Solved Rootkit warning keeps coming back

It may be false positive.
Let's see where the file is located.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box and paste it into the main textfield:
Code: 
:filefind
jswpsapi.exe
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
Broni. Downloaded from 64bit users go here.clicked on the look button.
A small box popped up with an X in a red circle and the words script required
with ok on the bottom clicked ok. it went away???
 
SystemLook 30.07.11 by jpshortstuff
Log created at 23:09 on 10/11/2014 by R.W.Solema
Administrator - Elevation successful

========== filefind ==========

Searching for "jswpsapi.exe"
C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe --a---- 954368 bytes [23:54 06/03/2014] [00:10 06/11/2009] 81534359F525F7C02B2B56B2653BD779

-= EOF =-

Broni; Not sure if the scan finished, because of the word "Searching" But. I gave it about 25 minutes.
 
Broni. Not sure what file you want me to send to Avast.

Boy FRST logs are really long.Tried to send both sections at once. Too long
Tried to send just the first section Still too long.
Hopefully it will work if I divide each section into 2 parts
Will try to get that done tonight. If not it will have to wait until tomorrow after a doctors appointment..

Is it still looking like a false positive?
 
Ran by R.W.Solema (administrator) on COMPZILLA on 11-11-2014 22:15:25
Running from C:\Users\R.W.Solema\Downloads
Loaded Profile: R.W.Solema (Available profiles: R.W.Solema)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Farbar) C:\Users\R.W.Solema\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot)
HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [12724456 2014-08-28] (Zemana Ltd.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-09-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-09] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-01] (SUPERAntiSpyware)
HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Run: [StartMenuX34] => C:\Program Files\Start Menu X\StartMenuX.exe [7690048 2014-06-02] (OrdinarySoft)
HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\RunOnce: [WLStart] => C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [768336 2009-07-26] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE16F2~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(4).dll [90448 2014-08-28] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(4).dll [83208 2014-08-28] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk
ShortcutTarget: NETGEAR WNA1100 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=hp-avast&type=odc179
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=hp-avast&type=odc179
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com/?fr=hp-avast&type=odc179
HKU\S-1-5-21-289670154-1285097819-147057498-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKCU - URL http://search.conduit.com/Results.a...-4C88-BF98-E1D0D34FEAFF&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {A3D96096-9895-45E1-AC03-4F741C99590A} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-289670154-1285097819-147057498-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-289670154-1285097819-147057498-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\R.W.Solema\AppData\Roaming\Mozilla\Firefox\Profiles\mxbcgzf7.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchUrl: https://search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://www.yahoo.com/?fr=hp-avast&type=odc179
FF Keyword.URL: https://search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\R.W.Solema\AppData\Roaming\Mozilla\Firefox\Profiles\mxbcgzf7.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Users\R.W.Solema\AppData\Roaming\Mozilla\Firefox\Profiles\mxbcgzf7.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF Extension: DownloadHelper - C:\Users\R.W.Solema\AppData\Roaming\Mozilla\Firefox\Profiles\mxbcgzf7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-03]
FF Extension: Terms of Service; Didn’t Read - C:\Users\R.W.Solema\AppData\Roaming\Mozilla\Firefox\Profiles\mxbcgzf7.default\Extensions\jid0-3GUEt1r69sQNSrca5p8kx9Ezc3U@jetpack.xpi [2014-11-02]
FF Extension: Adblock Plus - C:\Users\R.W.Solema\AppData\Roaming\Mozilla\Firefox\Profiles\mxbcgzf7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-09]
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=MA775D4C9-9930-434A-A073-D1F088070EEC&SearchSource=55&CUI=&UM=6&UP=SP00607F28-7C58-4C75-98AC-FC60277610F0&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=MA775D4C9-9930-434A-A073-D1F088070EEC&SearchSource=55&CUI=&UM=6&UP=SP00607F28-7C58-4C75-98AC-FC60277610F0&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com/Results.aspx?g...-4C75-98AC-FC60277610F0&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-03]
CHR Extension: (Google Docs) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-03]
CHR Extension: (Google Drive) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (WOT) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-09-03]
CHR Extension: (YouTube) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-03]
CHR Extension: (Adblock Plus) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-03]
CHR Extension: (Google Search) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-03]
CHR Extension: (Google Sheets) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-03]
CHR Extension: (AdBlock) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-03]
CHR Extension: (avast! Online Security) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-03]
CHR Extension: (Keep My Opt-Outs) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2014-09-03]
CHR Extension: (Inbox Pause) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\illgajkjilbddcllilfobfbbgmlfkkeh [2014-09-03]
CHR Extension: (Puppy Theme) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdobmlhglkcaifkoikbmfpkheknheblb [2014-09-03]
CHR Extension: (Google Wallet) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-03]
CHR Extension: (Gmail) - C:\Users\R.W.Solema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-09] (Avast Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
S4 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [954368 2009-11-05] (Atheros Communications, Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-09-18] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3\RpcAgentSrv.exe [73712 2014-08-16] (SiSoftware) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [278528 2009-11-27] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-09] ()
R3 fwndis; C:\Windows\System32\DRIVERS\fwndis64.sys [35336 2014-06-18] ()
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2014-08-28] (Zemana Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc)
R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-08] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-09] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-11 22:14 - 2014-11-11 22:14 - 02116096 _____ (Farbar) C:\Users\R.W.Solema\Downloads\FRST64(1).exe
2014-11-11 19:35 - 2014-11-11 19:35 - 00000197 _____ () C:\windows\system32\2014-11-12-03-35-57.085-AvastVBoxSVC.exe-3552.log
2014-11-11 17:46 - 2014-11-11 17:46 - 00027705 _____ () C:\Users\R.W.Solema\Downloads\Addition.txt
2014-11-11 17:45 - 2014-11-11 22:15 - 00025481 _____ () C:\Users\R.W.Solema\Downloads\FRST.txt
2014-11-11 17:45 - 2014-11-11 22:15 - 00000000 ____D () C:\FRST
2014-11-11 17:44 - 2014-11-11 17:45 - 02116096 _____ (Farbar) C:\Users\R.W.Solema\Downloads\FRST64.exe
2014-11-11 11:38 - 2014-11-11 11:39 - 00000197 _____ () C:\windows\system32\2014-11-11-19-38-53.093-AvastVBoxSVC.exe-4716.log
2014-11-11 10:18 - 2014-11-11 10:18 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\Moonchild Productions
2014-11-11 10:18 - 2014-11-11 10:18 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Local\Moonchild Productions
2014-11-11 10:17 - 2014-11-11 10:17 - 00000857 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2014-11-11 10:17 - 2014-11-11 10:17 - 00000845 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-11-11 10:17 - 2014-11-11 10:17 - 00000000 ____D () C:\Program Files\Pale Moon
2014-11-11 10:15 - 2014-11-11 10:15 - 00793258 _____ () C:\Users\R.W.Solema\Downloads\palemoon-websetup.exe
2014-11-11 10:10 - 2014-11-11 10:10 - 36489920 _____ () C:\Users\R.W.Solema\Downloads\Firefox Setup 33.1.exe
2014-11-11 09:05 - 2014-11-11 09:06 - 00000197 _____ () C:\windows\system32\2014-11-11-17-05-55.087-AvastVBoxSVC.exe-4064.log
2014-11-10 23:09 - 2014-11-10 23:11 - 00000694 _____ () C:\Users\R.W.Solema\Downloads\SystemLook.txt
2014-11-10 23:08 - 2014-11-10 23:08 - 00000197 _____ () C:\windows\system32\2014-11-11-07-08-27.037-AvastVBoxSVC.exe-5480.log
2014-11-10 19:48 - 2014-11-10 19:48 - 00165376 _____ () C:\Users\R.W.Solema\Downloads\SystemLook_x64(1).exe
