1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

[Solved] Malware check plz

Discussion in 'Malware Removal Help' started by Just-Me, Feb 26, 2015.

  1. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 02/26/2015
    Scan Time: 4:29:23 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2015.02.26.05
    Rootkit Database: v2015.02.25.01
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Lila

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 399868
    Time Elapsed: 31 min, 40 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  2. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
    Ran by Lila (administrator) on LILA-VAIO on 26-02-2015 17:11:44
    Running from C:\Users\Lila\Desktop
    Loaded Profiles: Lila (Available profiles: Lila & Bill)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    ( ) C:\Windows\System32\lxcfcoms.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (AMD) C:\Windows\System32\atieclxx.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
    (ALPS) C:\Program Files\Apoint\Apvfb.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Care\VCsystray.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-23] (Realtek Semiconductor)
    HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-23] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
    HKLM\...\Run: [LXCFCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCFtime.dll,RunDLLEntry
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
    HKLM-x32\...\Run: [LaunchUserRequestedPrograms] => C:\Program Files\Sony\First Experience\Miniprogram.exe [68608 2009-08-26] ()
    HKLM-x32\...\Run: [RegistrationReminder] => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [268288 2009-07-13] (Sony Electronics, Inc.)
    HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [317288 2009-05-26] (Sony Corporation)
    HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-10] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-27] (SUPERAntiSpyware)
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-16] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sonystyle.ca/vaio
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.100.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\Lila\AppData\Roaming\Mozilla\Firefox\Profiles\1cf3fr7f.default-1422957168405
    FF Homepage: hxxp://www.google.ca/
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Lila\AppData\Roaming\Mozilla\Firefox\Profiles\1cf3fr7f.default-1422957168405\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2015-02-03]
    FF Extension: Adblock Plus - C:\Users\Lila\AppData\Roaming\Mozilla\Firefox\Profiles\1cf3fr7f.default-1422957168405\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-03]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-05]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-13]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.ca/
    CHR StartupUrls: Default -> "hxxp://www.google.ca/"
    CHR Profile: C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-24]
    CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-10-24]
    CHR Extension: (Google Docs) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-24]
    CHR Extension: (Google Drive) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-24]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-24]
    CHR Extension: (YouTube) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-24]
    CHR Extension: (Adblock Plus) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-24]
    CHR Extension: (Google Search) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-24]
    CHR Extension: (Google Sheets) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-24]
    CHR Extension: (Offline Notifier for Gmail™ with WebView) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnigjhmcjmehmdealbpaoifdpjailehh [2014-11-13]
    CHR Extension: (Avast Online Security) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-24]
    CHR Extension: (AdRemover for Google Chrome™) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2014-11-18]
    CHR Extension: (Google Wallet) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-24]
    CHR Extension: (Gmail) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-24]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-09]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-09] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-09] (AVAST Software)
    R2 lxcf_device; C:\Windows\system32\lxcfcoms.exe [566192 2007-02-23] ( )
    R2 lxcf_device; C:\Windows\SysWOW64\lxcfcoms.exe [537520 2007-02-23] ( )
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
    S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-23] (Realtek Semiconductor)
    S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2008-09-29] (Intel Corporation) [File not signed]
    S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
    S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
    R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
    S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation) [File not signed]
    R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642920 2009-07-22] (Sony Corporation)
    S3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-09] ()
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-09] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-09] (AVAST Software)
    R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-09] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-09] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-09] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-21] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-09] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-09] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-09] ()
    R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-26] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
    R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-26 17:11 - 2015-02-26 17:12 - 00019794 _____ () C:\Users\Lila\Desktop\FRST.txt
    2015-02-26 17:11 - 2015-02-26 17:11 - 00000000 ____D () C:\FRST
    2015-02-26 17:09 - 2015-02-26 17:09 - 02087936 _____ (Farbar) C:\Users\Lila\Desktop\FRST64.exe
    2015-02-26 14:54 - 2015-02-26 14:55 - 00000000 ____D () C:\Users\Lila\AppData\Local\Adobe
    2015-02-26 06:54 - 2015-02-26 06:54 - 00000088 _____ () C:\Users\Lila\Desktop\hhd feb 25.txt
    2015-02-25 22:31 - 2015-01-08 16:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
    2015-02-25 22:31 - 2015-01-08 16:43 - 00419936 _____ () C:\Windows\system32\locale.nls
    2015-02-25 19:25 - 2015-02-25 19:25 - 00000083 _____ () C:\Users\Lila\Desktop\extra page.txt
    2015-02-24 16:57 - 2015-02-24 16:57 - 00000877 _____ () C:\Users\Lila\Desktop\SWITSUITS.txt
    2015-02-21 15:09 - 2015-02-21 15:09 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2015-02-21 15:09 - 2015-02-21 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-02-21 15:08 - 2015-02-21 15:09 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
