:\Users\SueB\Desktop\MBR.dat"
00:55:49.967 The log file has been saved successfully to "C:\Users\SueB\Desktop\aswMBR.txt"
Hi Suemarie,
My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.
Please stay with this topic until I let you know that your system appears to be "All Clear"
Important: All tools MUST be run from the Desktop.
=========================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Please delete the copy of FRST you have on your computer and download a FRESH copy and run a new scan.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply
=========================
In your next post please provide the following:
FRST.txt
No need to post the Addition.txt
Suemarie
2014-08-01, 02:00
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by SueB (administrator) on SUEB-PC on 31-07-2014 19:54:45
Running from C:\Users\SueB\Desktop\SPECIAL SECURITY
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\GManager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(24im LLC) C:\Program Files (x86)\24im\24im Messenger\IMC.EXE
(Google Inc.) C:\Users\SueB\AppData\Local\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3890881620-3642371930-2457045338-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-3890881620-3642371930-2457045338-1001\...\Run: [InbitIMC] => C:\Program Files (x86)\24im\24im Messenger\IMC.EXE [3423744 2013-11-30] (24im LLC)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {F675470B-C135-4DA8-A601-8A3F063FA64F} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {FBF428CE-6C57-4765-978A-D21EB5B3017C} URL = https://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
FireFox:
========
FF ProfilePath: C:\Users\SueB\AppData\Roaming\Mozilla\Firefox\Profiles\7s6elucx.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\SueB\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\SueB\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\SueB\AppData\Roaming\Mozilla\Firefox\Profiles\7s6elucx.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-21]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "https://www.google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\SueB\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\SueB\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.600.19) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U60) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\SueB\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Google Update) - C:\Users\SueB\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-24]
CHR Extension: (Google Search) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-24]
CHR Extension: (avast! Online Security) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-24]
CHR Extension: (Google Wallet) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Gmail) - C:\Users\SueB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-12] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-12] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-12] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [145840 2012-12-25] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-20] ()
R3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [410592 2012-09-21] (Magic Control Technology Corp.)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-10-06] (The OpenVPN Project)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-30 00:32 - 2014-07-31 19:54 - 00000000 ____D () C:\FRST
2014-07-30 00:18 - 2014-07-30 00:18 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight (1).exe
2014-07-30 00:16 - 2014-07-30 00:16 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight.exe
2014-07-29 07:58 - 2014-07-29 07:58 - 00302011 _____ () C:\Users\SueB\Downloads\WindowsUpdateDiagnostic.diagcab
2014-07-29 07:46 - 2014-07-29 07:55 - 00985600 _____ () C:\Users\SueB\Downloads\MicrosoftFixit50123.msi
2014-07-29 07:33 - 2014-07-29 07:49 - 13087456 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64 (1).exe
2014-07-28 05:24 - 2014-07-31 07:05 - 00000336 _____ () C:\Windows\setupact.log
2014-07-28 05:24 - 2014-07-28 05:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 23:13 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 23:13 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 23:13 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 23:13 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 23:11 - 2014-07-18 23:11 - 00918440 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u65.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-13 00:08 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-13 00:08 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-13 00:08 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-13 00:08 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 23:51 - 2014-07-12 23:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-12 23:50 - 2014-07-12 23:50 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-12 23:43 - 2014-07-12 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 23:42 - 2014-07-12 23:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-12 23:42 - 2014-07-12 23:43 - 00000000 ____D () C:\Program Files\iTunes