2014-11-10 19:35 - 2014-11-10 19:35 - 00139264 _____ () C:\Users\R.W.Solema\Downloads\SystemLook.exe
2014-11-10 19:25 - 2014-11-10 19:25 - 00165376 _____ () C:\Users\R.W.Solema\Downloads\SystemLook_x64.exe
2014-11-10 19:17 - 2014-11-11 11:35 - 00003374 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-289670154-1285097819-147057498-1001
2014-11-10 19:17 - 2014-11-10 19:17 - 00000197 _____ () C:\windows\system32\2014-11-11-03-17-33.045-AvastVBoxSVC.exe-4244.log
2014-11-10 16:10 - 2014-11-10 16:11 - 00000197 _____ () C:\windows\system32\2014-11-11-00-10-41.091-AvastVBoxSVC.exe-3136.log
2014-11-10 13:08 - 2014-11-11 10:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 12:54 - 2014-11-11 21:51 - 00003352 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-289670154-1285097819-147057498-1001
2014-11-10 12:52 - 2014-11-10 12:53 - 00000197 _____ () C:\windows\system32\2014-11-10-20-52-49.036-AvastVBoxSVC.exe-3328.log
2014-11-09 22:21 - 2014-11-09 22:21 - 00699016 _____ (CNET Download.com) C:\Users\R.W.Solema\Downloads\cbsidlm-cbsi213-YTD_Downloader-SEO-75450165.exe
2014-11-09 19:46 - 2014-11-09 19:46 - 04066136 _____ (Zemana Ltd. ) C:\Users\R.W.Solema\Downloads\AntiLoggerFree_Setup_1.7.2.390(1).exe
2014-11-09 19:31 - 2014-11-11 21:50 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-09 19:31 - 2014-11-09 19:31 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-09 19:31 - 2014-11-09 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-09 19:31 - 2014-11-09 19:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-09 19:31 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-09 19:31 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-09 19:31 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-09 19:30 - 2014-11-09 19:30 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\R.W.Solema\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-11-09 19:28 - 2014-11-11 21:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-09 19:28 - 2014-11-09 19:28 - 00001768 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-11-09 19:28 - 2014-11-09 19:28 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\SUPERAntiSpyware.com
2014-11-09 19:28 - 2014-11-09 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-09 19:26 - 2014-11-09 19:26 - 20277648 _____ (SUPERAntiSpyware) C:\Users\R.W.Solema\Downloads\SUPERAntiSpyware(5).exe
2014-11-09 19:20 - 2014-11-09 19:20 - 00001370 _____ () C:\Users\R.W.Solema\Desktop\JRT.txt
2014-11-09 19:10 - 2014-11-09 19:10 - 01706808 _____ (Thisisu) C:\Users\R.W.Solema\Downloads\JRT.exe
2014-11-09 19:09 - 2014-11-09 19:09 - 00000197 _____ () C:\windows\system32\2014-11-10-03-09-39.023-AvastVBoxSVC.exe-2916.log
2014-11-09 18:50 - 2014-11-09 18:50 - 00000197 _____ () C:\windows\system32\2014-11-10-02-50-55.042-AvastVBoxSVC.exe-3140.log
2014-11-09 18:43 - 2014-11-09 18:43 - 02140160 _____ () C:\Users\R.W.Solema\Downloads\adwcleaner_4.101.exe
2014-11-09 18:35 - 2014-11-09 18:35 - 00000247 _____ () C:\windows\system32\2014-11-10-02-35-42.095-aswFe.exe-4576.log
2014-11-09 18:30 - 2014-11-09 18:35 - 00000247 _____ () C:\windows\system32\2014-11-10-02-30-17.044-aswFe.exe-4656.log
2014-11-09 18:30 - 2014-11-09 18:30 - 00000197 _____ () C:\windows\system32\2014-11-10-02-30-14.081-AvastVBoxSVC.exe-6240.log
2014-11-09 18:27 - 2014-11-09 18:27 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-09 18:27 - 2014-11-09 18:27 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-09 18:27 - 2014-11-09 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-09 18:27 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-11-09 18:26 - 2014-11-09 18:26 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\R.W.Solema\Downloads\spybot-2.4(2).exe
2014-11-09 18:23 - 2014-11-11 09:05 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-11-09 18:23 - 2014-11-09 18:23 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-09 18:23 - 2014-11-09 18:23 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\AVAST Software
2014-11-09 18:23 - 2014-11-09 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-09 18:22 - 2014-11-09 18:22 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-09 18:22 - 2014-11-09 18:22 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-09 18:22 - 2014-11-09 18:22 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-09 18:21 - 2014-11-09 18:21 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-09 18:20 - 2014-11-09 18:20 - 05004328 _____ (AVAST Software) C:\Users\R.W.Solema\Downloads\avast_free_antivirus_setup_online(1).exe
2014-11-09 18:11 - 2014-11-09 18:11 - 00027215 _____ () C:\ComboFix.txt
2014-11-09 17:51 - 2014-11-09 17:51 - 00000197 _____ () C:\windows\system32\2014-11-10-01-51-14.026-AvastVBoxSVC.exe-4408.log
2014-11-09 17:29 - 2014-11-09 17:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\R.W.Solema\Downloads\spybot-2.4(1).exe
2014-11-09 15:52 - 2011-06-25 22:45 - 00256000 _____ () C:\windows\PEV.exe
2014-11-09 15:52 - 2010-11-07 09:20 - 00208896 _____ () C:\windows\MBR.exe
2014-11-09 15:52 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00098816 _____ () C:\windows\sed.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00080412 _____ () C:\windows\grep.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00068096 _____ () C:\windows\zip.exe
2014-11-09 15:51 - 2014-11-09 15:51 - 00001182 _____ () C:\Users\R.W.Solema\Desktop\ComboFix.exe - Shortcut.lnk
2014-11-09 15:21 - 2014-11-09 18:11 - 00000000 ____D () C:\Qoobox
2014-11-09 15:20 - 2014-11-09 16:14 - 00000000 ____D () C:\windows\erdnt
2014-11-09 15:20 - 2014-11-09 15:45 - 05597372 ____R (Swearware) C:\Users\R.W.Solema\Downloads\ComboFix.exe
2014-11-09 03:13 - 2014-11-09 03:14 - 00000197 _____ () C:\windows\system32\2014-11-09-11-13-55.080-AvastVBoxSVC.exe-6040.log
2014-11-08 04:45 - 2014-11-08 05:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-08 04:44 - 2014-11-08 05:11 - 00000000 ____D () C:\Users\R.W.Solema\Desktop\mbar
2014-11-08 04:44 - 2014-11-08 04:44 - 14439144 _____ (Malwarebytes Corp.) C:\Users\R.W.Solema\Downloads\mbar-1.08.0.1001.exe
2014-11-08 04:15 - 2014-11-08 04:15 - 14670424 _____ () C:\Users\R.W.Solema\Downloads\RogueKiller(1).exe
2014-11-08 03:54 - 2014-11-08 03:55 - 17526360 _____ () C:\Users\R.W.Solema\Downloads\RogueKillerX64.exe
2014-11-08 03:46 - 2014-11-08 04:16 - 00034808 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-11-08 03:46 - 2014-11-08 03:46 - 14670424 _____ () C:\Users\R.W.Solema\Downloads\RogueKiller.exe
2014-11-08 03:46 - 2014-11-08 03:46 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-08 03:42 - 2014-11-08 03:42 - 31135096 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen - Badlands (Live 1980).mp4
2014-11-08 03:41 - 2014-11-08 03:41 - 104570971 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen - Badlands (Live In Phoenix '78) [The Promise] - 1080p HD!.mp4
2014-11-08 03:36 - 2014-11-08 03:36 - 50720205 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen plays _Nebraska_ at The King's Hall Arena, Belfast..mp4
2014-11-08 03:33 - 2014-11-08 03:33 - 137749174 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen Cadillac Ranch_Darlington County - Belfast 20th July 2013.mp4
2014-11-08 03:32 - 2014-11-08 03:32 - 228697042 _____ () C:\Users\R.W.Solema\Documents\The Monkees - _The Birds, The Bees & The Monkees_ (Deluxe Edition) (Stereo) [Full Album].mp4
2014-11-08 03:27 - 2014-11-08 03:27 - 128107785 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen - Cadillac Ranch - Live at CNE Grandstands '84 (Blu-ray).mp4
2014-11-08 03:18 - 2014-11-08 03:18 - 20648189 _____ () C:\Users\R.W.Solema\Documents\I'm Going Down - Bruce Springsteen RARE version!.mp4
2014-11-08 03:08 - 2014-11-08 03:08 - 13589360 _____ () C:\Users\R.W.Solema\Documents\Bobbie Gentry - Ode To Billie Joe.mp4
2014-11-08 03:07 - 2014-11-08 03:07 - 17421594 _____ () C:\Users\R.W.Solema\Documents\Jefferson Airplane -White Rabbit-.mp4
2014-11-08 03:07 - 2014-11-08 03:07 - 06947408 _____ () C:\Users\R.W.Solema\Documents\Nancy Sinatra - These Boots Are Made for Walkin'.mp4
2014-11-07 23:19 - 2014-11-07 23:19 - 00000197 _____ () C:\windows\system32\2014-11-08-07-19-00.086-AvastVBoxSVC.exe-3236.log
2014-11-07 11:35 - 2014-11-07 11:35 - 00007549 _____ () C:\Users\R.W.Solema\Desktop\attach.txt
2014-11-07 11:35 - 2014-11-07 11:34 - 00027044 _____ () C:\Users\R.W.Solema\Desktop\dds.txt
2014-11-07 11:33 - 2014-11-07 11:33 - 00688992 ____R (Swearware) C:\Users\R.W.Solema\Downloads\dds.com
2014-11-07 11:11 - 2014-11-07 11:11 - 00000247 _____ () C:\windows\system32\2014-11-07-19-11-48.065-aswFe.exe-4976.log
2014-11-07 11:05 - 2014-11-07 11:11 - 00000247 _____ () C:\windows\system32\2014-11-07-19-05-33.071-aswFe.exe-852.log
 
