Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Help Please - comp running slow / virus i believe [Closed]


  • This topic is locked This topic is locked
15 replies to this topic

#1 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 21 October 2014 - 09:24 AM

hi, runnung windows 7 premium 64 bit

 

i have some unwanted programs on my compter,  i tried to delete and it seemed to delete, but i can still find the program ( remote desktop connection ) on a search.   pls note - i have never allowed anyone to download this onto my computer.  there are some others as well i think.

 

waiting for your reply, thank you


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 21 October 2014 - 05:50 PM

:welcome:

 

Lets run a few scans and see whats going on

 

1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
  •  
    I just want to see the report....Please Do Not Fix Anything
     
    ============================================================================
     
     
     

    Please download Farbar Recovery Scan Tool and save it to your desktop.
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check 
  • *List BCD
    *Drivers MD5
    *Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #3 kunash

    kunash

      Authentic Member

    • Authentic Member
    • PipPip
    • 73 posts

    Posted 22 October 2014 - 04:06 AM

    thanks Ken, will get back to you



    #4 kunash

    kunash

      Authentic Member

    • Authentic Member
    • PipPip
    • 73 posts

    Posted 22 October 2014 - 01:57 PM

    Hi Ken, here you are

     

    aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
    Run date: 2014-10-22 19:57:29
    -----------------------------
    19:57:29.676    OS Version: Windows x64 6.1.7601 Service Pack 1
    19:57:29.676    Number of processors: 8 586 0x3A09
    19:57:29.676    ComputerName: SIMON-PC  UserName: Simon
    19:57:33.344    Initialize success
    19:57:33.517    VM: initialized successfully
    19:57:33.563    VM: Intel CPU supported 
    19:57:47.333    VM: supported disk I/O iaStorV.sys
    20:00:58.864    AVAST engine defs: 14102200
    20:35:24.877    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    20:35:24.877    Disk 0 Vendor: ST950042 0005 Size: 476940MB BusType: 8
    20:35:25.017    VM: Disk 0 MBR read successfully
    20:35:25.017    Disk 0 MBR scan
    20:35:25.033    Disk 0 Windows 7 default MBR code
    20:35:25.033    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
    20:35:25.064    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        14444 MB offset 81920
    20:35:25.080    Disk 0 default boot code
    20:35:25.103    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       462452 MB offset 29663232
    20:35:25.238    Disk 0 scanning C:\Windows\system32\drivers
    20:35:40.458    Service scanning
    20:35:44.483    Service BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20141016.001\BHDrvx64.sys **LOCKED** 5
    20:35:48.938    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
    20:35:49.410    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
    20:35:52.975    Service IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20141021.001\IDSvia64.sys **LOCKED** 5
    20:35:57.677    Service NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141021.039\ENG64.SYS **LOCKED** 5
    20:35:57.898    Service NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141021.039\EX64.SYS **LOCKED** 5
    20:36:15.597    Modules scanning
    20:36:15.615    Disk 0 trace - called modules:
    20:36:15.630    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStorV.sys hal.dll 
    20:36:15.646    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800b472790]
    20:36:15.646    3 CLASSPNP.SYS[fffff880013d043f] -> nt!IofCallDriver -> [0xfffffa800b391cb0]
    20:36:15.662    5 stdcfltn.sys[fffff880019e1d12] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800ae72050]
    20:36:17.128    AVAST engine scan C:\Windows
    20:36:21.171    AVAST engine scan C:\Windows\system32
    20:41:27.071    AVAST engine scan C:\Windows\system32\drivers
    20:41:50.650    AVAST engine scan C:\Users\Simon
    20:47:14.254    AVAST engine scan C:\ProgramData
    20:49:18.033    Scan finished successfully
    20:49:44.339    Disk 0 MBR has been saved successfully to "C:\Users\Simon\Desktop\MBR.dat"
    20:49:44.349    The log file has been saved successfully to "C:\Users\Simon\Desktop\aswMBR.txt"

    Attached Files



    #5 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 22 October 2014 - 03:04 PM

    If you can I would prefer the logs we ask for be copied and pasted into the thread in lieu of attaching them its easier for me to research 

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
    Ran by Simon (administrator) on SIMON-PC on 22-10-2014 20:51:15
    Running from C:\Users\Simon\Desktop
    Loaded Profile: Simon (Available profiles: Simon)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    ( ) C:\Windows\System32\dleacoms.exe
    (Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
    (PC Tools) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
    () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    () C:\Program Files (x86)\HP Button Manager\BM.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (AVAST Software) C:\Users\Simon\Downloads\aswMBR.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\nacl64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\nacl64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Farbar) C:\Users\Simon\Desktop\FRST64 (1).exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-15] (Alienware)
    HKLM\...\Run: [dleamon.exe] => C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()
    HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-09] (Intel Corporation)
    HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [1636208 2011-12-01] ()
    HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112 2014-01-17] (Symantec Corporation)
    HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2615214989-2497064625-3642582449-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
    HKU\S-1-5-21-2615214989-2497064625-3642582449-1000\...\Policies\Explorer: [NoInstrumentation] 1
    AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
    AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
    AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
    AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
    Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Button Manager.lnk
    ShortcutTarget: HP Button Manager.lnk -> C:\Program Files (x86)\HP Button Manager\BM.exe ()
    Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series.lnk
    ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5520 series.lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
    ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
    ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = 
    SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
    BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{3FF56F9F-5650-44EE-A8BC-C89070585971}: [NameServer] 8.8.8.8
     
