Solved Viruses preventing me from just about everything

2015-01-05 18:33 - 2014-10-09 18:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-01-05 18:33 - 2014-10-09 18:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-01-05 18:33 - 2014-10-08 00:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-05 18:33 - 2014-10-08 00:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-05 18:33 - 2014-10-08 00:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-01-05 18:33 - 2014-10-08 00:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-01-05 18:33 - 2014-10-07 23:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-01-05 18:33 - 2014-10-07 23:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-05 18:33 - 2014-10-07 23:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-05 18:33 - 2014-10-07 23:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-01-05 18:33 - 2014-10-07 23:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-05 18:33 - 2014-10-07 22:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-05 18:32 - 2014-10-17 00:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-05 18:32 - 2014-10-16 23:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-05 18:29 - 2014-10-12 19:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-01-05 18:29 - 2014-10-12 19:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-01-05 18:29 - 2014-10-12 19:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-01-05 18:29 - 2014-10-12 19:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-01-05 18:29 - 2014-09-03 17:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-05 18:29 - 2014-09-03 17:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-05 18:29 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-05 18:29 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-05 18:29 - 2014-08-01 17:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-01-05 18:29 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-01-05 18:29 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-01-05 18:29 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-01-05 18:29 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-01-05 18:28 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-05 18:28 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-05 18:28 - 2014-11-09 16:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-05 18:28 - 2014-11-09 16:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-05 18:28 - 2014-10-06 23:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-05 18:28 - 2014-10-06 23:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-05 18:28 - 2014-10-06 23:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-05 18:28 - 2014-10-06 23:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-05 18:28 - 2014-10-06 23:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-05 18:28 - 2014-10-06 20:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-05 18:28 - 2014-10-06 20:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-05 18:28 - 2014-10-06 20:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-05 18:28 - 2014-10-06 18:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-05 18:28 - 2014-10-06 18:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-05 18:27 - 2014-09-09 23:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-05 18:27 - 2014-09-07 20:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-05 18:27 - 2014-09-07 15:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2015-01-05 18:27 - 2014-09-04 15:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-05 18:27 - 2014-09-04 15:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-05 18:27 - 2014-09-03 20:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-01-05 18:27 - 2014-09-03 19:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-01-05 18:27 - 2014-08-30 17:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-05 18:27 - 2014-08-30 15:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-05 18:27 - 2014-08-30 14:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-01-05 18:27 - 2014-08-30 13:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-01-05 18:27 - 2014-08-27 19:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-05 18:27 - 2014-08-22 22:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-01-05 18:27 - 2014-08-22 22:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-01-05 18:27 - 2014-08-22 21:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-01-05 18:26 - 2014-09-07 20:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-05 18:26 - 2014-09-03 18:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-01-05 18:26 - 2014-09-03 17:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-01-05 18:26 - 2014-09-03 17:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-01-05 18:26 - 2014-08-30 17:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-05 18:26 - 2014-08-30 15:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-01-05 18:26 - 2014-08-30 14:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-01-05 18:26 - 2014-08-30 13:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-01-05 18:26 - 2014-08-27 17:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-05 18:26 - 2014-08-27 17:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-05 18:26 - 2014-08-01 17:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-01-05 18:26 - 2014-08-01 17:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-01-05 18:26 - 2014-07-24 04:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-01-05 18:26 - 2014-07-24 02:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-01-05 18:26 - 2014-07-24 02:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-01-05 18:26 - 2014-07-24 01:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-01-05 18:26 - 2014-07-24 01:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-01-05 18:26 - 2014-07-24 00:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-01-05 18:26 - 2014-07-24 00:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-01-05 18:25 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-01-05 18:25 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-01-05 18:24 - 2014-11-21 20:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-05 18:24 - 2014-11-21 19:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-05 18:24 - 2014-11-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-05 18:24 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-05 18:24 - 2014-11-21 19:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-05 18:24 - 2014-11-21 19:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-05 18:24 - 2014-11-21 19:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-05 18:24 - 2014-11-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-05 18:24 - 2014-11-21 19:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-05 18:24 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-05 18:24 - 2014-11-21 19:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-05 18:24 - 2014-11-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-05 18:24 - 2014-11-21 19:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-05 18:24 - 2014-11-21 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-05 18:24 - 2014-11-21 18:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-05 18:24 - 2014-11-21 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-05 