00000197 _____ () C:\windows\system32\2014-11-12-03-35-57.085-AvastVBoxSVC.exe-3552.log
2014-11-11 17:46 - 2014-11-11 17:46 - 00027705 _____ () C:\Users\R.W.Solema\Downloads\Addition.txt
2014-11-11 17:45 - 2014-11-11 22:50 - 00025538 _____ () C:\Users\R.W.Solema\Downloads\FRST.txt
2014-11-11 17:45 - 2014-11-11 22:50 - 00000000 ____D () C:\FRST
2014-11-11 17:44 - 2014-11-11 17:45 - 02116096 _____ (Farbar) C:\Users\R.W.Solema\Downloads\FRST64.exe
2014-11-11 11:38 - 2014-11-11 11:39 - 00000197 _____ () C:\windows\system32\2014-11-11-19-38-53.093-AvastVBoxSVC.exe-4716.log
2014-11-11 10:18 - 2014-11-11 10:18 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\Moonchild Productions
2014-11-11 10:18 - 2014-11-11 10:18 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Local\Moonchild Productions
2014-11-11 10:17 - 2014-11-11 10:17 - 00000857 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2014-11-11 10:17 - 2014-11-11 10:17 - 00000845 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-11-11 10:17 - 2014-11-11 10:17 - 00000000 ____D () C:\Program Files\Pale Moon
2014-11-11 10:15 - 2014-11-11 10:15 - 00793258 _____ () C:\Users\R.W.Solema\Downloads\palemoon-websetup.exe
2014-11-11 10:10 - 2014-11-11 10:10 - 36489920 _____ () C:\Users\R.W.Solema\Downloads\Firefox Setup 33.1.exe
2014-11-11 09:05 - 2014-11-11 09:06 - 00000197 _____ () C:\windows\system32\2014-11-11-17-05-55.087-AvastVBoxSVC.exe-4064.log
2014-11-10 23:09 - 2014-11-10 23:11 - 00000694 _____ () C:\Users\R.W.Solema\Downloads\SystemLook.txt
2014-11-10 23:08 - 2014-11-10 23:08 - 00000197 _____ () C:\windows\system32\2014-11-11-07-08-27.037-AvastVBoxSVC.exe-5480.log
2014-11-10 19:48 - 2014-11-10 19:48 - 00165376 _____ () C:\Users\R.W.Solema\Downloads\SystemLook_x64(1).exe
2014-11-10 19:35 - 2014-11-10 19:35 - 00139264 _____ () C:\Users\R.W.Solema\Downloads\SystemLook.exe
2014-11-10 19:25 - 2014-11-10 19:25 - 00165376 _____ () C:\Users\R.W.Solema\Downloads\SystemLook_x64.exe
2014-11-10 19:17 - 2014-11-11 11:35 - 00003374 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-289670154-1285097819-147057498-1001
2014-11-10 19:17 - 2014-11-10 19:17 - 00000197 _____ () C:\windows\system32\2014-11-11-03-17-33.045-AvastVBoxSVC.exe-4244.log
2014-11-10 16:10 - 2014-11-10 16:11 - 00000197 _____ () C:\windows\system32\2014-11-11-00-10-41.091-AvastVBoxSVC.exe-3136.log
2014-11-10 13:08 - 2014-11-11 10:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 12:54 - 2014-11-11 21:51 - 00003352 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-289670154-1285097819-147057498-1001
2014-11-10 12:52 - 2014-11-10 12:53 - 00000197 _____ () C:\windows\system32\2014-11-10-20-52-49.036-AvastVBoxSVC.exe-3328.log
2014-11-09 22:21 - 2014-11-09 22:21 - 00699016 _____ (CNET Download.com) C:\Users\R.W.Solema\Downloads\cbsidlm-cbsi213-YTD_Downloader-SEO-75450165.exe
2014-11-09 19:46 - 2014-11-09 19:46 - 04066136 _____ (Zemana Ltd. ) C:\Users\R.W.Solema\Downloads\AntiLoggerFree_Setup_1.7.2.390(1).exe
2014-11-09 19:31 - 2014-11-11 21:50 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-09 19:31 - 2014-11-09 19:31 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-09 19:31 - 2014-11-09 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-09 19:31 - 2014-11-09 19:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-09 19:31 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-09 19:31 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-09 19:31 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-09 19:30 - 2014-11-09 19:30 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\R.W.Solema\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-11-09 19:28 - 2014-11-11 21:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-09 19:28 - 2014-11-09 19:28 - 00001768 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-11-09 19:28 - 2014-11-09 19:28 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\SUPERAntiSpyware.com
2014-11-09 19:28 - 2014-11-09 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-09 19:26 - 2014-11-09 19:26 - 20277648 _____ (SUPERAntiSpyware) C:\Users\R.W.Solema\Downloads\SUPERAntiSpyware(5).exe
2014-11-09 19:20 - 2014-11-09 19:20 - 00001370 _____ () C:\Users\R.W.Solema\Desktop\JRT.txt
2014-11-09 19:10 - 2014-11-09 19:10 - 01706808 _____ (Thisisu) C:\Users\R.W.Solema\Downloads\JRT.exe
2014-11-09 19:09 - 2014-11-09 19:09 - 00000197 _____ () C:\windows\system32\2014-11-10-03-09-39.023-AvastVBoxSVC.exe-2916.log
2014-11-09 18:50 - 2014-11-09 18:50 - 00000197 _____ () C:\windows\system32\2014-11-10-02-50-55.042-AvastVBoxSVC.exe-3140.log
2014-11-09 18:43 - 2014-11-09 18:43 - 02140160 _____ () C:\Users\R.W.Solema\Downloads\adwcleaner_4.101.exe
2014-11-09 18:35 - 2014-11-09 18:35 - 00000247 _____ () C:\windows\system32\2014-11-10-02-35-42.095-aswFe.exe-4576.log
2014-11-09 18:30 - 2014-11-09 18:35 - 00000247 _____ () C:\windows\system32\2014-11-10-02-30-17.044-aswFe.exe-4656.log
2014-11-09 18:30 - 2014-11-09 18:30 - 00000197 _____ () C:\windows\system32\2014-11-10-02-30-14.081-AvastVBoxSVC.exe-6240.log
2014-11-09 18:27 - 2014-11-09 18:27 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-09 18:27 - 2014-11-09 18:27 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-09 18:27 - 2014-11-09 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-09 18:27 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-11-09 18:26 - 2014-11-09 18:26 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\R.W.Solema\Downloads\spybot-2.4(2).exe
2014-11-09 18:23 - 2014-11-11 09:05 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-11-09 18:23 - 2014-11-09 18:23 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-09 18:23 - 2014-11-09 18:23 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\AVAST Software
2014-11-09 18:23 - 2014-11-09 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-09 18:22 - 2014-11-09 18:22 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-09 18:22 - 2014-11-09 18:22 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-09 18:22 - 2014-11-09 18:22 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-09 18:22 - 2014-11-09 18:22 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-09 18:21 - 2014-11-09 18:21 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-09 18:20 - 2014-11-09 18:20 - 05004328 _____ (AVAST Software) C:\Users\R.W.Solema\Downloads\avast_free_antivirus_setup_online(1).exe
2014-11-09 18:11 - 2014-11-09 18:11 - 00027215 _____ () C:\ComboFix.txt
2014-11-09 17:51 - 2014-11-09 17:51 - 00000197 _____ () C:\windows\system32\2014-11-10-01-51-14.026-AvastVBoxSVC.exe-4408.log
2014-11-09 17:29 - 2014-11-09 17:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\R.W.Solema\Downloads\spybot-2.4(1).exe
2014-11-09 15:52 - 2011-06-25 22:45 - 00256000 _____ () C:\windows\PEV.exe
2014-11-09 15:52 - 2010-11-07 09:20 - 00208896 _____ () C:\windows\MBR.exe
2014-11-09 15:52 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00098816 _____ () C:\windows\sed.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00080412 _____ () C:\windows\grep.exe
2014-11-09 15:52 - 2000-08-30 16:00 - 00068096 _____ () C:\windows\zip.exe
2014-11-09 15:51 - 2014-11-09 15:51 - 00001182 _____ () C:\Users\R.W.Solema\Desktop\ComboFix.exe - Shortcut.lnk
2014-11-09 15:21 - 2014-11-09 18:11 - 00000000 ____D () C:\Qoobox
2014-11-09 15:20 - 2014-11-09 16:14 - 00000000 ____D () C:\windows\erdnt
2014-11-09 15:20 - 2014-11-09 15:45 - 05597372 ____R (Swearware) C:\Users\R.W.Solema\Downloads\ComboFix.exe
2014-11-09 03:13 - 2014-11-09 03:14 - 00000197 _____ () C:\windows\system32\2014-11-09-11-13-55.080-AvastVBoxSVC.exe-6040.log
2014-11-08 04:45 - 2014-11-08 05:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-08 04:44 - 2014-11-08 05:11 - 00000000 ____D () C:\Users\R.W.Solema\Desktop\mbar
2014-11-08 04:44 - 2014-11-08 04:44 - 14439144 _____ (Malwarebytes Corp.) C:\Users\R.W.Solema\Downloads\mbar-1.08.0.1001.exe
2014-11-08 04:15 - 2014-11-08 04:15 - 14670424 _____ () C:\Users\R.W.Solema\Downloads\RogueKiller(1).exe
2014-11-08 03:54 - 2014-11-08 03:55 - 17526360 _____ () C:\Users\R.W.Solema\Downloads\RogueKillerX64.exe
2014-11-08 03:46 - 2014-11-08 04:16 - 00034808 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-11-08 03:46 - 2014-11-08 03:46 - 14670424 _____ () C:\Users\R.W.Solema\Downloads\RogueKiller.exe
2014-11-08 03:46 - 2014-11-08 03:46 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-08 03:42 - 2014-11-08 03:42 - 31135096 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen - Badlands (Live 1980).mp4
2014-11-08 03:41 - 2014-11-08 03:41 - 104570971 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen - Badlands (Live In Phoenix '78) [The Promise] - 1080p HD!.mp4
2014-11-08 03:36 - 2014-11-08 03:36 - 50720205 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen plays _Nebraska_ at The King's Hall Arena, Belfast..mp4
2014-11-08 03:33 - 2014-11-08 03:33 - 137749174 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen Cadillac Ranch_Darlington County - Belfast 20th July 2013.mp4
2014-11-08 03:32 - 2014-11-08 03:32 - 228697042 _____ () C:\Users\R.W.Solema\Documents\The Monkees - _The Birds, The Bees & The Monkees_ (Deluxe Edition) (Stereo) [Full Album].mp4