    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn [2014-10-22]
     
    Chrome: 
    =======
    CHR Profile: C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
    CHR Extension: (Google Drive) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-08]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-09]
    CHR Extension: (YouTube) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-08]
    CHR Extension: (Google Search) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-08]
    CHR Extension: (Norton Identity Safe) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-09]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-17]
    CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-08]
    CHR Extension: (Gmail) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-08]
    CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
    CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150592 2014-01-17] (Symantec Corporation)
    S2 dleaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] ()
    R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-05-21] ( )
    R2 dlea_device; C:\Windows\SysWOW64\dleacoms.exe [598696 2010-05-21] ( )
    R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242728 2014-07-01] (Foxit Corporation)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
    S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
    R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
    R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795776 2014-01-17] (PC Tools)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)
    R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [492032 2012-02-15] () [File not signed]
    S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163904 2014-01-17] (Symantec Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [2740328 2012-02-15] (Bigfoot Networks, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2008-04-24] (ArcSoft, Inc.)
    R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2014-06-14] (Broadcom Corporation.)
    R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-15] (Bigfoot Networks, Inc.)
    R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
    R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
    R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-06-14] ()
    R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20141021.001\IDSvia64.sys [633560 2014-10-03] (Symantec Corporation)
    R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-06-14] (Qualcomm Atheros Co., Ltd.)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-06-14] (Intel Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
    R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141021.039\ENG64.SYS [129752 2014-10-03] (Symantec Corporation)
    R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141021.039\EX64.SYS [2137304 2014-10-03] (Symantec Corporation)
    R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299352 2014-07-02] (NVIDIA Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
    R1 RsProxy; C:\Windows\system32\drivers\RsProxy.sys [15976 2014-05-25] ()
    R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
    R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-03-14] (STMicroelectronics)
    R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-05-08] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    U3 aswMBR; \??\C:\Users\Simon\AppData\Local\Temp\aswMBR.sys [X]
    U3 aswVmm; \??\C:\Users\Simon\AppData\Local\Temp\aswVmm.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-22 20:51 - 2014-10-22 20:52 - 00023385 _____ () C:\Users\Simon\Desktop\FRST.txt
    2014-10-22 20:49 - 2014-10-22 20:49 - 00003040 _____ () C:\Users\Simon\Desktop\aswMBR.txt
    2014-10-22 20:49 - 2014-10-22 20:49 - 00000512 _____ () C:\Users\Simon\Desktop\MBR.dat
    2014-10-22 20:42 - 2014-10-22 20:42 - 02112000 _____ (Farbar) C:\Users\Simon\Downloads\frst64.exe
    2014-10-22 20:42 - 2014-10-22 20:42 - 02112000 _____ (Farbar) C:\Users\Simon\Desktop\FRST64 (1).exe
    2014-10-22 19:56 - 2014-10-22 19:56 - 05185536 _____ (AVAST Software) C:\Users\Simon\Downloads\aswMBR.exe
    2014-10-22 14:07 - 2014-10-22 19:51 - 00000504 _____ () C:\Windows\setupact.log
    2014-10-22 14:07 - 2014-10-22 14:07 - 00000000 _____ () C:\Windows\setuperr.log
    2014-10-18 16:35 - 2014-10-18 16:35 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-10-18 16:35 - 2014-10-18 16:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-10-18 16:35 - 2014-10-18 16:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-10-18 16:35 - 2014-10-18 16:35 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-10-18 16:35 - 2014-10-18 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-10-18 15:19 - 2014-10-18 15:19 - 00000000 ____D () C:\Users\Simon\AppData\Local\VS Revo Group
    2014-10-18 15:19 - 2014-10-18 15:19 - 00000000 ____D () C:\ProgramData\VS Revo Group
    2014-10-18 15:17 - 2014-10-18 15:17 - 10691640 _____ (VS Revo Group ) C:\Users\Simon\Downloads\RevoUninProSetup.exe
    2014-10-18 13:40 - 2014-10-18 13:40 - 00000000 ____D () C:\NPE
    2014-10-18 13:38 - 2014-10-18 14:50 - 00000000 ____D () C:\Users\Simon\AppData\Local\NPE
    2014-10-18 13:09 - 2014-10-18 13:09 - 00000000 ____H () C:\Users\Simon\Documents\Default.rdp
    2014-10-17 14:37 - 2014-10-17 14:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
    2014-10-16 23:21 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-10-16 23:21 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-10-16 23:21 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-10-16 23:21 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-10-16 23:21 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-10-16 23:21 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-10-16 23:21 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-10-16 23:21 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-10-16 23:21 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-10-16 23:21 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-10-16 23:21 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-10-16 23:21 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-10-16 23:21 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-10-16 23:21 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-10-16 23:21 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-10-16 23:21 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-10-16 23:21 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-10-16 23:21 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-10-16 23:21 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-10-16 