18:24 - 2014-11-21 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-05 18:24 - 2014-11-21 18:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-05 18:24 - 2014-11-21 18:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-05 18:24 - 2014-11-21 18:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-05 18:24 - 2014-11-21 18:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-05 18:24 - 2014-11-21 18:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-05 18:24 - 2014-11-21 18:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-05 18:24 - 2014-11-21 18:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-05 18:24 - 2014-11-21 18:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-05 18:24 - 2014-11-21 18:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-01-05 18:24 - 2014-11-21 18:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-05 18:24 - 2014-11-21 18:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-05 18:24 - 2014-11-21 18:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-05 18:24 - 2014-11-21 18:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-05 18:24 - 2014-11-21 18:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-05 18:24 - 2014-11-21 18:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-05 18:24 - 2014-11-21 18:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-05 18:24 - 2014-11-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-05 18:24 - 2014-11-21 18:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-05 18:24 - 2014-11-21 17:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-05 18:24 - 2014-11-21 17:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-05 18:24 - 2014-10-30 21:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-05 18:24 - 2014-10-30 21:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-05 18:24 - 2014-10-30 21:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2015-01-05 18:24 - 2014-10-30 21:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-05 18:24 - 2014-10-30 21:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-05 18:24 - 2014-10-30 21:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-05 18:24 - 2014-10-30 21:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-05 18:24 - 2014-10-30 21:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-05 18:24 - 2014-10-30 21:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-05 18:24 - 2014-10-30 21:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-05 18:24 - 2014-10-30 21:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-05 18:24 - 2014-10-30 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-05 18:24 - 2014-10-30 20:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-01-05 18:24 - 2014-10-30 20:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-05 18:24 - 2014-10-30 20:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2015-01-05 18:24 - 2014-10-30 20:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-05 18:24 - 2014-10-30 20:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-05 18:24 - 2014-10-30 20:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-05 18:24 - 2014-10-30 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-05 18:24 - 2014-10-30 19:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-05 18:24 - 2014-10-30 19:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-05 18:24 - 2014-10-30 19:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-05 18:24 - 2014-10-30 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-05 18:24 - 2014-10-30 19:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-05 18:24 - 2014-10-30 19:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-01-05 18:23 - 2014-11-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-05 18:23 - 2014-11-21 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-05 18:23 - 2014-11-06 21:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-05 18:23 - 2014-11-06 20:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-05 18:23 - 2014-10-30 22:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-05 18:23 - 2014-10-30 22:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-05 18:23 - 2014-10-30 22:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-05 18:23 - 2014-10-30 22:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-05 18:23 - 2014-10-30 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-05 18:23 - 2014-10-30 22:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-05 18:23 - 2014-10-30 22:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-05 18:23 - 2014-10-30 22:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-05 18:23 - 2014-10-30 21:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-05 18:23 - 2014-10-30 21:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-05 18:23 - 2014-10-30 21:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-05 18:23 - 2014-10-30 21:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-05 18:23 - 2014-10-30 21:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-05 18:23 - 2014-10-30 20:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-05 18:23 - 2014-10-30 20:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-05 18:23 - 2014-10-30 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-05 18:23 - 2014-10-30 20:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-05 18:23 - 2014-10-30 20:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-05 18:23 - 2014-10-30 20:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-05 18:23 - 2014-10-30 20:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-05 18:23 - 2014-10-30 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-05 18:23 - 2014-10-30 20:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-05 18:23 - 2014-10-30 20:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-05 18:23 - 2014-10-30 20:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-05 18:23 - 2014-10-30 20:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-05 18:23 - 2014-10-30 20:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-05 18:23 - 2014-10-30 19:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-05 18:23 - 2014-10-30 19:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-05 18:23 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-01-05 18:23 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-01-05 18:23 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-01-05 18:23 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-05 18:23 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-05 18:23 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-05 18:23 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-01-05 18:23 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-01-05 18:23 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-05 18:23 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-05 18:23 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-05 18:23 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-05 18:23 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-05 18:23 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2015-01-05 18:23 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2015-01-05 18:23 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-01-05 18:23 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-01-05 18:22 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-05 