2014-11-08 03:27 - 2014-11-08 03:27 - 128107785 _____ () C:\Users\R.W.Solema\Documents\Bruce Springsteen - Cadillac Ranch - Live at CNE Grandstands '84 (Blu-ray).mp4
2014-11-08 03:18 - 2014-11-08 03:18 - 20648189 _____ () C:\Users\R.W.Solema\Documents\I'm Going Down - Bruce Springsteen RARE version!.mp4
2014-11-08 03:08 - 2014-11-08 03:08 - 13589360 _____ () C:\Users\R.W.Solema\Documents\Bobbie Gentry - Ode To Billie Joe.mp4
2014-11-08 03:07 - 2014-11-08 03:07 - 17421594 _____ () C:\Users\R.W.Solema\Documents\Jefferson Airplane -White Rabbit-.mp4
2014-11-08 03:07 - 2014-11-08 03:07 - 06947408 _____ () C:\Users\R.W.Solema\Documents\Nancy Sinatra - These Boots Are Made for Walkin'.mp4
2014-11-07 23:19 - 2014-11-07 23:19 - 00000197 _____ () C:\windows\system32\2014-11-08-07-19-00.086-AvastVBoxSVC.exe-3236.log
2014-11-07 11:35 - 2014-11-07 11:35 - 00007549 _____ () C:\Users\R.W.Solema\Desktop\attach.txt
2014-11-07 11:35 - 2014-11-07 11:34 - 00027044 _____ () C:\Users\R.W.Solema\Desktop\dds.txt
2014-11-07 11:33 - 2014-11-07 11:33 - 00688992 ____R (Swearware) C:\Users\R.W.Solema\Downloads\dds.com
2014-11-07 11:11 - 2014-11-07 11:11 - 00000247 _____ () C:\windows\system32\2014-11-07-19-11-48.065-aswFe.exe-4976.log
2014-11-07 11:05 - 2014-11-07 11:11 - 00000247 _____ () C:\windows\system32\2014-11-07-19-05-33.071-aswFe.exe-852.log
2014-11-07 11:05 - 2014-11-07 11:05 - 00000197 _____ () C:\windows\system32\2014-11-07-19-05-26.081-AvastVBoxSVC.exe-4192.log
2014-11-07 10:58 - 2014-11-07 10:59 - 00000000 ____D () C:\ProgramData\Sophos
2014-11-07 10:58 - 2014-11-07 10:58 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-11-07 10:58 - 2014-11-07 10:58 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-11-07 10:55 - 2014-11-07 10:56 - 104397344 _____ (Sophos Limited) C:\Users\R.W.Solema\Downloads\Sophos Virus Removal Tool.exe
2014-11-07 10:45 - 2014-11-07 10:45 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\Dropbox
2014-11-07 10:40 - 2014-11-07 10:45 - 00000000 ____D () C:\windows\SysWOW64\vbox
2014-11-07 10:40 - 2014-11-07 10:45 - 00000000 ____D () C:\windows\system32\vbox
2014-11-07 10:26 - 2014-11-07 10:26 - 05004328 _____ (AVAST Software) C:\Users\R.W.Solema\Downloads\avast_free_antivirus_setup_online.exe
2014-11-07 10:01 - 2014-11-07 10:02 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\rmi
2014-11-07 09:56 - 2014-11-07 09:56 - 00370943 _____ () C:\Users\R.W.Solema\Downloads\gmer.zip
2014-11-07 08:23 - 2014-11-07 09:39 - 00000990 _____ () C:\Users\R.W.Solema\Desktop\RSL.txt
2014-11-07 07:26 - 2014-11-07 07:26 - 00000525 _____ () C:\Users\R.W.Solema\Desktop\RSC.txt
2014-11-07 04:45 - 2014-11-07 04:45 - 00000525 _____ () C:\RCL.txt
2014-11-06 03:41 - 2014-11-11 21:51 - 00003228 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-289670154-1285097819-147057498-1001
2014-11-06 03:40 - 2014-11-10 16:09 - 00447492 _____ () C:\windows\PFRO.log
2014-11-05 12:24 - 2014-11-05 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-05 12:24 - 2014-11-05 12:24 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub
2014-11-05 12:24 - 2014-11-05 12:24 - 00000000 ____D () C:\Program Files (x86)\DCoder Image Source
2014-11-05 12:24 - 2014-11-05 12:24 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-05 12:23 - 2014-11-08 04:59 - 00000000 ____D () C:\Program Files (x86)\MadVR
2014-11-05 12:23 - 2014-11-05 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2014-11-05 12:23 - 2014-11-05 12:23 - 00000000 ____D () C:\Program Files (x86)\LAV Filters
2014-11-05 12:23 - 2014-11-05 12:23 - 00000000 ____D () C:\Program Files (x86)\Bass Audio Decoder
2014-11-05 12:22 - 2014-11-05 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-11-05 12:22 - 2014-11-05 12:22 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-11-05 12:22 - 2014-09-29 12:23 - 00112640 _____ () C:\windows\SysWOW64\ff_vfw.dll
2014-11-05 12:17 - 2014-11-05 12:18 - 00770360 _____ ( ) C:\Users\R.W.Solema\Downloads\zp950free_inst.exe
2014-11-05 11:18 - 2014-11-05 11:18 - 00001370 _____ () C:\Users\R.W.Solema\Desktop\Rootkit Scan.lnk
2014-11-04 13:56 - 2014-11-04 13:56 - 00050908 _____ () C:\Users\R.W.Solema\Documents\jetAudio_8.1.3.2200_20141104_135639.zip
2014-11-04 13:44 - 2014-11-04 14:02 - 00000000 ____D () C:\Program Files (x86)\Quintessential Media Player
2014-11-04 13:44 - 2014-11-04 13:44 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quintessential Media Player
2014-11-03 14:19 - 2014-11-03 14:19 - 04529654 _____ () C:\Users\R.W.Solema\Documents\Joe Barry - I'm A Fool To Care.mp4
2014-11-03 12:42 - 2014-11-03 12:42 - 85946306 _____ () C:\Users\R.W.Solema\Documents\HARRY BELAFONTE - Jamaica Farewell (1956).mp4
2014-11-02 18:33 - 2014-11-04 00:24 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper
2014-10-31 09:37 - 2014-10-31 09:37 - 17427560 _____ () C:\Users\R.W.Solema\Documents\Show Your Fox News Watching Relatives This Clip at Thanksgiving.mp4
2014-10-31 09:35 - 2014-10-31 09:35 - 31048575 _____ () C:\Users\R.W.Solema\Documents\I Was Born - Nashville Tribute Band.mp4
2014-10-31 09:32 - 2014-10-31 09:32 - 16470331 _____ () C:\Users\R.W.Solema\Documents\God Is Good- The Nashville Tribute Band.mp4
2014-10-31 09:28 - 2014-10-31 09:28 - 09746649 _____ () C:\Users\R.W.Solema\Documents\Somewhere There's A Mountain-The Nashville Tribute Band.mp4
2014-10-31 09:28 - 2014-10-31 09:28 - 06507774 _____ () C:\Users\R.W.Solema\Documents\Sword Of Reckoning-The Nashville Tribute Band.mp4
2014-10-31 09:26 - 2014-10-31 09:26 - 13119579 _____ () C:\Users\R.W.Solema\Documents\Crack Of A Whip-The Nashville Tribute Band.mp4
2014-10-31 09:23 - 2014-10-31 09:23 - 05509810 _____ () C:\Users\R.W.Solema\Documents\Porter Rockwell Nashville Tribute.mp4
2014-10-30 20:30 - 2014-10-30 20:31 - 91127869 _____ () C:\Users\R.W.Solema\Documents\Top 10 Songs That Will Make You Cry.mp4
2014-10-30 19:50 - 2014-10-30 19:50 - 10721557 _____ () C:\Users\R.W.Solema\Documents\Stevie Nicks loses herself live.mp4
2014-10-30 19:09 - 2014-10-30 19:09 - 138504281 _____ () C:\Users\R.W.Solema\Documents\The Rolling Stones - Gimme Shelter (Live) - OFFICIAL PROMO.mp4
2014-10-30 19:03 - 2014-10-30 19:03 - 25527229 _____ () C:\Users\R.W.Solema\Documents\The Rolling Stones - Gimme Shelter - the best version ever..mp4
2014-10-30 18:55 - 2014-10-30 18:55 - 09171739 _____ () C:\Users\R.W.Solema\Documents\Grand Funk Railroad Locomotion live 1974.mp4
2014-10-30 18:52 - 2014-10-30 18:52 - 05306853 _____ () C:\Users\R.W.Solema\Documents\Little Eva - The Locomotion.mp4
2014-10-30 18:50 - 2014-10-30 18:50 - 27525201 _____ () C:\Users\R.W.Solema\Documents\Black Oak Arkansas _ Jim Dandy... to the Rescue _ 1974 California.mp4
2014-10-30 18:47 - 2014-10-30 18:47 - 06967269 _____ () C:\Users\R.W.Solema\Documents\Jim Dandy---Lavern Baker.mp4
2014-10-30 18:41 - 2014-10-30 18:41 - 09349425 _____ () C:\Users\R.W.Solema\Documents\Clyde McPhatter - It's A Lover's Question.mp4
2014-10-30 18:40 - 2014-10-30 18:40 - 06269749 _____ () C:\Users\R.W.Solema\Documents\Dee Clark - Just Keep It Up (STEREO).mp4
2014-10-30 18:39 - 2014-10-30 18:39 - 05534888 _____ () C:\Users\R.W.Solema\Documents\(1966) Lee Perry_ Just Keep It Up.mp4
2014-10-30 18:37 - 2014-10-30 18:37 - 03135123 _____ () C:\Users\R.W.Solema\Documents\DEE CLARK Just Keep It Up 1959.mp4
2014-10-30 18:36 - 2014-10-30 18:36 - 11858725 _____ () C:\Users\R.W.Solema\Documents\OTIS BLACKWELL - JUST KEEP IT UP.mp4
2014-10-30 18:33 - 2014-10-30 18:33 - 02494358 _____ () C:\Users\R.W.Solema\Documents\Bobby Vee - Just Keep It Up (1968).mp4
2014-10-30 18:31 - 2014-10-30 18:31 - 08482642 _____ () C:\Users\R.W.Solema\Documents\Bobby Vee - Sixteen Candles (1961).mp4
2014-10-30 18:30 - 2014-10-30 18:30 - 03409486 _____ () C:\Users\R.W.Solema\Documents\Bobby Vee - Just a Dream (1960).mp4
2014-10-30 18:29 - 2014-10-30 18:29 - 04547967 _____ () C:\Users\R.W.Solema\Documents\Bobby Vee - It's All In The Game (1960).mp4
2014-10-30 12:48 - 2014-11-04 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2014-10-30 12:48 - 2014-10-30 12:48 - 00000000 ____D () C:\Program Files\Reason
2014-10-27 16:50 - 2014-10-27 16:51 - 15481103 _____ () C:\Users\R.W.Solema\Downloads\MusicBeeSetup_2_4(2).zip
2014-10-27 16:49 - 2014-10-27 16:50 - 15481103 _____ () C:\Users\R.W.Solema\Downloads\MusicBeeSetup_2_4(1).zip
2014-10-27 16:43 - 2014-10-27 16:43 - 15481103 _____ () C:\Users\R.W.Solema\Downloads\MusicBeeSetup_2_4.zip
2014-10-27 16:40 - 2014-10-27 16:41 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\IcoFX2X
2014-10-27 16:39 - 2014-11-04 00:24 - 00000000 ____D () C:\Program Files (x86)\IcoFX 2
2014-10-27 16:39 - 2014-10-27 16:39 - 00000000 ____D () C:\ProgramData\IcoFX2X
2014-10-26 19:00 - 2014-10-26 19:00 - 07831575 _____ () C:\Users\R.W.Solema\Documents\The Crests - Step By Step.mp4
2014-10-26 18:57 - 2014-10-26 18:57 - 04932527 _____ () C:\Users\R.W.Solema\Documents\The Crests - The Angels Listened In (1959).mp4
2014-10-26 18:43 - 2014-10-26 18:43 - 17954374 _____ () C:\Users\R.W.Solema\Documents\BOBBY VEE RUINED MY LIFE.mp4
2014-10-22 11:13 - 2014-11-04 12:08 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Local\CrashDumps
 