    2015-02-21 15:08 - 2015-02-21 15:09 - 00000000 ____D () C:\Program Files\iTunes
    2015-02-21 15:08 - 2015-02-21 15:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2015-02-18 12:08 - 2015-02-18 12:08 - 00000402 _____ () C:\Users\Lila\Desktop\Dr. Information for surgery.txt
    2015-02-18 00:03 - 2015-02-26 14:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-18 00:03 - 2015-02-26 14:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-15 12:15 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
    2015-02-15 12:15 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
    2015-02-15 12:15 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
    2015-02-15 12:15 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
    2015-02-12 07:12 - 2015-01-22 21:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-02-12 07:12 - 2015-01-22 21:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-02-12 07:12 - 2015-01-22 20:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-02-12 07:12 - 2015-01-22 20:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-02-11 06:22 - 2015-02-03 20:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-02-11 06:22 - 2015-02-03 20:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-02-11 06:22 - 2015-02-03 20:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-02-11 06:22 - 2015-02-03 20:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-02-11 06:22 - 2015-02-03 20:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-02-11 06:22 - 2015-02-03 20:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-02-11 06:22 - 2015-02-03 20:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-02-11 06:22 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-02-11 06:22 - 2015-01-09 23:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-02-11 06:22 - 2015-01-09 23:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-02-11 06:22 - 2015-01-09 23:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-02-11 06:22 - 2015-01-09 23:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-02-11 06:22 - 2015-01-09 23:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-02-11 06:22 - 2015-01-09 23:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-02-11 06:22 - 2015-01-09 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-02-11 06:22 - 2015-01-09 23:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-02-11 06:22 - 2015-01-09 23:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-02-11 06:22 - 2015-01-09 23:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-02-11 06:22 - 2015-01-09 23:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-02-11 06:22 - 2015-01-09 23:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-02-11 06:22 - 2015-01-09 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-02-11 06:22 - 2015-01-09 23:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-02-11 06:21 - 2015-01-13 22:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-02-11 06:21 - 2015-01-13 22:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-02-11 06:21 - 2015-01-11 20:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-02-11 06:21 - 2015-01-11 20:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-02-11 06:21 - 2015-01-11 20:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-02-11 06:21 - 2015-01-11 19:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-02-11 06:21 - 2015-01-11 19:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-02-11 06:21 - 2015-01-11 19:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-02-11 06:21 - 2015-01-11 19:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-02-11 06:21 - 2015-01-11 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-02-11 06:21 - 2015-01-11 19:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-02-11 06:21 - 2015-01-11 19:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-02-11 06:21 - 2015-01-11 19:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-02-11 06:21 - 2015-01-11 19:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-02-11 06:21 - 2015-01-11 19:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-02-11 06:21 - 2015-01-11 19:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-02-11 06:21 - 2015-01-11 19:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-02-11 06:21 - 2015-01-11 19:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-02-11 06:21 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-02-11 06:21 - 2015-01-11 19:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-02-11 06:21 - 2015-01-11 19:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-02-11 06:21 - 2015-01-11 19:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-02-11 06:21 - 2015-01-11 19:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-02-11 06:21 - 2015-01-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-02-11 06:21 - 2015-01-11 19:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-02-11 06:21 - 2015-01-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-02-11 06:21 - 2015-01-11 19:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-02-11 06:21 - 2015-01-11 19:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-02-11 06:21 - 2015-01-11 19:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-02-11 06:21 - 2015-01-11 18:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-02-11 06:21 - 2015-01-11 18:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-02-11 06:21 - 2015-01-11 18:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-02-11 06:21 - 2015-01-11 18:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-02-11 06:21 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-02-11 06:21 - 2015-01-11 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-02-11 06:21 - 2015-01-11 18:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-02-11 06:21 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-02-11 06:21 - 2015-01-11 18:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-02-11 06:21 - 2015-01-11 18:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-11 06:21 - 2015-01-11 18:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-02-11 06:21 - 2015-01-11 18:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-02-11 06:21 - 2015-01-11 18:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-02-11 06:21 - 2015-01-11 18:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-02-11 06:21 - 2015-01-11 18:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-02-11 06:21 - 2015-01-11 18:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-02-11 06:21 - 2015-01-11 18:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-02-11 06:21 - 2015-01-11 18:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-02-11 06:21 - 2015-01-11 18:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-02-11 06:21 - 2015-01-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-02-11 06:21 - 2015-01-11 18:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-02-11 06:21 - 2015-01-11 17:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-02-11 06:21 - 2015-01-11 