23:21 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-10-16 23:21 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-10-16 23:21 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-10-16 23:21 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-10-16 23:21 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-10-16 23:21 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-10-16 23:21 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-10-16 23:21 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-10-16 23:21 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-10-16 23:21 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-10-16 23:21 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-10-16 23:21 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-10-16 23:21 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-10-16 23:21 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-10-16 23:21 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-10-16 23:21 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-10-16 23:21 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-10-16 23:21 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2014-10-16 23:21 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
    2014-10-16 23:21 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
    2014-10-16 23:21 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
    2014-10-16 23:21 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
    2014-10-16 23:21 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
    2014-10-16 23:20 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-10-16 23:20 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-10-16 23:20 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-10-16 23:20 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-10-16 23:20 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-10-16 23:20 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-10-16 23:20 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-10-16 23:20 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-10-16 23:20 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-10-16 23:20 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-10-16 23:20 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-10-16 23:20 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-10-16 23:20 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-10-16 23:20 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-10-16 23:20 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-10-16 23:20 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-10-16 23:20 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-10-16 23:20 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-10-16 23:20 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-10-16 23:20 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-10-16 23:20 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-10-16 23:20 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-10-16 23:20 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-10-16 23:20 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-10-16 23:20 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-10-16 23:20 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-10-16 23:20 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-10-16 23:20 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-10-16 23:20 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-10-16 23:20 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-10-16 23:20 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-10-16 23:20 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-10-16 23:20 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-10-16 23:20 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-10-16 23:20 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
    2014-10-16 23:20 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
    2014-10-16 23:20 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-10-16 23:20 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-10-16 23:20 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
    2014-10-16 23:20 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-10-16 23:20 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-10-16 23:20 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2014-10-16 23:20 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-10-16 23:20 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-10-16 23:20 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
    2014-10-16 23:20 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2014-10-16 21:03 - 2014-10-22 19:51 - 00001338 _____ () C:\Windows\Tasks\KKPGLH.job
    2014-10-16 21:03 - 2014-10-16 21:03 - 00004364 _____ () C:\Windows\System32\Tasks\KKPGLH
    2014-10-16 20:59 - 2014-10-18 13:07 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software
    2014-10-16 20:59 - 2014-10-18 13:07 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software
    2014-10-16 20:59 - 2014-10-18 13:07 - 00000000 ____D () C:\Program Files (x86)\Opera
    2014-10-16 20:58 - 2014-10-18 13:36 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Store
    2014-10-16 20:58 - 2014-10-18 13:03 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Nosibay
    2014-10-16 20:58 - 2014-10-16 20:58 - 00000374 _____ () C:\Users\Simon\AppData\Roaming\WindApp.installation.log
    2014-10-16 20:57 - 2014-10-22 19:51 - 00001332 _____ () C:\Windows\Tasks\SZK.job
    2014-10-16 20:57 - 2014-10-16 20:57 - 00004358 _____ () C:\Windows\System32\Tasks\SZK
    2014-10-16 20:57 - 2014-10-16 20:57 - 00000097 _____ () C:\Users\Simon\AppData\Roaming\WindApp.boostrap.log
    2014-10-16 20:56 - 2014-10-22 19:51 - 00001334 _____ () C:\Windows\Tasks\HODK.job
    2014-10-16 20:56 - 2014-10-16 20:56 - 00004360 _____ () C:\Windows\System32\Tasks\HODK
    2014-10-16 20:55 - 2014-10-18 13:36 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
    2014-10-16 20:55 - 2014-10-16 20:55 - 00000000 ____D () C:\Users\Simon\AppData\Local\globalUpdate
    2014-10-15 04:43 - 2014-10-15 04:43 - 01055936 _____ (Adobe) C:\Users\Simon\Downloads\install_flashplayer15x32axau_mssa_aaa_aih.exe
    2014-10-12 15:25 - 2014-10-18 14:55 - 00000133 _____ () C:\Users\Simon\Desktop\New Text Document (3).txt
    2014-10-11 11:04 - 2014-10-18 13:28 - 00000000 ____D () C:\Windows\Minidump
    2014-10-09 23:46 - 2014-10-10 00:40 - 00000087 _____ () C:\Users\Simon\Desktop\New Text Document (2).txt