- 00060896 _____ () C:\Users\R.W.Solema\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 17:38 - 2014-10-19 17:38 - 09890008 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RsCRIcon.dll
2014-10-19 17:38 - 2014-10-19 17:38 - 00941784 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2014-10-19 17:38 - 2014-10-19 17:38 - 00272600 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUStor.sys
2014-10-19 17:38 - 2014-10-19 17:38 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-10-19 17:35 - 2014-11-09 18:01 - 00002864 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (R.W.Solema)
2014-10-19 17:35 - 2014-11-04 14:02 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-19 17:35 - 2014-10-19 17:39 - 00002146 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2014-10-19 17:35 - 2014-10-19 17:35 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-10-19 17:35 - 2014-10-19 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-10-19 17:35 - 2014-10-19 17:35 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-19 17:34 - 2014-10-19 17:34 - 10008840 _____ (IObit ) C:\Users\R.W.Solema\Downloads\driver_booster_setup(1).exe
2014-10-18 17:35 - 2014-11-04 00:24 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\COWON
2014-10-18 17:26 - 2014-11-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio
2014-10-18 17:26 - 2014-11-04 00:24 - 00000000 ____D () C:\Program Files (x86)\JetAudio
2014-10-18 17:26 - 2014-10-18 17:26 - 00001821 _____ () C:\Users\Public\Desktop\jetAudio.lnk
2014-10-18 17:23 - 2014-10-18 17:23 - 00771792 _____ ( ) C:\Users\R.W.Solema\Downloads\JAD8103_BASIC_inst(1).exe
2014-10-18 17:22 - 2014-10-18 17:22 - 38920704 _____ (Acresso Software Inc. ) C:\Users\R.W.Solema\Downloads\JAD8103_BASIC.exe
2014-10-18 17:22 - 2014-10-18 17:22 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-10-18 17:21 - 2014-10-18 17:21 - 00771792 _____ ( ) C:\Users\R.W.Solema\Downloads\JAD8103_BASIC_inst.exe
2014-10-18 13:30 - 2010-07-25 21:23 - 01706800 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2014-10-18 13:30 - 2010-07-25 21:23 - 00544768 _____ (Stardock Corporation) C:\windows\SysWOW64\wbocx.ocx
2014-10-18 13:30 - 2010-07-25 21:23 - 00258352 _____ (Microsoft Corporation) C:\windows\SysWOW64\unicows.dll
2014-10-18 13:30 - 2010-07-25 21:23 - 00056496 _____ (Stardock.Net, Inc) C:\windows\SysWOW64\wbhelp2.dll
2014-10-18 13:30 - 2010-07-25 21:23 - 00033968 _____ (Neil Banfield) C:\windows\SysWOW64\anim.dll
2014-10-18 13:30 - 2010-07-25 21:23 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\W95INF32.DLL
2014-10-18 13:30 - 2010-07-25 21:23 - 00002272 _____ (Microsoft Corporation) C:\windows\SysWOW64\W95INF16.DLL
2014-10-18 13:29 - 2014-10-18 13:29 - 06386136 _____ (YL Computing, Inc ) C:\Users\R.W.Solema\Downloads\wufinstall.exe
2014-10-18 00:22 - 2014-11-11 19:33 - 00002016 _____ () C:\windows\setupact.log
2014-10-18 00:22 - 2014-10-18 00:22 - 00000000 _____ () C:\windows\setuperr.log
2014-10-16 13:41 - 2014-10-16 13:41 - 00000237 _____ () C:\Users\R.W.Solema\Desktop\TV Schedule - Los Angeles News FOX 11 LA KTTV.URL
2014-10-15 23:59 - 2014-10-15 23:59 - 00880272 _____ (Google Inc.) C:\Users\R.W.Solema\Downloads\ChromeSetup(4).exe
2014-10-15 23:56 - 2014-10-15 23:57 - 36448072 _____ () C:\Users\R.W.Solema\Downloads\Firefox Setup 33.0.exe
2014-10-15 23:25 - 2014-10-15 23:25 - 00000226 _____ () C:\Users\R.W.Solema\Desktop\Ink Pixi - Personalized Apparel.URL
2014-10-14 16:09 - 2014-10-14 16:09 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\R.W.Solema\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-14 14:26 - 2014-11-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-14 14:26 - 2014-11-04 14:00 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-14 14:26 - 2014-10-14 14:26 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-10-14 14:26 - 2014-10-14 14:26 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-10-14 14:26 - 2014-10-14 14:26 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-10-14 14:26 - 2014-10-14 14:26 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-14 14:19 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-14 14:19 - 2014-08-18 19:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-14 14:19 - 2014-08-18 19:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-10-14 14:19 - 2014-08-18 19:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-10-14 14:19 - 2014-08-18 19:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-14 14:19 - 2014-08-18 19:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-10-14 14:19 - 2014-08-18 19:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-10-14 14:19 - 2014-08-18 19:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-14 14:19 - 2014-08-18 19:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-14 14:19 - 2014-08-18 19:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-14 14:19 - 2014-08-18 19:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-14 14:19 - 2014-08-18 18:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2014-10-14 14:19 - 2014-08-18 18:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-10-14 14:19 - 2014-08-18 18:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-14 14:19 - 2014-07-06 18:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-14 14:19 - 2014-07-06 18:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-14 14:19 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-14 14:19 - 2014-07-06 18:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-14 14:19 - 2014-07-06 18:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-14 14:19 - 2014-07-06 18:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-14 14:19 - 2014-07-06 18:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-14 14:19 - 2014-07-06 18:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-14 14:19 - 2014-07-06 18:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-14 14:19 - 2014-07-06 18:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-14 14:19 - 2014-07-06 18:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-14 14:19 - 2014-07-06 17:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-14 14:19 - 2014-07-06 17:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-10-14 14:19 - 2014-07-06 17:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-10-14 14:19 - 2014-07-06 17:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-10-14 14:19 - 2014-07-06 17:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-10-14 14:19 - 2014-07-06 17:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-10-14 14:19 - 2014-07-06 17:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-10-14 14:19 - 2014-07-06 17:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-10-14 14:19 - 2014-07-06 17:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-10-14 14:19 - 2014-07-06 17:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-10-14 14:19 - 2014-06-27 16:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-14 14:19 - 2014-06-27 16:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-14 14:19 - 2014-06-27 16:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-14 14:19 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-14 14:19 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-14 14:19 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-14 14:19 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-14 14:19 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-14 14:19 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-14 14:18 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-14 14:18 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-14 14:18 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-14 14:18 - 2014-10-06 18:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-14 14:18 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-14 14:18 - 2014-09-25 14:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-14 14:18 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-14 14:18 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-14 14:18 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-14 14:18 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-14 14:18 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-14 14:18 - 2014-09-25 14:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-14 14:18 - 2014-09-18 18:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-14 14:18 - 2014-09-18 17:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-14 14:18 - 2014-09-18 17:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-14 14:18 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-14 14:18 - 2014-09-18 17:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-14 14:18 - 2014-09-18 17:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-14 14:18 - 2014-09-18 17:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-14 14:18 - 2014-09-18 17:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-14 14:18 - 2014-09-18 17:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-14 14:18 - 2014-09-18 17:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-14 14:18 - 2014-09-18 17:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-14 14:18 - 2014-09-18 17:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-14 14:18 - 2014-09-18 17:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-14 14:18 - 2014-09-18 17:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-14 14:18 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-14 