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-02-11 06:20 - 2015-01-15 01:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-02-11 06:20 - 2015-01-15 01:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-02-11 06:20 - 2015-01-15 01:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-02-11 06:20 - 2015-01-15 01:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-02-11 06:20 - 2015-01-15 01:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-02-11 06:20 - 2015-01-15 01:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-02-11 06:20 - 2015-01-15 01:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-02-11 06:20 - 2015-01-15 01:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-02-11 06:20 - 2015-01-15 01:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-02-11 06:20 - 2015-01-15 01:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-02-11 06:20 - 2015-01-15 01:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-02-11 06:20 - 2015-01-15 00:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-02-11 06:20 - 2015-01-15 00:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-02-11 06:20 - 2015-01-15 00:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-02-11 06:20 - 2015-01-15 00:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-02-11 06:20 - 2015-01-15 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-02-11 06:20 - 2015-01-15 00:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-02-11 06:20 - 2015-01-14 21:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-02-11 06:20 - 2015-01-12 20:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-02-11 06:20 - 2015-01-12 19:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-02-11 06:19 - 2014-12-11 22:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-02-11 06:19 - 2014-12-11 22:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-02-11 06:19 - 2014-11-25 20:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2015-02-11 06:19 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2015-02-11 06:17 - 2015-01-13 23:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-02-11 06:17 - 2015-01-13 23:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-02-11 06:17 - 2015-01-13 23:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-02-11 06:17 - 2015-01-13 23:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-02-11 06:17 - 2015-01-13 22:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-02-11 06:17 - 2015-01-13 22:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-02-11 06:17 - 2015-01-13 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-02-11 06:17 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2015-02-11 06:17 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2015-02-11 06:16 - 2015-01-08 19:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-01-29 19:40 - 2015-01-29 19:40 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-26 17:00 - 2014-10-27 19:18 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 14b8d3fb-378f-4cf5-8f82-282b0e4bad21.job
    2015-02-26 16:35 - 2014-02-18 18:45 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-26 16:29 - 2014-04-12 15:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-26 15:53 - 2014-02-13 12:59 - 01853355 _____ () C:\Windows\WindowsUpdate.log
    2015-02-26 15:35 - 2014-02-18 18:45 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-26 15:30 - 2014-04-11 17:49 - 00000000 ____D () C:\Users\Lila\Desktop\Zips not extracted
    2015-02-26 14:27 - 2014-10-22 02:53 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-02-26 11:56 - 2014-02-17 13:49 - 00000000 ____D () C:\Users\Lila\Documents\My PSP Files
    2015-02-26 07:19 - 2014-04-11 17:35 - 00000000 ___RD () C:\Users\Lila\Desktop\TagsForGroup
    2015-02-26 06:33 - 2009-07-13 21:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-26 06:33 - 2009-07-13 21:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-26 06:24 - 2015-01-13 22:57 - 00006384 _____ () C:\Windows\setupact.log
    2015-02-26 06:24 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-26 06:23 - 2015-01-13 22:57 - 00059206 _____ () C:\Windows\PFRO.log
    2015-02-25 22:18 - 2014-10-27 19:18 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 96c5fce4-a01b-485f-b6d9-56d70aaf19a1.job
    2015-02-25 22:14 - 2014-10-27 19:18 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5dc701af-7193-4fc8-8cc2-be40302ad012.job
    2015-02-25 20:28 - 2014-12-05 23:35 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 00ef3d56-5f6a-43cb-8e10-6e30adb3dc2d.job
    2015-02-25 09:14 - 2014-02-13 14:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-02-24 22:40 - 2009-07-13 21:45 - 00376544 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-02-24 19:48 - 2014-02-13 14:27 - 00121928 _____ () C:\Users\Lila\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-02-24 18:42 - 2015-01-17 14:21 - 00000000 ____D () C:\Users\Lila\Desktop\Downloaded Scrapkits
    2015-02-24 11:34 - 2015-01-05 21:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-02-24 05:24 - 2014-02-13 14:27 - 00000000 ____D () C:\Users\Lila\AppData\Local\VirtualStore
    2015-02-22 05:25 - 2014-02-16 19:07 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
    2015-02-22 05:25 - 2014-02-16 17:03 - 00000000 ____D () C:\ProgramData\TEMP
    2015-02-21 15:08 - 2014-03-06 07:18 - 00000000 ____D () C:\Program Files\iPod
    2015-02-21 15:08 - 2014-02-17 12:32 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2015-02-19 12:32 - 2014-04-16 05:32 - 00000000 ____D () C:\Program Files\Lx_cats
    2015-02-15 13:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
    2015-02-15 12:24 - 2014-02-19 14:05 - 00766100 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-02-15 12:24 - 2009-07-13 22:13 - 00766100 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-02-15 12:00 - 2014-09-14 18:23 - 00732996 _____ () C:\test.xml
    2015-02-13 11:01 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
    2015-02-12 06:55 - 2014-12-10 01:15 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-02-12 06:55 - 2014-04-23 04:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-02-11 23:07 - 2014-02-13 17:54 - 00000000 ____D () C:\Windows\system32\MRT
    2015-02-11 23:02 - 2014-02-13 17:53 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-02-06 15:30 - 2014-02-18 18:45 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-06 15:30 - 2014-02-18 18:45 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-03 08:00 - 2014-02-16 19:44 - 00000000 ____D () C:\Users\Lila\Desktop\Utilities
    2015-01-31 20:51 - 2014-04-11 17:50 - 00000000 ____D () C:\Users\Lila\Desktop\Forum Info & Passwords
    2015-01-31 20:29 - 2014-12-05 23:35 - 00003584 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 00ef3d56-5f6a-43cb-8e10-6e30adb3dc2d
    2015-01-30 00:21 - 2014-02-16 15:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-01-29 19:40 - 2014-02-16 15:19 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-01-29 16:23 - 2014-04-04 14:07 - 00000000 ____D () C:\Users\Lila\Desktop\PSP Plugins