18:22 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-05 18:22 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-01-05 18:22 - 2014-06-06 06:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-05 18:22 - 2014-06-06 05:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-05 18:06 - 2014-05-31 03:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-05 18:06 - 2014-05-31 03:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-01-05 18:06 - 2014-05-30 20:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-05 18:06 - 2014-05-30 20:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-05 18:06 - 2014-05-30 19:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-05 18:06 - 2014-05-30 19:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-05 18:06 - 2014-05-30 19:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-05 18:06 - 2014-05-30 19:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-01-05 18:06 - 2014-05-30 19:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-12-28 12:12 - 2015-01-18 21:21 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-28 12:11 - 2015-01-18 21:15 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-26 05:24 - 2014-12-26 05:24 - 00000000 ____D () C:\Users\Lancee1994\Documents\Social Folder
2014-12-26 05:24 - 2014-12-26 05:24 - 00000000 ____D () C:\Users\Lancee1994\Documents\New folder
2014-12-26 05:17 - 2014-12-26 05:17 - 00000000 __SHD () C:\Users\Lancee1994\AppData\Local\EmieUserList
2014-12-26 05:17 - 2014-12-26 05:17 - 00000000 __SHD () C:\Users\Lancee1994\AppData\Local\EmieSiteList
2014-12-26 05:05 - 2015-01-20 21:06 - 00000000 ___RD () C:\Users\Lancee1994\Lancee's Social Folder
2014-12-26 05:01 - 2014-12-26 05:01 - 00000000 ____D () C:\Users\Lancee1994\AppData\Roaming\hpqlog
2014-12-26 05:01 - 2014-12-26 05:01 - 00000000 ____D () C:\Users\Lancee1994\AppData\Local\Hewlett-Packard
2014-12-25 15:20 - 2014-12-25 15:20 - 00000000 ____D () C:\Users\Lancee1994\Documents\Avatar
2014-12-25 15:20 - 2014-12-25 15:20 - 00000000 ____D () C:\Users\Lancee1994\AppData\Roaming\CyberLink
2014-12-25 15:11 - 2015-01-20 21:16 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3880998103-4133493420-2947507012-1001
2014-12-25 15:11 - 2014-12-25 15:11 - 00000000 ____D () C:\Users\Lancee1994\AppData\Roaming\Macromedia
2014-12-25 15:09 - 2014-12-25 15:20 - 00000000 ____D () C:\Users\Lancee1994\AppData\Roaming\Hewlett-Packard
2014-12-25 15:08 - 2015-01-20 21:09 - 00000000 ____D () C:\Users\Lancee1994\Documents\Youcam
2014-12-25 15:08 - 2014-12-25 15:08 - 00000000 ____D () C:\Users\Lancee1994\AppData\Local\CyberLink
2014-12-25 15:07 - 2014-12-25 15:07 - 00000000 ____D () C:\Users\Lancee1994\AppData\Roaming\Synaptics
2014-12-25 15:07 - 2014-12-25 15:07 - 00000000 ____D () C:\Users\Lancee1994\AppData\Local\Power2Go8
2014-12-25 15:07 - 2014-12-25 15:07 - 00000000 ____D () C:\ProgramData\Synaptics
2014-12-25 15:06 - 2014-12-25 15:06 - 00002155 _____ () C:\Users\Public\Desktop\WildTangent Games for HP.lnk
2014-12-25 15:06 - 2014-12-25 15:06 - 00001453 _____ () C:\Users\Lancee1994\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-25 15:06 - 2014-12-25 15:06 - 00000000 ____D () C:\Users\Lancee1994\AppData\Roaming\Adobe
2014-12-25 15:06 - 2014-12-25 15:06 - 00000000 ____D () C:\Users\Lancee1994\AppData\Local\VirtualStore
2014-12-25 15:06 - 2014-10-21 22:28 - 00002391 _____ () C:\Users\Public\Desktop\Walmart Photo Center.lnk
2014-12-25 15:05 - 2015-01-20 20:54 - 00000000 ____D () C:\Users\Lancee1994
2014-12-25 15:05 - 2014-12-26 05:07 - 00000000 ____D () C:\Users\Lancee1994\AppData\Local\Packages
2014-12-25 15:05 - 2014-12-25 15:05 - 00000020 ___SH () C:\Users\Lancee1994\ntuser.ini
2014-12-25 15:05 - 2014-10-21 22:41 - 00000000 ___RD () C:\Users\Lancee1994\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-25 15:05 - 2014-04-24 19:12 - 00000000 ___HD () C:\Users\Lancee1994\Documents\hp.system.package.metadata
2014-12-25 15:05 - 2014-03-18 03:06 - 00000000 ___RD () C:\Users\Lancee1994\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-25 15:05 - 2014-03-18 02:54 - 00000369 _____ () C:\Users\Lancee1994\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-25 15:05 - 2014-03-18 02:54 - 00000369 _____ () C:\Users\Lancee1994\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-25 15:05 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Lancee1994\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-25 15:05 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\Lancee1994\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-25 14:53 - 2015-01-20 21:05 - 02093576 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 21:15 - 2014-10-21 22:22 - 00001867 _____ () C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
2015-01-20 21:15 - 2014-04-24 19:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-01-20 21:12 - 2014-03-18 02:53 - 00956476 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-20 21:05 - 2014-03-18 02:44 - 00407652 _____ () C:\Windows\PFRO.log
2015-01-20 21:05 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-20 21:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-20 21:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-20 15:59 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-19 22:06 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-19 19:44 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-19 19:03 - 2013-08-22 07:44 - 00486136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-19 17:58 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-01-19 17:19 - 2013-08-22 06:25 - 00000301 _____ () C:\Windows\win.ini
2015-01-15 19:15 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-15 19:06 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-13 09:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-12 17:07 - 2014-10-21 22:20 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Camera
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-12 16:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-12 16:51 - 2014-03-18 02:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-12 16:51 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-12 16:51 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-12 16:39 - 2014-03-18 02:38 - 00000000 ____D () C:\Windows\ShellNew
2015-01-12 16:38 - 2014-04-24 19:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-06 00:08 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\restore
2015-01-05 22:54 - 2013-08-22 08:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-05 22:51 - 2014-10-21 22:20 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-28 12:11 - 2014-04-24 19:12 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-12-26 05:01 - 2014-04-24 19:16 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-12-26 04:53 - 2014-10-21 22:30 - 00000000 ____D () C:\Users\Public\CyberLink
2014-12-25 15:06 - 2014-04-24 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-12-25 15:06 - 2014-04-24 19:25 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-12-25 15:06 - 2014-04-24 19:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-12-25 15:06 - 2014-04-24 19:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-12-25 15:05 - 2014-03-31 18:07 - 00000000 ___HD () C:\SYSTEM.SAV
2014-12-25 14:44 - 2014-04-02 03:25 - 00000000 ____D () C:\Windows\Panther