14:18 - 2014-09-18 17:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-14 14:18 - 2014-09-18 17:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-14 14:18 - 2014-09-18 17:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-14 14:18 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-14 14:18 - 2014-09-18 17:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-14 14:18 - 2014-09-18 17:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 14:18 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-14 14:18 - 2014-09-18 17:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-14 14:18 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-14 14:18 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-14 14:18 - 2014-09-18 17:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-14 14:18 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-14 14:18 - 2014-09-18 16:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-14 14:18 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-14 14:18 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-14 14:18 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-14 14:18 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-14 14:18 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-14 14:18 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-14 14:18 - 2014-09-18 16:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-14 14:18 - 2014-09-18 16:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-14 14:18 - 2014-09-18 16:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-14 14:18 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 14:18 - 2014-09-18 16:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-14 14:18 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-14 14:18 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-14 14:18 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-14 14:18 - 2014-09-18 16:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-14 14:18 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-14 14:18 - 2014-09-18 15:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-14 14:18 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-14 14:18 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-14 14:17 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-14 14:17 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-14 14:17 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-14 14:17 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-14 14:17 - 2014-09-04 18:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-14 14:17 - 2014-09-04 17:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-14 14:17 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-14 14:17 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-14 14:17 - 2014-08-28 18:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-14 14:17 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-14 14:17 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-14 14:17 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-14 14:17 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-14 14:17 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-14 14:17 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-14 14:17 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-14 14:17 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-14 14:17 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-14 14:17 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-14 14:17 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-14 14:05 - 2014-10-14 14:06 - 00269490 _____ () C:\Users\R.W.Solema\Downloads\FHSetup.exe
2014-10-14 01:38 - 2014-10-14 01:38 - 00000205 _____ () C:\Users\R.W.Solema\Desktop\ABC.URL
2014-10-12 17:31 - 2014-10-12 17:31 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Local\Eraser 6
2014-10-12 17:25 - 2014-10-12 17:25 - 09110456 _____ (The Eraser Project) C:\Users\R.W.Solema\Downloads\Eraser 6.0.10.2620.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-11 22:11 - 2014-03-18 23:46 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-11 22:05 - 2014-03-06 18:08 - 00000906 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-11 21:51 - 2014-03-06 18:08 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-11 21:50 - 2010-12-28 19:59 - 01254723 _____ () C:\windows\WindowsUpdate.log
2014-11-11 19:41 - 2009-07-13 20:45 - 00026192 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-11 19:41 - 2009-07-13 20:45 - 00026192 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-11 19:33 - 2009-07-13 21:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-11 18:11 - 2014-06-29 16:21 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 18:11 - 2014-03-18 23:45 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-11 18:11 - 2014-03-18 23:45 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 11:35 - 2014-08-29 13:07 - 00003250 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-289670154-1285097819-147057498-1001
2014-11-11 11:34 - 2014-03-18 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 10:12 - 2014-03-18 21:32 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-11 10:12 - 2014-03-18 21:32 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-10 23:06 - 2014-09-27 18:38 - 00000000 ____D () C:\Users\R.W.Solema\Downloads\Setupzip
2014-11-10 03:47 - 2014-08-06 15:35 - 00000000 ____D () C:\Program Files (x86)\KeyCryptSDK
2014-11-10 03:47 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\Cursors
2014-11-09 19:46 - 2014-08-06 15:35 - 00001140 _____ () C:\Users\Public\Desktop\AntiLogger Free.lnk
2014-11-09 19:46 - 2014-08-06 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2014-11-09 19:46 - 2014-08-06 15:35 - 00000000 ____D () C:\Program Files (x86)\Zemana AntiLogger Free
2014-11-09 19:24 - 2014-03-06 19:02 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-11-09 19:24 - 2010-12-28 20:46 - 00000000 ____D () C:\ProgramData\Temp
2014-11-09 18:45 - 2014-05-26 00:19 - 00000000 ____D () C:\AdwCleaner
2014-11-09 18:30 - 2014-03-06 20:43 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-09 18:27 - 2014-03-06 20:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-09 18:23 - 2014-05-27 18:44 - 00003148 _____ () C:\windows\System32\Tasks\SidebarExecute
2014-11-09 18:21 - 2014-03-06 18:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-09 18:09 - 2009-07-13 18:34 - 00000215 _____ () C:\windows\system.ini
2014-11-09 18:08 - 2014-03-18 23:35 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Local\Adobe
2014-11-09 16:18 - 2014-06-26 08:50 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-11-09 16:16 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Default
2014-11-09 15:17 - 2009-07-13 21:13 - 00781790 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-06 07:12 - 2009-07-13 21:08 - 00032532 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-11-06 04:47 - 2014-09-03 16:43 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-04 14:03 - 2014-03-06 15:49 - 00000000 ____D () C:\Users\R.W.Solema
2014-11-04 14:02 - 2014-09-09 23:07 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistumbler
2014-11-04 14:02 - 2014-09-09 23:07 - 00000000 ____D () C:\Program Files (x86)\Vistumbler
2014-11-04 14:02 - 2014-09-09 13:17 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\vlc
2014-11-04 14:02 - 2014-09-03 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-04 14:02 - 2014-07-15 23:58 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Roaming\Greenshot
2014-11-04 14:02 - 2014-03-06 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-04 14:02 - 2014-03-06 20:13 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-04 14:02 - 2014-03-06 19:02 - 00000000 ____D () C:\ProgramData\Licenses
2014-11-04 14:01 - 2014-03-07 02:10 - 00000000 ____D () C:\ProgramData\Real
2014-11-04 14:01 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\registration
2014-11-04 00:24 - 2010-12-28 19:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-29 14:25 - 2014-10-03 01:42 - 00000000 ____D () C:\Users\R.W.Solema\dwhelper
2014-10-28 05:34 - 2014-03-06 16:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-27 10:06 - 2014-10-02 13:26 - 00000000 ____D () C:\Users\R.W.Solema\AppData\Local\Windows Live
2014-10-19 17:38 - 2014-06-12 14:03 - 00107552 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RTNUninst64.dll
2014-10-17 14:32 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\rescache
2014-10-16 00:00 - 2014-06-20 23:06 - 00003902 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-16 00:00 - 2014-06-20 23:06 - 00003650 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-15 02:27 - 2009-07-13 20:45 - 00273112 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-15 02:25 - 2014-04-23 18:31 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-15 02:25 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-10-15 02:25 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\Dism
2014-10-15 02:03 - 2014-03-06 17:21 - 00000000 ____D () C:\windows\system32\MRT
2014-10-15 02:00 - 2014-03-06 17:21 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-14 14:27 - 2014-07-21 00:00 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-12 16:41 - 2014-09-08 19:06 - 00005120 _____ () C:\Users\R.W.Solema\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Users\R.W.Solema\AppData\Local\Temp\Quarantine.exe
C:\Users\R.W.Solema\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 07:11