    2014-10-08 10:27 - 2014-09-04 20:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2014-10-08 10:27 - 2014-09-04 20:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2014-10-08 03:10 - 2014-10-16 08:54 - 00000422 _____ () C:\Users\Simon\Desktop\New Text Document.txt
    2014-10-04 15:52 - 2014-10-04 15:52 - 04210920 _____ (Piriform Ltd) C:\Users\Simon\Downloads\rcsetup151.exe
    2014-10-04 15:52 - 2014-10-04 15:52 - 04210920 _____ (Piriform Ltd) C:\Users\Simon\Downloads\rcsetup151 (1).exe
    2014-10-04 15:19 - 2014-10-04 15:19 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
    2014-10-04 14:31 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-10-04 14:31 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2014-10-03 15:43 - 2014-10-03 15:43 - 00000000 ____D () C:\Users\Simon\Documents\AlienFX
    2014-10-03 15:42 - 2014-10-03 15:42 - 00000000 ____D () C:\Users\Simon\Documents\Bluetooth Exchange Folder
    2014-09-29 22:13 - 2014-10-07 00:19 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\FreeScreenToVideo
    2014-09-29 22:13 - 2014-09-29 22:13 - 00001202 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Screen To Video.lnk
    2014-09-29 22:13 - 2014-09-29 22:13 - 00001150 _____ () C:\Users\Simon\Desktop\Free Screen To Video.lnk
    2014-09-29 22:13 - 2014-09-29 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Screen To Video
    2014-09-29 22:12 - 2014-10-18 15:35 - 00000000 ____D () C:\Program Files (x86)\Free Screen To Video
    2014-09-29 22:05 - 2014-09-29 22:06 - 73924960 _____ (TechSmith Corporation) C:\Users\Simon\Downloads\snagit.exe
    2014-09-29 19:16 - 2014-09-29 19:16 - 00832072 _____ (Wondershare) C:\Users\Simon\Downloads\video-editor_setup_full1107.exe
    2014-09-24 18:03 - 2014-09-24 18:03 - 00000000 _____ () C:\Users\Simon\Downloads\setup.exe.p1bwx40.partial
    2014-09-24 18:03 - 2014-09-24 18:03 - 00000000 _____ () C:\Users\Simon\Downloads\setup.exe.p1bwx40 (1).partial
    2014-09-24 18:03 - 2014-09-24 18:03 - 00000000 _____ () C:\Users\Simon\Downloads\setup.exe.p1bwx40 (1) (1).partial
    2014-09-24 11:22 - 2014-09-24 11:22 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2014-09-24 04:40 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-24 04:40 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-22 20:51 - 2014-06-19 08:53 - 00000000 ____D () C:\FRST
    2014-10-22 20:45 - 2014-05-08 10:21 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-22 20:22 - 2014-05-08 10:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-22 19:59 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-22 19:59 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-22 19:55 - 2014-05-08 17:50 - 01882565 _____ () C:\Windows\WindowsUpdate.log
    2014-10-22 19:52 - 2014-05-20 09:33 - 00071122 _____ () C:\ProgramData\dleascan.log
    2014-10-22 19:52 - 2014-05-08 12:41 - 00000288 _____ () C:\Windows\Tasks\NUAutoUpdate.job
    2014-10-22 19:52 - 2014-05-08 11:50 - 00000000 ____D () C:\ProgramData\TEMP
    2014-10-22 19:52 - 2014-05-08 10:21 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-22 19:51 - 2014-05-08 10:52 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-10-22 19:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-22 13:09 - 2014-06-22 11:13 - 00000330 _____ () C:\Windows\Tasks\SpeedDiskSchedule.job
    2014-10-22 13:08 - 2014-05-10 11:58 - 00000000 ____D () C:\Users\Simon\AppData\Local\CrashDumps
    2014-10-22 11:04 - 2014-05-08 11:29 - 00000000 ____D () C:\Users\Simon\Desktop\unused
    2014-10-21 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-10-21 10:53 - 2014-06-14 10:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-10-20 09:24 - 2014-05-08 15:50 - 00000000 ____D () C:\Users\Simon\Desktop\kk
    2014-10-19 06:40 - 2014-05-08 10:21 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-10-19 06:40 - 2014-05-08 10:21 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-10-18 16:36 - 2014-05-28 06:50 - 00000000 ____D () C:\ProgramData\Oracle
    2014-10-18 15:34 - 2014-05-08 10:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-10-18 13:39 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
    2014-10-18 13:38 - 2014-05-08 13:17 - 00000000 ____D () C:\ProgramData\Norton
    2014-10-18 13:21 - 2014-05-08 10:23 - 00000000 ____D () C:\Users\Simon\AppData\Local\Deployment
    2014-10-18 13:07 - 2014-06-17 06:32 - 00001181 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-10-18 13:03 - 2014-06-17 06:38 - 00003358 _____ () C:\Windows\SysWOW64\${LOGFILE}
    2014-10-17 19:44 - 2014-05-08 12:21 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-10-17 15:06 - 2009-07-14 05:45 - 00345280 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-10-17 15:03 - 2014-05-08 18:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-10-17 14:45 - 2014-05-08 11:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-10-17 14:36 - 2014-05-08 17:57 - 00000000 ____D () C:\Windows\system32\MRT
    2014-10-17 14:28 - 2014-05-08 17:57 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-10-16 20:58 - 2014-06-17 06:28 - 00022129 _____ () C:\Users\Simon\AppData\Roaming\Bubble Dock.installation.log
    2014-10-10 12:00 - 2009-07-14 06:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-10-08 10:30 - 2014-05-08 10:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-10-06 08:43 - 2014-05-08 10:15 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
    2014-10-05 17:01 - 2014-05-08 10:05 - 00000000 ____D () C:\Users\Simon
    2014-10-04 15:14 - 2014-05-08 13:18 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
    2014-10-04 15:14 - 2014-05-08 13:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
    2014-10-04 15:14 - 2014-05-08 13:17 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
    2014-10-04 14:20 - 2010-11-21 08:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
    2014-10-04 14:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
    2014-10-04 07:42 - 2014-06-02 14:26 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2014-10-04 07:42 - 2014-05-08 10:53 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2014-10-04 07:41 - 2014-06-02 14:26 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2014-10-04 07:41 - 2014-05-08 10:53 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2014-09-30 12:22 - 2014-05-08 11:28 - 00000000 ____D () C:\Program Files\CCleaner
    2014-09-27 09:14 - 2014-05-09 16:12 - 00019968 _____ () C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-09-24 11:22 - 2014-05-08 10:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-09-24 11:22 - 2014-05-08 10:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-09-24 11:22 - 2014-05-08 10:21 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-10-19 16:31
     