==================== Files in the root of some directories =======
2015-01-13 20:15 - 2015-01-14 15:18 - 0000070 _____ () C:\Users\Lancee1994\AppData\Roaming\WB.CFG

Some content of TEMP:
====================
C:\Users\Lancee1994\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Lancee1994\AppData\Local\Temp\optprosetup.exe
C:\Users\Lancee1994\AppData\Local\Temp\Quarantine.exe
C:\Users\Lancee1994\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-12 14:20

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Lancee1994 at 2015-01-20 21:19:27
Running from C:\Users\Lancee1994\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Spyware Clear with PC Tech Hotline (HKLM-x32\...\{5FB600FF-BC65-471F-A3F8-C2666863BA75}_is1) (Version: 1.3.0.27 - Crawler Group)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Unchecky v0.3.5 (HKLM-x32\...\Unchecky) (Version: 0.3.5 - RaMMicHaeL)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

06-01-2015 00:08:49 Scheduled Checkpoint
12-01-2015 15:01:48 Windows Update
15-01-2015 19:03:52 Windows Update
19-01-2015 17:38:52 Windows Update
19-01-2015 22:15:37 Pre-MBAR

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2015-01-20 21:05 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1A80CCB1-2533-4052-AF56-5D1F38633F14} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1D3E694E-A038-4447-A8D9-F64D0F379480} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {4F31E7BD-BFC8-4BCD-8BA3-2969D6C9CC04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {517EB82D-1AF1-4F98-B0C7-7627C442FC36} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {6BAC152E-B287-42E7-B91B-DD3BB7CD015E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {A269A83C-0B0E-424E-A64C-467D18A4F534} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {BF6E6529-4BFB-43F6-B889-A1C501DB0CC5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {C1280D70-B845-40B3-A48A-BF273B1B5E65} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2015-01-19] (Microsoft Corporation)
Task: {D4E677B4-1D8A-49A5-A70F-C5D90620FDE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {E184E1D7-84D5-4B68-AE48-A31C683E91BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Pending HPSA Messages Reminder => C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP HEALTH CHECK\ACTIVECHECK\PRODUCT_LINE\DETECTION_TOASTNOTIFY.EXE [2014-12-16] (Hewlett-Packard)
Task: {F6F8AF8A-5DF5-415D-9D08-A5DC5C36D5B2} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {F9B8DD56-E852-45CA-B115-01A7FF00ABB7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F9E094E0-931E-45F2-BCA4-86961158B591} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-12] (Synaptics Incorporated)