==================== End Of Log ===================
 
This file:
C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe

I still need Addition.txt file from FRST.
 
Broni; I downloaded FRST for 64bit hit scan, and sent you all that it gave me. Are Addition files something different?. How do I find them and get them to you?

I got a pop up warning from Avast last night telling me that it had blocked a potential harm to my computer.(or however it was worded) What it blocked was exactly what you want me to contact Avast about.Which is the thing we have been wanting to get rid of right?
1. Since they blocked it. That means they already know about it. So. I don't need to bother contacting them. Right?
I have been getting warnings about this since a day or two before I asked for your help.
Why is Avast, just now getting around to, blocking it?
 
You need to report that file to Avast as potential false positive.

Re-run FRST.
Make sure you checkmark Addition.txt box so both logs will be produced.
 
Ran by R.W.Solema at 2014-11-12 21:00:00
Running from C:\Users\R.W.Solema\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
AntiLogger Free version 1.7.2.390 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.7.2.390 - Zemana Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Best Buy pc app (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.1.1.0 - Best Buy) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
Desktop Calendar 7.0.0.6 Retail (HKLM\...\DesktopCalendar2ndGeneration_is1) (Version: 7.0.0.6 - Tinnes Software)
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
EasyDuplicateFinder v4.7 (HKLM\...\Easy Duplicate Finder 4_is1) (Version: - WebMinds, Inc.)
eReg (x32 Version: 1.20.138.34 - Logicool, Inc.) Hidden
FanSpeedControl (HKLM-x32\...\InstallShield_{0EC766C7-F444-42BF-A05F-4A790F5360EB}) (Version: 1.00.00.13 - Lenovo)
FanSpeedControl (x32 Version: 1.00.00.13 - Lenovo) Hidden
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.1.32.905 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
jetAudio Packages (HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\jetAudio Packages) (Version: - ) <==== ATTENTION
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1311 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NETGEAR WNA1100 wireless USB 2.0 adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Pale Moon 25.0.2 (x64 en-US) (HKLM\...\Pale Moon 25.0.2 (x64 en-US)) (Version: 25.0.2 - Moonchild Productions)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RealDownloader (x32 Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.221.36 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.73.618.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6343 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Should I Remove It (HKU\S-1-5-21-289670154-1285097819-147057498-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SiSoftware Sandra Lite 2014.SP3 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 20.42.2014.8 - SiSoftware)
SopCast 3.9.2 (HKLM-x32\...\SopCast) (Version: 3.9.2 - www.sopcast.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (x32 Version: 5.0.0 - BrightFort LLC) Hidden
Start Menu X version 5.2 (HKLM\...\{3E494002-985C-4908-B72C-5B4DD15BE090}_is1) (Version: 5.2 - OrdinarySoft)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Vistumbler (HKLM-x32\...\Vistumbler) (Version: v10 - Vistumbler.net)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.9.2014.0 - BillP Studios)
YTD Video Downloader 4.8.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.4 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-289670154-1285097819-147057498-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\R.W.Solema\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-289670154-1285097819-147057498-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\R.W.Solema\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-289670154-1285097819-147057498-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\R.W.Solema\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-289670154-1285097819-147057498-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\R.W.Solema\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-289670154-1285097819-147057498-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\R.W.Solema\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

03-11-2014 20:32:56 Driver Booster : Java Runtime Environment 32 bit
03-11-2014 20:32:56 Windows Update
04-11-2014 07:28:32 avast! antivirus system restore point
04-11-2014 08:20:43 Restore Operation
04-11-2014 19:30:19 avast! antivirus system restore point
04-11-2014 19:32:53 Restore Operation
04-11-2014 19:41:52 Windows Update
04-11-2014 19:55:51 Restore Operation
04-11-2014 20:05:54 Windows Update
04-11-2014 21:03:52 Revo Uninstaller's restore point - Extended Update
04-11-2014 21:25:02 Installed Windows Media Player Firefox Plugin
04-11-2014 21:30:25 Restore Operation
04-11-2014 22:05:37 avast! antivirus system restore point
04-11-2014 22:09:31 Windows Update
07-11-2014 18:27:48 avast! antivirus system restore point
07-11-2014 18:57:47 Installed Sophos Virus Removal Tool.
07-11-2014 19:02:17 Revo Uninstaller's restore point - Sophos Virus Removal Tool
08-11-2014 12:42:25 While following Broni's instructions
10-11-2014 01:50:59 avast! antivirus system restore point
10-11-2014 02:21:13 avast! antivirus system restore point
10-11-2014 06:57:47 Revo Uninstaller's restore point - YTD Downloader version 1.5
10-11-2014 22:24:33 Revo Uninstaller's restore point - Zoom Player (remove only)
10-11-2014 22:27:14 Revo Uninstaller's restore point - jetAudio Basic
11-11-2014 19:42:22 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2014-11-09 18:09 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {22E121D3-26A2-470B-A189-A6F5A18686C5} - \TechSmith Updater No Task File <==== ATTENTION
Task: {30023ECE-AAE6-40F5-94F0-4AD2E291A230} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {4A9F8A12-C75D-4A92-B615-2351B53D445A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {4D6E9AF5-B332-43C4-A2A2-2FFCE84998F3} - System32\Tasks\Driver Booster SkipUAC (R.W.Solema) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-13] (IObit)
Task: {56A9AF0B-4C28-4930-B6EB-89DB64337577} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-11] (Adobe Systems Incorporated)
Task: {64654BC9-3587-4422-917A-AC297B15FE36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {6A130FDF-186F-4D77-8082-AC59BA95F5A6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {70796C7E-04CC-4C3E-81EB-FC687F7F1FC8} - System32\Tasks\{50A8CA2F-4D63-41CD-9BC6-91875AAA5771} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {777D89EF-22FE-42D2-91A0-95B3BFD41A01} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-289670154-1285097819-147057498-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {7DBAD9E5-FC53-4C34-9C43-85737FCB3677} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-289670154-1285097819-147057498-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {917A410C-D678-475E-A546-66309F2AB448} - System32\Tasks\RealCreateProcessScheduledTask163278758S-1-5-21-289670154-1285097819-147057498-1001 => c:\program files (x86)\real\realplayer\realplay.exe [2014-09-18] (RealNetworks, Inc.)
Task: {9D4B6D31-6320-4B74-BDEF-B53A7664DEEF} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-289670154-1285097819-147057498-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-07-30] (RealNetworks, Inc.)
Task: {9D9477DA-B2D9-4510-B74F-C1F2B7ECE317} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-289670154-1285097819-147057498-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {B18BBCCF-A318-4447-9D47-D24027CB938A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-289670154-1285097819-147057498-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {C302D613-794D-4DC8-920C-3A971E99BE00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {DCAE809B-8305-442A-8B17-4A6EF07C28B3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-09] (AVAST Software)
Task: {E51FAC8A-05CC-47DF-AA47-D5A432FBBAB2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-30 01:17 - 2014-07-30 01:17 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-30 04:04 - 2014-07-30 04:04 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-03-06 15:54 - 2009-11-27 12:04 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2014-11-09 18:22 - 2014-11-09 18:22 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-09 18:22 - 2014-11-09 18:22 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-07 00:09 - 2012-03-06 08:26 - 00005632 _____ () C:\Program Files\Windows Sidebar\Shared Gadgets\desktopcalendar.gadget\bin\TinnesSoftware.Gadget.Interop.dll
2014-03-21 14:14 - 2014-03-21 14:14 - 00182272 _____ () C:\windows\assembly\GAC_MSIL\TinnesSoftware.DesktopCalendar\7.0.0.6__89bbe7d16a9a6d41\TinnesSoftware.DesktopCalendar.dll
2014-03-06 15:54 - 2009-12-10 10:13 - 04562944 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2014-11-12 02:47 - 2014-11-12 02:47 - 02902016 _____ () C:\Program Files\AVAST Software\Avast\defs\14111200\algo.dll
2014-11-09 18:22 - 2014-11-09 18:22 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-05-27 21:05 - 2014-09-18 23:36 - 00864856 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-11-09 18:27 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-09 18:27 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-09 18:27 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-09 18:27 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-09 18:27 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-03-06 15:54 - 2009-11-20 14:59 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2014-03-06 15:54 - 2009-08-28 16:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2010-12-28 20:00 - 2009-07-16 09:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2010-12-28 20:00 - 2007-12-31 10:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2014-11-09 18:22 - 2014-11-09 18:22 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-10 13:08 - 2014-11-06 16:09 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-289670154-1285097819-147057498-500 - Administrator - Disabled)
Guest (S-1-5-21-289670154-1285097819-147057498-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-289670154-1285097819-147057498-1003 - Limited - Enabled)
R.W.Solema (S-1-5-21-289670154-1285097819-147057498-1001 - Administrator - Enabled) => C:\Users\R.W.Solema