2014-07-12 23:42 - 2014-07-12 23:43 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-12 23:42 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files\iPod
2014-07-09 18:57 - 2014-06-18 22:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 18:57 - 2014-06-18 22:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 18:57 - 2014-06-18 22:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 18:57 - 2014-06-18 22:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 18:57 - 2014-06-18 22:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 18:57 - 2014-06-18 22:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 18:57 - 2014-06-18 22:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 18:57 - 2014-06-18 22:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 18:57 - 2014-06-18 20:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 18:57 - 2014-06-18 20:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 18:57 - 2014-06-18 20:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 18:57 - 2014-06-18 20:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 18:57 - 2014-06-18 20:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 18:57 - 2014-06-18 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 18:57 - 2014-06-18 19:37 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-09 18:57 - 2014-06-18 19:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-09 18:57 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 18:57 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 18:57 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 18:57 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 18:57 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 18:57 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 18:56 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 18:56 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 18:56 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 14:01 - 2014-07-06 14:01 - 04362512 _____ (Piriform Ltd) C:\Users\SueB\Downloads\dfsetup218.exe
2014-07-04 16:53 - 2014-07-04 16:54 - 00001701 _____ () C:\DelFix.txt
2014-07-04 13:50 - 2014-07-04 13:50 - 00000000 ____D () C:\Users\SueB\AppData\Local\Software
2014-07-04 09:00 - 2014-07-04 09:00 - 00000000 ____D () C:\Users\SueB\AppData\Local\Apps\2.0
2014-07-04 02:09 - 2014-07-18 21:03 - 00000000 ___RD () C:\Users\SueB\Desktop\SWAHABA
2014-07-03 22:51 - 2014-07-03 22:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-03 18:36 - 2014-07-21 16:24 - 00000000 ___RD () C:\Users\SueB\Desktop\ENTERTAINMENT
2014-07-03 18:35 - 2014-07-10 11:30 - 00000000 ___RD () C:\Users\SueB\Desktop\OFFICE SOFTWARE
2014-07-03 18:33 - 2014-07-18 23:16 - 00000000 ___RD () C:\Users\SueB\Desktop\MY SECURITY SOFTWARE
2014-07-03 18:30 - 2014-07-31 19:54 - 00000000 ___RD () C:\Users\SueB\Desktop\SPECIAL SECURITY
2014-07-03 08:50 - 2014-07-04 16:53 - 00000000 ____D () C:\Windows\ERUNT
2014-07-03 08:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 19:45 - 2014-07-02 20:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012 (1)
2014-07-02 19:35 - 2014-07-02 20:39 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012
2014-07-02 19:29 - 2014-07-02 20:41 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 08:27 - 2014-07-02 08:27 - 00000565 _____ () C:\Users\SueB\Documents\MBR.zip
2014-07-02 08:26 - 2014-07-02 08:24 - 00000512 _____ () C:\Users\SueB\Documents\MBR.dat
2014-07-02 08:14 - 2014-07-04 01:38 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-01 01:32 - 2014-07-01 01:33 - 13084896 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64.exe
2014-07-01 00:00 - 2014-07-01 00:00 - 00000600 _____ () C:\Users\SueB\AppData\Roaming\winscp.rnd
2014-07-01 00:00 - 2014-07-01 00:00 - 00000000 ____D () C:\CSV
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-31 19:54 - 2014-07-30 00:32 - 00000000 ____D () C:\FRST
2014-07-31 19:54 - 2014-07-03 18:30 - 00000000 ___RD () C:\Users\SueB\Desktop\SPECIAL SECURITY
2014-07-31 19:52 - 2013-12-02 17:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-31 19:33 - 2013-09-05 20:49 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001UA.job
2014-07-31 19:27 - 2014-02-27 22:00 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001.job
2014-07-31 19:10 - 2013-11-24 14:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 18:33 - 2013-09-05 20:49 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3890881620-3642371930-2457045338-1001Core.job