==================== Loaded Modules (whitelisted) =============

2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-10-21 22:30 - 2013-08-05 00:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-19 16:54 - 2015-01-09 02:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Lancee1994\Lancee's Social Folder:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3880998103-4133493420-2947507012-500 - Administrator - Disabled)
Guest (S-1-5-21-3880998103-4133493420-2947507012-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3880998103-4133493420-2947507012-1003 - Limited - Enabled)
Lancee1994 (S-1-5-21-3880998103-4133493420-2947507012-1001 - Administrator - Enabled) => C:\Users\Lancee1994

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/20/2015 09:18:58 PM) (Source: DCOM) (EventID: 10010) (User: LANCEEFANCEE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 09:18:28 PM) (Source: DCOM) (EventID: 10010) (User: LANCEEFANCEE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 09:17:58 PM) (Source: DCOM) (EventID: 10010) (User: LANCEEFANCEE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 09:17:28 PM) (Source: DCOM) (EventID: 10010) (User: LANCEEFANCEE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 50%
Total physical RAM: 3984.27 MB
Available physical RAM: 1989.2 MB
Total Pagefile: 5968.27 MB
Available Pagefile: 4055.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:441.94 GB) (Free:394.84 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:22.8 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 57DF2823)

Partition: GPT Partition Type.

==================== End Of Log ============================
 
Additional.txt is already here. search for "Additional scan result" that is the top line of text in that log.
 
redtarget.gif
Uninstall Spyware Clear with PC Tech Hotline.

redtarget.gif
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    952 bytes · Views: 1
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Lancee1994 at 2015-01-20 21:55:59 Run:1
Running from C:\Users\Lancee1994\Desktop
Loaded Profiles: Lancee1994 (Available profiles: Lancee1994)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S2 c7522d84; c:\Program Files (x86)\Optimizer Pro 3.27\OptProMon.dll [2462800 2015-01-13] ()
c:\Program Files (x86)\Optimizer Pro 3.27
2015-01-13 15:15 - 2015-01-13 15:15 - 00000000 ____D () C:\ProgramData\{1204FAC7-4286-2B41-F300-5BC32382884D}
C:\Users\Lancee1994\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Lancee1994\AppData\Local\Temp\optprosetup.exe
C:\Users\Lancee1994\AppData\Local\Temp\Quarantine.exe
C:\Users\Lancee1994\AppData\Local\Temp\sqlite3.dll
AlternateDataStreams: C:\Users\Lancee1994\Lancee's Social Folder:ms-properties

*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
c7522d84 => Service deleted successfully.
c:\Program Files (x86)\Optimizer Pro 3.27 => Moved successfully.
C:\ProgramData\{1204FAC7-4286-2B41-F300-5BC32382884D} => Moved successfully.
C:\Users\Lancee1994\AppData\Local\Temp\dllnt_dump.dll => Moved successfully.
C:\Users\Lancee1994\AppData\Local\Temp\optprosetup.exe => Moved successfully.
C:\Users\Lancee1994\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Lancee1994\AppData\Local\Temp\sqlite3.dll => Moved successfully.
"C:\Users\Lancee1994\Lancee's Social Folder" => ":ms-properties" ADS not found.


The system needed a reboot.

==== End of Fixlog 21:56:01 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 0.99.93
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
Windows Defender
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 17-01-2015
Ran by Lancee1994 (administrator) on 20-01-2015 at 22:13:59
Running from "C:\Users\Lancee1994\Desktop"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
During the Sophos installation files are corrupt. Please download a fresh copy and retry the installation. Will be trying this next.
 
During the Sophos installation, got the following message: "Files are corrupt. Please download a fresh copy and retry the installation." Will be trying this next.
 
I went ahead with the Sophos Free Virus Removal Scan, and once the scan finished, it had found that there were no threats detected. Therefore, it did not allow me to access details and that means I have no results to post in this reply for you to take a look at. Do you want me to exit the program and go forward with the installation of the anti virus software options you asked me to download or do you have any other steps I must go through before downloading the anti-virus software.
 
You have McAfee running so I'm not sure what antivirus software you're referring to.
 
I just looked back and I do not know what I was referring to. The Sophos Virus Removal scan went well though. What is the next step I need to take in order to finish up?
 
Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.
 
My computer is doing well. I have concerns about a few programs on my computer that look suspicious to me or that I don't think I downloaded intentionally.
HP Support Assistant
Unchecky
VUDU Streaming Movies
WildTangent Games for HP

Do any of these need to be uninstalled?
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
837
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
Daniel Sims
Debris from the International Space Station confirmed to have hit a Florida home
Replies
15
Views
2K
Endymio
Endymio

Latest posts

Back