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/11/2014 11:02:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (11/11/2014 09:50:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

Error: (11/11/2014 09:50:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (11/11/2014 02:50:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (11/11/2014 11:35:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%1053

Error: (11/11/2014 11:35:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

Error: (11/11/2014 11:33:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (11/11/2014 11:32:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSWNA1100 service.

Error: (11/11/2014 09:05:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (11/11/2014 09:05:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (11/11/2014 09:05:18 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (11/11/2014 11:02:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{7FBAD091-89F7-4C77-A224-15FF4423C7D2}\recordingmanager.exe


CodeIntegrity Errors:
===================================
Date: 2014-11-09 18:08:44.349
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-09 18:08:44.302
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-09 18:08:44.255
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-09 18:08:44.209
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-09 16:13:37.183
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-09 16:13:37.121
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Percentage of memory in use: 27%
Total physical RAM: 8157.18 MB
Available physical RAM: 5893.09 MB
Total Pagefile: 16312.53 MB
Available Pagefile: 13629.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:906.34 GB) (Free:808.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A702EEF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
 
redtarget.gif
Did you report file in question to Avast?

redtarget.gif
Uninstall:
- jetAudio Packages
- YTD Video Downloader

redtarget.gif

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    2.3 KB · Views: 6
Yes I did submit a report to Avast
Uninstalled jet audio packages through program files[+86]
I had already uninstalled YTD using Revo advanced setting, and saw no traces of it in Program files, Program files[+86], or Program Data.

This popped up the second I clicked on the link you gave me. Did not go through any scanning process, like everything else you gave me. Is it what you wanted?


Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-289670154-1285097819-147057498-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKCU - URL http://search.conduit.com/Results.a...-4C88-BF98-E1D0D34FEAFF&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-289670154-1285097819-147057498-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Extension: No Name - wrc@avast.com [Not Found]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=MA775D4C9-9930-434A-A073-D1F088070EEC&SearchSource=55&CUI=&UM=6&UP=SP00607F28-7C58-4C75-98AC-FC60277610F0&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=MA775D4C9-9930-434A-A073-D1F088070EEC&SearchSource=55&CUI=&UM=6&UP=SP00607F28-7C58-4C75-98AC-FC60277610F0&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com/Results.aspx?g...-4C75-98AC-FC60277610F0&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
C:\Users\R.W.Solema\AppData\Local\Temp\Quarantine.exe
C:\Users\R.W.Solema\AppData\Local\Temp\sqlite3.dll
Task: {22E121D3-26A2-470B-A189-A6F5A18686C5} - \TechSmith Updater No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

oops forgot frst log will send in next post.
 
Confused.
again I left clicked on the link you gave me. chose notepad (default) gave me the same thing as before. Tried it again. This time I chose save file. Ended up with the same thing?
Maybe I'm supposed to run FRST64 first. I'll try that.
 
Clicked fix on FRST64 then restarted my computer as per instructions. Saw no scan log.
tried your fixlist txt link again. same results.
I guess I'm just not understanding your instructions.
 
You didn't follow my initial instructions.
Running from C:\Users\R.W.Solema\Downloads
Click to expand...
Both files, FRST and fixlist must be in same location (Desktop) or the fix won't work.
 
Broni; I'm sure I'm starting to frustrate you. I know I'm frustrating myself. I must be extra dense today.
How do I make sure that FRST64 goes to my desktop, and not the default notepad? Should I save, or run the download? Should I copy and paste C\Users\R W Solema\Downloads that you included in your post? into the FRST64 window?
How do I include fixlist txt? Copy and pste it into the window also?

I may wait to execute your next instructions until tomorrow. Maybe I'll wake up smarter ;0)
 
Cut FRST from C:\Users\R.W.Solema\Downloads folder and paste in on your Desktop.
Make sure "fixlist.txt" is on your Desktop as well.
Run FRST, click on "Fix" button.
 
Making progress. typed downloads into my start window found FRST64exe and copy and pasted it to my desktop ( haven't learned cut and paste yet.)
Tried to copy and paste the fixlist txt that you provided. Couldn't do it.
In my downloads I found fixlog txt which I put on my desktop. Is that the same as fixlist?
 
Got this email from Avast, Dont know what to send them fixlog coming in next reply

To
  • me
Hello
Thank you for contacting our support center with your concerns.

Could you send me your file attached to next reply, please?
We need it for testing in our virus laboratory.

Best regards,


Lukas Havel
Technical Support Specialist

www.avast.com

Ticket Details
Ticket ID: OZZ-413-33211
Department: Virus and FP reports
Type: FalsePositive
Status: On Hold
Priority: SendToVlabNow
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-11-2014 02
Ran by R.W.Solema at 2014-11-13 16:03:32 Run:1
Running from C:\Users\R.W.Solema\Downloads
Loaded Profile: R.W.Solema (Available profiles: R.W.Solema)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-289670154-1285097819-147057498-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKCU - URL http://search.conduit.com/Results.a...-4C88-BF98-E1D0D34FEAFF&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-289670154-1285097819-147057498-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Extension: No Name - wrc@avast.com [Not Found]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=MA775D4C9-9930-434A-A073-D1F088070EEC&SearchSource=55&CUI=&UM=6&UP=SP00607F28-7C58-4C75-98AC-FC60277610F0&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=MA775D4C9-9930-434A-A073-D1F088070EEC&SearchSource=55&CUI=&UM=6&UP=SP00607F28-7C58-4C75-98AC-FC60277610F0&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com/Results.aspx?g...-4C75-98AC-FC60277610F0&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
C:\Users\R.W.Solema\AppData\Local\Temp\Quarantine.exe
C:\Users\R.W.Solema\AppData\Local\Temp\sqlite3.dll
Task: {22E121D3-26A2-470B-A189-A6F5A18686C5} - \TechSmith Updater No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB" => Key deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Key deleted successfully.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-289670154-1285097819-147057498-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
HKU\S-1-5-21-289670154-1285097819-147057498-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
"HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}" => Key not found.
"HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0" => Key deleted successfully.
FF Extension: No Name - wrc@avast.com [Not Found] not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
catchme => Service deleted successfully.
RtsUIR => Service deleted successfully.
USBCCID => Service deleted successfully.
"C:\Users\R.W.Solema\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\R.W.Solema\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E121D3-26A2-470B-A189-A6F5A18686C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E121D3-26A2-470B-A189-A6F5A18686C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TechSmith Updater" => Key deleted successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.


The system needed a reboot.
 
You must log in or register to reply here.

Similar threads

midian182
  • Locked
Microsoft issues warning on China's use of generative AI to disrupt US elections
2
Replies
41
Views
504
GodisanAtheist
GodisanAtheist
P
Starting problems
Replies
4
Views
288
captaincranky
captaincranky
M
Virus warning popup
Replies
1
Views
539
Mark Fuller
M

Latest posts

Back