2014-07-31 16:38 - 2012-11-23 04:03 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\Skype
2014-07-31 08:39 - 2014-02-19 09:57 - 01862513 _____ () C:\Windows\WindowsUpdate.log
2014-07-31 07:12 - 2009-07-14 01:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-31 07:12 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-31 07:12 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-31 07:05 - 2014-07-28 05:24 - 00000336 _____ () C:\Windows\setupact.log
2014-07-31 07:05 - 2013-12-02 17:17 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-31 07:05 - 2013-08-30 20:14 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-07-31 07:05 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-30 00:18 - 2014-07-30 00:18 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight (1).exe
2014-07-30 00:16 - 2014-07-30 00:16 - 06958304 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight.exe
2014-07-29 07:58 - 2014-07-29 07:58 - 00302011 _____ () C:\Users\SueB\Downloads\WindowsUpdateDiagnostic.diagcab
2014-07-29 07:55 - 2014-07-29 07:46 - 00985600 _____ () C:\Users\SueB\Downloads\MicrosoftFixit50123.msi
2014-07-29 07:49 - 2014-07-29 07:33 - 13087456 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64 (1).exe
2014-07-28 22:40 - 2012-11-21 19:36 - 00000000 ____D () C:\Users\SueB\AppData\Roaming\SoftGrid Client
2014-07-28 19:14 - 2012-11-21 18:58 - 00000000 ____D () C:\Users\SueB\AppData\Local\Thunderbird
2014-07-28 05:24 - 2014-07-28 05:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-28 05:24 - 2012-11-21 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-27 23:54 - 2014-06-12 07:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-27 23:54 - 2014-05-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 23:54 - 2013-09-08 18:56 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-27 23:54 - 2013-09-08 18:56 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-25 12:06 - 2014-02-24 22:35 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-23 06:46 - 2012-11-21 18:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-21 16:24 - 2014-07-03 18:36 - 00000000 ___RD () C:\Users\SueB\Desktop\ENTERTAINMENT
2014-07-18 23:16 - 2014-07-03 18:33 - 00000000 ___RD () C:\Users\SueB\Desktop\MY SECURITY SOFTWARE
2014-07-18 23:13 - 2013-10-17 00:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-18 23:13 - 2012-11-27 18:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 23:11 - 2014-07-18 23:11 - 00918440 _____ (Oracle Corporation) C:\Users\SueB\Downloads\JavaSetup7u65.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-18 22:51 - 2014-07-18 22:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-18 22:51 - 2014-06-20 20:58 - 00000000 ____D () C:\Program Files\Java
2014-07-18 21:03 - 2014-07-04 02:09 - 00000000 ___RD () C:\Users\SueB\Desktop\SWAHABA
2014-07-18 15:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-14 04:30 - 2009-07-14 01:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-13 17:46 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-13 00:09 - 2014-04-30 23:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-13 00:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-13 00:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-12 23:51 - 2014-07-12 23:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-12 23:51 - 2014-05-02 04:35 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-12 23:51 - 2014-01-04 19:05 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-12 23:51 - 2013-03-09 20:47 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-12 23:51 - 2013-03-09 20:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-12 23:51 - 2012-11-21 18:13 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-12 23:51 - 2012-11-21 18:13 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-12 23:50 - 2014-07-12 23:50 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-12 23:50 - 2012-11-21 18:28 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-12 23:43 - 2014-07-12 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 23:43 - 2014-07-12 23:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-12 23:43 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files\iTunes
2014-07-12 23:43 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-12 23:42 - 2014-07-12 23:42 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 03:02 - 2014-07-18 23:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-18 23:13 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-18 23:13 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-18 23:13 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 22:04 - 2007-07-11 21:49 - 00000000 ____D () C:\Windows\Panther
2014-07-10 11:30 - 2014-07-03 18:35 - 00000000 ___RD () C:\Users\SueB\Desktop\OFFICE SOFTWARE