    ==================== End Of Log ============================
     
     
     
     
     
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
    Ran by Simon at 2014-10-22 20:52:44
    Running from C:\Users\Simon\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
    AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)
    Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden
    Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - )
    Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden
    Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
    Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version:  - Dell, Inc.)
    EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden
    Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.7.140.701 - Foxit Corporation)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
    Free File Shredder 5.5.2 (HKLM-x32\...\Free File Shredder_is1) (Version:  - FreeFileShredder Co., Ltd.)
    Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
    HP Button Manager (HKLM-x32\...\{465D6ACC-CAB9-40CD-ADAC-A91B071FA30E}) (Version: 3.5.00 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
    HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
    HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
    Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
    Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
    iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
    Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
    Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
    Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
    NVIDIA GeForce Experience Service (Version: 16.13.56 - NVIDIA Corporation) Hidden
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
    NVIDIA Optimus Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA ShadowPlay 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
    NVIDIA Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
    NVIDIA Update Core (Version: 16.13.56 - NVIDIA Corporation) Hidden
    NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
    Qualcomm Atheros Ethernet Controller (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Qualcomm Atheros Inc.)
    Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.304 - Qualcomm Atheros)
    Qualcomm Atheros Killer Network Manager (Version: 6.1.0.304 - Qualcomm Atheros) Hidden
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28099 - Realtek Semiconductor Corp.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
    SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
    Sky Go Desktop (HKCU\...\675107503.go.sky.com) (Version:  - go.sky.com)
    ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0022 - ST Microelectronics)
    WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
     
    ==================== Restore Points  =========================
     
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 03:34 - 2014-06-24 16:15 - 00000035 ____N C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {0426FAA3-4ED9-4EA4-A2C4-99557D50D11C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {066A3E44-8BFF-4F66-BCD2-E26006E8A08C} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    Task: {1A48A601-2050-465F-8898-9EFBEC32B050} - System32\Tasks\HODK => C:\Users\Simon\AppData\Roaming\HODK.exe <==== ATTENTION
    Task: {2441B080-D55B-46D2-8C49-3D5C0480913A} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [2014-01-17] (Symantec)
    Task: {288391B6-F0F7-4C34-B490-0D2349848B70} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {2A3887EF-DE3E-4F81-BDD0-E80917588028} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
    Task: {3EE82BB1-4F23-47A0-ABAB-916D731693F1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {5521D485-B434-43B8-9552-D65FCA8F69A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
    Task: {6BA29AD1-99AF-4F3D-8E9A-3C9ADDF5E500} - System32\Tasks\KKPGLH => C:\Users\Simon\AppData\Roaming\KKPGLH.exe <==== ATTENTION
    Task: {8042A5F9-1001-4A25-82B4-F97B20EBFEC1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {891E12FF-D527-430A-9CB2-9955C60E7CEB} - System32\Tasks\SpeedDiskSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe [2014-01-17] ()
    Task: {9292BDBF-B7A2-4FB7-9355-6818B9DCD567} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {93FD8748-F0C5-4D8B-9B86-8C4A2B6F6AAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
    Task: {A095D8B3-F1D8-40A9-AF8B-01EEFD8CEFDC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
    Task: {AB73E37A-EB4E-4A91-8759-37687D938623} - System32\Tasks\SZK => C:\Users\Simon\AppData\Roaming\SZK.exe <==== ATTENTION
    Task: {B1FC2C26-192A-4A2C-96AF-0599ECEE262C} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {B7D73DAC-7DBB-455B-88E5-E5914AABD75B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {DC27D498-D475-4373-8E79-7C6E606FB001} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {ED2EBEC8-2046-47F5-B565-CE67DF3D13F3} - \WindApp Update No Task File <==== ATTENTION
    Task: {F7951886-058F-4CC9-846B-DCDAB0B9DE34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
    Task: {FD297015-25AF-45BB-A35B-1CAC0F3AF48E} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HODK.job => C:\Users\Simon\AppData\Roaming\HODK.exe <==== ATTENTION
    Task: C:\Windows\Tasks\KKPGLH.job => C:\Users\Simon\AppData\Roaming\KKPGLH.exe <==== ATTENTION
    Task: C:\Windows\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe
    Task: C:\Windows\Tasks\SpeedDiskSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe
    Task: C:\Windows\Tasks\SZK.job => C:\Users\Simon\AppData\Roaming\SZK.exe <==== ATTENTION
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-05-20 09:35 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
    2014-05-08 10:51 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2012-02-15 14:37 - 2012-02-15 14:37 - 00492032 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
    2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
    2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
    2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
    2012-02-15 14:37 - 2012-02-15 14:37 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
    2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
    2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
    2014-05-08 10:33 - 2012-02-14 16:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-05-20 09:50 - 2011-01-23 20:22 - 00770728 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
    2014-05-20 09:50 - 2011-01-23 20:22 - 00139944 _____ () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
    2014-05-24 20:07 - 2012-05-20 22:05 - 01728088 _____ () C:\Program Files (x86)\HP Button Manager\BM.exe
    2011-12-01 20:00 - 2011-12-01 20:00 - 01636208 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
    2014-04-14 20:41 - 2014-04-14 20:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
    2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-05-08 10:46 - 2014-07-02 21:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-05-20 09:50 - 2009-11-26 04:49 - 00086180 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacfg.dll
    2014-05-20 09:50 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll
    2014-05-20 09:50 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll
    2014-05-20 09:50 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaDRS.dll
    2014-05-20 09:50 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll
    2014-05-20 09:50 - 2009-03-05 12:55 - 00059904 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll
    2009-02-20 08:50 - 2009-02-20 08:50 - 00381440 _____ () C:\Windows\system32\dleasm.dll
    2009-02-20 08:50 - 2009-02-20 08:50 - 00028672 _____ () C:\Windows\system32\dleasmr.dll
    2014-05-20 09:50 - 2009-06-22 08:08 - 00708608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epwizard.DLL
    2014-05-20 09:50 - 2009-06-22 08:06 - 00159744 _____ () C:\Program Files (x86)\Dell V310-V510 Series\customui.dll
    2014-05-20 09:50 - 2009-06-22 08:06 - 00114688 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Eputil.DLL
    2014-05-20 09:50 - 2009-06-22 08:05 - 00139264 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Imagutil.DLL
    2014-05-20 09:50 - 2009-06-22 08:06 - 00061440 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epfunct.DLL
    2014-05-20 09:50 - 2009-06-22 08:08 - 02203648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPWizRes.dll
    2014-05-20 09:50 - 2009-06-22 08:08 - 00045056 _____ () C:\Program Files (x86)\Dell V310-V510 Series\epstring.dll
    2014-05-20 09:50 - 2009-06-22 08:08 - 00196608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPOEMDll.dll
    2014-05-20 09:50 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Dell V310-V510 Series\iptk.dll
    2014-05-20 09:50 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaptp.dll
    2009-12-18 11:07 - 2009-12-18 11:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
    2014-10-17 19:43 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
    2014-10-17 19:43 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
    2014-10-17 19:43 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
    2014-10-17 19:43 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
    2014-10-17 19:44 - 2014-10-10 03:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\TEMP:373E1720
    AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Qualcomm Atheros Killer Network Manager.lnk => C:\Windows\pss\Qualcomm Atheros Killer Network Manager.lnk.CommonStartup
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-2615214989-2497064625-3642582449-500 - Administrator - Disabled)
    Guest (S-1-5-21-2615214989-2497064625-3642582449-501 - Limited - Disabled)
    Simon (S-1-5-21-2615214989-2497064625-3642582449-1000 - Administrator - Enabled) => C:\Users\Simon
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (10/22/2014 07:52:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/22/2014 04:36:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/22/2014 02:08:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.
     
    Context: Windows Application
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: The gatherer object cannot be initialized.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
     
    Error: (10/22/2014 02:07:36 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.JetPropStore> cannot be initialized.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (10/22/2014 02:07:36 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: The Windows Search Service cannot load the property store information.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
     
    Error: (10/22/2014 02:07:36 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
     
    System errors:
    =============
    Error: (10/22/2014 07:51:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The dleaCATSCustConnectService service failed to start due to the following error: 
    %%1053
     
    Error: (10/22/2014 07:51:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect.
     
    Error: (10/22/2014 07:51:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Microsoft Antimalware Service service failed to start due to the following error: 
    %%1053
     
    Error: (10/22/2014 07:51:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
     
    Error: (10/22/2014 04:34:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The dleaCATSCustConnectService service failed to start due to the following error: 
    %%1053
     
    Error: (10/22/2014 04:34:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect.
     
    Error: (10/22/2014 04:34:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Microsoft Antimalware Service service failed to start due to the following error: 
    %%1053
     
    Error: (10/22/2014 04:34:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
     
    Error: (10/22/2014 02:08:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
    %%1056
     
    Error: (10/22/2014 02:07:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (10/22/2014 07:52:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/22/2014 04:36:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/22/2014 02:08:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: 
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: Context: Windows Application
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (10/22/2014 02:07:39 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
    Search.TripoliIndexer
     
    Error: (10/22/2014 02:07:36 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
    Search.JetPropStore
     
    Error: (10/22/2014 02:07:36 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
     
    Error: (10/22/2014 02:07:36 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: 
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
    The catalog is corrupt
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2014-06-22 16:42:03.363
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-06-22 16:42:03.332
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
    Percentage of memory in use: 50%
    Total physical RAM: 12170.31 MB
    Available physical RAM: 6001.1 MB
    Total Pagefile: 24338.8 MB
    Available Pagefile: 17773.46 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.86 MB
     
    ==================== Drives ================================
     
    Drive c: (OS) (Fixed) (Total:451.61 GB) (Free:288.02 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A332ED5D)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=14.1 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=451.6 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #6 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 22 October 2014 - 03:25 PM

    Hi,

     

    You have a few questionable files on your system, going to have you run Malwarebytes and lets see if it finds and removes them if not we can check them out

     


    IObit
     
    I want to give you a heads up on IObit, its a program from China and not recommended. The Chinese company behind this product was found to be stealing Malwarebytes database. I would like you to uninstall it as there are better programs out there and why use one from from a questionable  company with bad business practices
     
     
     
     
     

    Download Malwarebytes' Anti-Malware  to your desktop. 
     
    •  
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
     
     
    MBAMDashboard_zpsddef9b5f.gif
     
    •  
    • On the Dashboard click on Update Now
    • Go to the Setting Tab
    • Under Setting go to Detection and Protection
    • Under PUP and PUM make sure both are set to show Threat Detections as Malware
    • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
    • Then on the Dashboard click on Scan
    • Make sure to select THREAT SCAN
    • Then click on Scan
    • When the scan is finished and the log pops up...select Copy to Clipboard
    • Please paste the log back into this thread for review
    • Exit Malwarebytes
     
     
     
     
     
     
     

     



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #7 kunash

    kunash

      Authentic Member

    • Authentic Member
    • PipPip
    • 73 posts

    Posted 23 October 2014 - 03:14 AM

    hi

     

    thanks for reply

     

    i already have malware bytes on my computer (free version).   in settings / advanced  - you can only change the settings in trial or paid for version,  so cannot quarantine anything.