2014-07-09 22:11 - 2009-07-14 00:45 - 00295288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 22:10 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 21:01 - 2013-08-15 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 20:59 - 2012-11-23 13:34 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-08 14:10 - 2013-11-24 14:54 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 14:10 - 2013-11-24 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 14:10 - 2013-11-24 14:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 22:05 - 2013-12-02 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-06 14:03 - 2013-02-22 09:01 - 00000000 ____D () C:\Program Files\Defraggler
2014-07-06 14:01 - 2014-07-06 14:01 - 04362512 _____ (Piriform Ltd) C:\Users\SueB\Downloads\dfsetup218.exe
2014-07-04 16:54 - 2014-07-04 16:53 - 00001701 _____ () C:\DelFix.txt
2014-07-04 16:53 - 2014-07-03 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 13:50 - 2014-07-04 13:50 - 00000000 ____D () C:\Users\SueB\AppData\Local\Software
2014-07-04 09:00 - 2014-07-04 09:00 - 00000000 ____D () C:\Users\SueB\AppData\Local\Apps\2.0
2014-07-04 02:14 - 2012-12-09 14:16 - 00000000 ____D () C:\Users\SueB\Documents\Youcam
2014-07-04 01:38 - 2014-07-02 08:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-03 22:51 - 2014-07-03 22:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-03 08:28 - 2012-11-21 17:54 - 00000000 ____D () C:\Users\SueB
2014-07-02 20:49 - 2014-07-02 19:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-02 20:41 - 2014-07-02 19:29 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 20:39 - 2014-07-02 19:35 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\SueB\Downloads\mbar-1.07.0.1012 (1)
2014-07-02 08:27 - 2014-07-02 08:27 - 00000565 _____ () C:\Users\SueB\Documents\MBR.zip
2014-07-02 08:24 - 2014-07-02 08:26 - 00000512 _____ () C:\Users\SueB\Documents\MBR.dat
2014-07-01 14:25 - 2014-02-27 22:00 - 00003562 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3890881620-3642371930-2457045338-1001
2014-07-01 01:42 - 2014-06-30 08:31 - 00000000 ____D () C:\Windows\jumpshot.com
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-01 01:33 - 2014-07-01 01:32 - 13084896 _____ (Microsoft Corporation) C:\Users\SueB\Downloads\Silverlight_x64.exe
2014-07-01 00:00 - 2014-07-01 00:00 - 00000600 _____ () C:\Users\SueB\AppData\Roaming\winscp.rnd
2014-07-01 00:00 - 2014-07-01 00:00 - 00000000 ____D () C:\CSV
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-28 07:53
==================== End Of Log ============================
Hi Suemarie,
I'm not seeing anything from your scans that indicate a malware issue. :bigthumb:
You stated in your original post that your concerns revolve around a Silverlight error message you received.
Let's go ahead and uninstall Silverlight, reboot, then reinstall Silverlight.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Revo Uninstaller Pro
Please download Revo Uninstaller Pro (http://www.revouninstaller.com/download-professional-version.php) and save it to your desktop.
(This version is a fully functional, 30 day free trial)
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
From the list of programs click on
Silverlight
Chose "Uninstall". When prompted click Yes.
Make sure the advanced option is checked... then click Next.
The program will run, when prompted... click Yes... then Next.
Once the program has searched for leftovers click Next.
Check ONLY the bolded items on the list then... click Next... then Yes.
When done click Finish.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot
=========================
Go here >> http://www.microsoft.com/silverlight/ and click the Download Now button.
Follow the onscreen instructions to install Silverlight.
Reboot again if prompted
Then test to see if error message still presents itself.
Suemarie
2014-08-01, 06:19
Here is where the problem is. I ran your ininstall program and I cannot get the Silverlight to uninstall. Here are screenshots of what I am getting. This has been happening ever since Microsoft did an update on Silverlight.
This could be a problem on Microsoft's side, but I am not sure. There seems to be a file missing and before contacting you, I looked up the error code that I was getting and tried to follow their instructions but there is something wrong: https://www.google.com/#q=Window+update+error+0x80070057
It seems that others are having the same issue.
Suemarie
2014-08-01, 06:30
Before contacting you, I followed the instructions from here: http://social.technet.microsoft.com/Forums/windows/en-US/53a1f2ab-037b-438e-a690-00a0e745730d/windows-7-update-error-0x80070057?forum=w7itprogeneral
Click Start and type regedit and press the Enter button.