     

    if you would like me to delete malaware then reinstall, maybe that will work

     

    i am unable to locate IOBIT in uninstall programs

     

    i have copied the text file to desktop and copied it.  cant seem to copy to clipboard.  anyway, hopefullt it is ok

     

     

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Scan Date: 23/10/2014
    Scan Time: 09:46:52
    Logfile: 
    Administrator: Yes
     
    Version: 2.00.2.1012
    Malware Database: v2014.10.23.02
    Rootkit Database: v2014.10.22.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled
     
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Simon
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 328624
    Time Elapsed: 10 min, 26 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Disabled
    Rootkits: Disabled
    Heuristics: Disabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registry Keys: 0
    (No malicious items detected)
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 0
    (No malicious items detected)
     
    Files: 0
    (No malicious items detected)
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)


    #8 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 October 2014 - 04:33 AM

    Good Morning,

     

    Go ahead and uninstall Malwarebytes using this tool, reboot and then using the link and instructions from my previous post to download and install the latest version

     

    http://downloads.mal...file/mbam_clean

     

     

    Iobit, nice people, they dont even provide an uninstaller, we can remove it later



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #9 kunash

    kunash

      Authentic Member

    • Authentic Member
    • PipPip
    • 73 posts

    Posted 23 October 2014 - 10:31 AM

    hi

     

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Scan Date: 23/10/2014
    Scan Time: 17:10:05
    Logfile: eeeeeeeee.txt
    Administrator: Yes
     
    Version: 2.00.3.1025
    Malware Database: v2014.10.23.06
    Rootkit Database: v2014.10.22.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
     
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Simon
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 328494
    Time Elapsed: 18 min, 50 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registry Keys: 0
    (No malicious items detected)
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 0
    (No malicious items detected)
     
    Files: 1
    PUP.Optional.SnapDo.A, C:\Windows\Installer\af3559.msi, Quarantined, [d44ee632adcfb482950ab7e208f908f8], 
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)


    #10 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 October 2014 - 11:20 AM

     
    Open notepad (Start --> All Programs --> Accessories --> Notepad).
    Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    Save it to the same directory as FRST or FRST64 as fixlist.txt. (it has to be right next to FRST or FRST64) either in a directory you saved FRST or FRST64 or on your desktop if thats where you saved it.
    You can use your mouse to drag Fixlist right next to FRST or FRST64, either above or below it but not on top of it.
     
    Start
    CloseProcesses:
    2014-10-16 21:03 - 2014-10-22 19:51 - 00001338 _____ () C:\Windows\Tasks\KKPGLH.job
    2014-10-16 21:03 - 2014-10-16 21:03 - 00004364 _____ () C:\Windows\System32\Tasks\KKPGLH
    2014-10-16 20:57 - 2014-10-22 19:51 - 00001332 _____ () C:\Windows\Tasks\SZK.job
    2014-10-16 20:57 - 2014-10-16 20:57 - 00004358 _____ () C:\Windows\System32\Tasks\SZK
    2014-10-16 20:56 - 2014-10-22 19:51 - 00001334 _____ () C:\Windows\Tasks\HODK.job
    2014-10-16 20:56 - 2014-10-16 20:56 - 00004360 _____ () C:\Windows\System32\Tasks\HODK
    Task: {066A3E44-8BFF-4F66-BCD2-E26006E8A08C} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    Task: {1A48A601-2050-465F-8898-9EFBEC32B050} - System32\Tasks\HODK => C:\Users\Simon\AppData\Roaming\HODK.exe <==== ATTENTION
    C:\Program Files (x86)\IObit
    Task: {6BA29AD1-99AF-4F3D-8E9A-3C9ADDF5E500} - System32\Tasks\KKPGLH => C:\Users\Simon\AppData\Roaming\KKPGLH.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\KKPGLH.exe
    Task: {AB73E37A-EB4E-4A91-8759-37687D938623} - System32\Tasks\SZK => C:\Users\Simon\AppData\Roaming\SZK.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\SZK.exe
    Task: {ED2EBEC8-2046-47F5-B565-CE67DF3D13F3} - \WindApp Update No Task File <==== ATTENTION
    Task: C:\Windows\Tasks\HODK.job => C:\Users\Simon\AppData\Roaming\HODK.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\HODK.exe 
    Task: C:\Windows\Tasks\KKPGLH.job => C:\Users\Simon\AppData\Roaming\KKPGLH.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\KKPGLH.exe
    Task: C:\Windows\Tasks\SZK.job => C:\Users\Simon\AppData\Roaming\SZK.exe <==== ATTENTION
    Hosts:
    EmptyTemp:
    End
    
     
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
     
    Then open FRST or FRST64 and click on fix
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

      Advertisements

    Register to Remove


    #11 kunash

    kunash

      Authentic Member

    • Authentic Member
    • PipPip
    • 73 posts

    Posted 23 October 2014 - 11:57 AM

    hi,hope this is ok

     

     

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-10-2014
    Ran by Simon at 2014-10-23 18:48:11 Run:7
    Running from C:\Users\Simon\Desktop
    Loaded Profile: Simon (Available profiles: Simon)
    Boot Mode: Normal
    ==============================================
     