Navigate to HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate
Delete all values with this 0x80070057. Then run the the following fix it tool.
http://support.microsoft.com/kb/971058/en-us
Reboot the computer and verify that the problem has been resolved.
The WindowsUpdate is missing from the string.
Hi Suemarie,
This has been happening ever since Microsoft did an update on Silverlight.
Locate within Microsoft updates when the latest Silverlight update was.
Control Panel >> Windows Update >> select View Update History
Next select To remove an update, see Installed Updates
Locate the most recent Silverlight, select it to uninstall.
Before contacting you, I followed the instructions from here: http://social.technet.microsoft.com/...w7itprogeneral
Click Start and type regedit and press the Enter button.
Navigate to HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate
Delete all values with this 0x80070057. Then run the the following fix it tool.
http://support.microsoft.com/kb/971058/en-us
Reboot the computer and verify that the problem has been resolved.
The WindowsUpdate is missing from the string.
Before taking the above step did you make a backup of the Registry?
What date did you edit the registry on?
Suemarie
2014-08-01, 14:17
Here is what is in my update history. Every time I turn my computer off, it tries to install the update. That is why there are so many of them.
Suemarie
2014-08-01, 14:19
I do have a back up disc, but to be honest, I have no idea how to use it to restore anything. It is actually a recovery disc. The last one was done on 7/7/2014.
Hi Suemarie,
I do have a back up disc, but to be honest, I have no idea how to use it to restore anything. It is actually a recovery disc.
A Recovery Disk is not the same thing as having a back-up for the Registry. Normally, before you make any changes to the Registry it is important to make a back-up of the Registry using a program like ERUNT or Tweaking.com's All In One Repair Tool which has a registry back-up tool included in it.
The 7/7/2014 date is that the date you last edited the Registry?
In your first image, at the top right. Locate : To remove an update, see Installed Updates
Click on it, that will show all the installed updates.
Locate the most recent Silverlight update and uninstall it
Then reboot, and see if Microsoft tries to reinstall it
This is the update that is causing you issues - Update for Microsoft Silverlight (KB2977218)
Suemarie
2014-08-01, 17:54
I believe the problem is solved. There was a missing msi file. My husband found instructions to do a forced uninstall and got it out:
reg delete HKLM\Software\Microsoft\Silverlight /f
reg delete HKEY_CLASSES_ROOT\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100 /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100 /f
reg delete HKEY_CLASSES_ROOT\TypeLib\{283C8576-0726-4DBC-9609-3F855162009A} /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\install.exe /f
reg delete HKEY_CLASSES_ROOT\AgControl.AgControl /f
reg delete HKEY_CLASSES_ROOT\AgControl.AgControl.5.1 /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} /f
rmdir /s /q "%ProgramFiles%\Microsoft Silverlight"
rmdir /s /q "%ProgramFiles(x86)%\Microsoft Silverlight"
We then were able to reinstall Silverlight and now it is in:
I think that the original problem started with Avast's Grime-fighter. It had deleted a lot of stuff. I had to have it restore things back, but apparently it didn't do a very good job. I no longer have Grime-fighter and got a refund for it. It is not a good program and obviously has some serious flaws.
From reading some of the blogs for the Silverlight update, others are having the same issue that I had.
Hi Suemarie,
Well that's good to hear. :bigthumb:
But I must caution you. If you are going to edit the Registry you really need to run a back-up utility BEFORE you make any changes. If you should make a mistake you could render your computer un-bootable.
Are you having any other issues?
Suemarie
2014-08-03, 05:22
Not at this time. Thank you for the advice. I will make a back up asap. :)
Hi Suemarie,
You can go ahead and delete both the FRST and aswMBR programs from your computer along with any logs they may have generated.
If you have no other questions, I will mark the thread solved and close it.
Suemarie
2014-08-06, 01:53
Thank you for your help. :)
Hi Suemarie,
You're quite welcome. :bigthumb:
Since this issue appears to be resolved ... this Topic has been closed.
If you still require help, please start a new topic and include fresh DDS and aswMBR logs, along with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.