    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    2014-10-16 21:03 - 2014-10-22 19:51 - 00001338 _____ () C:\Windows\Tasks\KKPGLH.job
    2014-10-16 21:03 - 2014-10-16 21:03 - 00004364 _____ () C:\Windows\System32\Tasks\KKPGLH
    2014-10-16 20:57 - 2014-10-22 19:51 - 00001332 _____ () C:\Windows\Tasks\SZK.job
    2014-10-16 20:57 - 2014-10-16 20:57 - 00004358 _____ () C:\Windows\System32\Tasks\SZK
    2014-10-16 20:56 - 2014-10-22 19:51 - 00001334 _____ () C:\Windows\Tasks\HODK.job
    2014-10-16 20:56 - 2014-10-16 20:56 - 00004360 _____ () C:\Windows\System32\Tasks\HODK
    Task: {066A3E44-8BFF-4F66-BCD2-E26006E8A08C} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    Task: {1A48A601-2050-465F-8898-9EFBEC32B050} - System32\Tasks\HODK => C:\Users\Simon\AppData\Roaming\HODK.exe <==== ATTENTION
    C:\Program Files (x86)\IObit
    Task: {6BA29AD1-99AF-4F3D-8E9A-3C9ADDF5E500} - System32\Tasks\KKPGLH => C:\Users\Simon\AppData\Roaming\KKPGLH.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\KKPGLH.exe
    Task: {AB73E37A-EB4E-4A91-8759-37687D938623} - System32\Tasks\SZK => C:\Users\Simon\AppData\Roaming\SZK.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\SZK.exe
    Task: {ED2EBEC8-2046-47F5-B565-CE67DF3D13F3} - \WindApp Update No Task File <==== ATTENTION
    Task: C:\Windows\Tasks\HODK.job => C:\Users\Simon\AppData\Roaming\HODK.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\HODK.exe 
    Task: C:\Windows\Tasks\KKPGLH.job => C:\Users\Simon\AppData\Roaming\KKPGLH.exe <==== ATTENTION
    C:\Users\Simon\AppData\Roaming\KKPGLH.exe
    Task: C:\Windows\Tasks\SZK.job => C:\Users\Simon\AppData\Roaming\SZK.exe <==== ATTENTION
    Hosts:
    EmptyTemp:
    End
    *****************
     
    Processes closed successfully.
    C:\Windows\Tasks\KKPGLH.job => Moved successfully.
    C:\Windows\System32\Tasks\KKPGLH => Moved successfully.
    C:\Windows\Tasks\SZK.job => Moved successfully.
    C:\Windows\System32\Tasks\SZK => Moved successfully.
    C:\Windows\Tasks\HODK.job => Moved successfully.
    C:\Windows\System32\Tasks\HODK => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{066A3E44-8BFF-4F66-BCD2-E26006E8A08C}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{066A3E44-8BFF-4F66-BCD2-E26006E8A08C}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM) => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A48A601-2050-465F-8898-9EFBEC32B050}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A48A601-2050-465F-8898-9EFBEC32B050}" => Key deleted successfully.
    C:\Windows\System32\Tasks\HODK not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HODK" => Key deleted successfully.
    "C:\Program Files (x86)\IObit" => File/Directory not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BA29AD1-99AF-4F3D-8E9A-3C9ADDF5E500}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BA29AD1-99AF-4F3D-8E9A-3C9ADDF5E500}" => Key deleted successfully.
    C:\Windows\System32\Tasks\KKPGLH not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KKPGLH" => Key deleted successfully.
    "C:\Users\Simon\AppData\Roaming\KKPGLH.exe" => File/Directory not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB73E37A-EB4E-4A91-8759-37687D938623}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB73E37A-EB4E-4A91-8759-37687D938623}" => Key deleted successfully.
    C:\Windows\System32\Tasks\SZK not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SZK" => Key deleted successfully.
    "C:\Users\Simon\AppData\Roaming\SZK.exe" => File/Directory not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED2EBEC8-2046-47F5-B565-CE67DF3D13F3}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED2EBEC8-2046-47F5-B565-CE67DF3D13F3}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindApp Update" => Key deleted successfully.
    C:\Windows\Tasks\HODK.job not found.
    "C:\Users\Simon\AppData\Roaming\HODK.exe" => File/Directory not found.
    C:\Windows\Tasks\KKPGLH.job not found.
    "C:\Users\Simon\AppData\Roaming\KKPGLH.exe" => File/Directory not found.
    C:\Windows\Tasks\SZK.job not found.
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 563.2 MB temporary data.
     
     
    The system needed a reboot. 
     
    ==== End of Fixlog ====


    #12 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 October 2014 - 12:23 PM

    :thumbup:

     

    How is your system behaving now ??



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #13 kunash

    kunash

      Authentic Member

    • Authentic Member
    • PipPip
    • 73 posts

    Posted 27 October 2014 - 03:43 AM

    sorry for late reply.   had 2 birthday parties to go to including my daughters, plus got breathing problems through a bad chest.    computer is running well.  but I still have a program called remote control access on my computer - doesn't show in uninstall programs.   I will post screen shots later



    #14 kunash

    kunash

      Authentic Member

    • Authentic Member
    • PipPip
    • 73 posts

    Posted 29 October 2014 - 01:58 AM

    sorry ken still not feeling too great,   I will get back to you

     

     

    thanks



    #15 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 29 October 2014 - 04:10 AM

    Get better, we will still be here, I will keep this thread open for you for about a week



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users