    ==================== Files in the root of some directories =======

    2014-04-14 16:15 - 2015-01-14 21:51 - 0000750 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFX5SA.log
    2014-02-13 18:46 - 2014-03-03 14:46 - 0000094 _____ () C:\Users\Lila\AppData\Roaming\WB.CFG
    2014-02-16 15:52 - 2014-02-16 15:52 - 0000017 _____ () C:\Users\Lila\AppData\Local\resmon.resmoncfg

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-23 07:49

    ==================== End Of Log ============================
     
  3. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
    Ran by Lila at 2015-02-26 17:12:35
    Running from C:\Users\Lila\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Alien Skin Eye Candy 5 Impact (HKLM-x32\...\EyeCandy5Impact) (Version: - )
    Alien Skin Eye Candy 5 Nature (HKLM-x32\...\EyeCandy5Nature) (Version: - )
    Alien Skin Eye Candy 5 Textures (HKLM-x32\...\EyeCandy5Textures) (Version: - )
    Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version: - )
    Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
    AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
    Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
    ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
    Avast Premier (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
    Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
    Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
    Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
    Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
    Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
    Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
    Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
    Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
    Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
    ccc-core-static (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
    Click to Disc (HKLM-x32\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.70.06160 - Sony Corporation)
    Click to Disc (x32 Version: 1.2.70.06160 - Sony Corporation) Hidden
    Click to Disc Editor (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.02 - Sony Corporation)
    Click to Disc Editor (x32 Version: 2.0.02 - Sony Corporation) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dolby Control Center (HKLM\...\{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}) (Version: 1.2.0702 - Dolby)
    Eye Candy 4000 (HKLM-x32\...\Eye Candy 4000) (Version: - )
    GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
    iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
    Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
    Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.01.0000 - Jasc Software Inc)
    Jasc Paint Shop Pro 9.01 Patch (HKLM-x32\...\Jasc Paint Shop Pro 9.01 Patch) (Version: - )
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Lexmark 730 Series (HKLM\...\Lexmark 730 Series) (Version: - Lexmark International, Inc.)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 36.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 en-US)) (Version: 36.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Music Transfer (HKLM-x32\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.01.13160 - Sony Corporation)
    MysticThumbs (HKLM-x32\...\{8E07D32B-162C-4AF3-BCF1-6A8E7FC5772D}) (Version: 1.9.8 - MysticCoder)
    PDF-XChange Editor (HKLM-x32\...\{2eef0fe2-cc4a-47d6-959c-de2d5c2cc40b}) (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.)
    PDF-XChange Editor (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.) Hidden
    PDF-XChange Lite 2012 (HKLM\...\{25CFCE3C-5C95-49CB-B63A-E2861E6C0C98}_is1) (Version: 5.0.273.2 - Tracker Software Products Ltd)
    Plugin Commander Light 1.60 (HKLM-x32\...\Plugin Commander Light_is1) (Version: - The Plugin Site)
    pluginCreativity textArt (HKLM-x32\...\pluginCreativity textArt) (Version: - )
    Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
    Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
    Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
    Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.07300 - Sony Corporation)
    Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
    SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.8.4.20090902.2130 - Sony)
    Software Informer 1.2 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
    Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.0.07280 - Sony Corporation)
    Sony Home Network Library (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
    Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.12.16210 - Sony Corporation)
    SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
    The Weather Network (HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\...\The Weather Network) (Version: 6.0.2.5 - The Weather Network)
    VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 4.0.0.0811 - Sony)
    VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{0A5F02E5-1A52-4F85-892C-A35227641C75}) (Version: 3.5.0.06261 - Sony Corporation)
    VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261 - Sony Corporation) Hidden
    VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{3B1168DE-1F8C-471C-AC49-0CA52F096170}) (Version: 3.5.0.06260 - Sony Corporation)
    VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.5.0.06260 - Sony Corporation) Hidden
    VAIO Content Metadata Manager Settings (HKLM-x32\...\{7395DD51-0D1A-47A7-9993-742073ECF4CE}) (Version: 3.5.0.06260 - Sony Corporation)
    VAIO Content Metadata Manager Settings (x32 Version: 3.5.0.06260 - Sony Corporation) Hidden
    VAIO Content Metadata XML Interface Library (HKLM-x32\...\{949419DF-F4AF-4693-B60A-522B24F233C6}) (Version: 3.5.0.06180 - Sony Corporation)
    VAIO Content Metadata XML Interface Library (x32 Version: 3.5.0.06180 - Sony Corporation) Hidden
    VAIO Content Monitoring Settings (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.0.06120 - Sony Corporation)
    VAIO Content Monitoring Settings (x32 Version: 2.4.0.06120 - Sony Corporation) Hidden
    VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.0.0.06120 - Sony Corporation)
    VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.1.01.06290 - Sony Corporation)
    VAIO DVD Menu Data Basic (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
    VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.5.0.07230 - Sony Corporation)
    VAIO Entertainment Platform (x32 Version: 3.5.0.07230 - Sony Corporation) Hidden
    VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.0.0.07010 - Sony Corporation)
    VAIO Help and Support (HKLM-x32\...\{D47FE987-EA3D-424B-9886-B752501D7CE7}) (Version: 9.10.0713.ENCA - Sony Corporation)
    VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.0.07280 - Sony Corporation)
    VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.0.0.07030 - Sony Corporation)
    VAIO Movie Story (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.5.00.06191 - Sony Corporation)
    VAIO Movie Story (x32 Version: 1.5.00.06191 - Sony Corporation) Hidden
    VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.5.00.06010 - Sony Corporation)
    VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 1.10.0828.ENCA - Sony Corporation)
    VAIO Original Function Settings (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)
    VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
    VAIO Power Management (HKLM-x32\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 4.0.0.08240 - Sony Corporation)
    VAIO Presentation Support (HKLM-x32\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 2.0.0.05270 - Sony Corporation)
    VAIO Update 4 (HKLM-x32\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.2.0.07300 - Sony Corporation)
    VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
    VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
    Xenofex 1.0 (HKLM-x32\...\Xenofex 1.0) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2196296775-3493883262-1510572285-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lila\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2196296775-3493883262-1510572285-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lila\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2196296775-3493883262-1510572285-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lila\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2196296775-3493883262-1510572285-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lila\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2196296775-3493883262-1510572285-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lila\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    19-02-2015 07:10:35 Windows Update
    24-02-2015 04:30:51 Windows Update
    25-02-2015 22:30:53 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2014-02-27 05:32 - 00450712 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {020234BF-3461-47D0-8CAF-2FA67E2A2AC3} - System32\Tasks\Sony\ATI Catalyst => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-10] (Advanced Micro Devices, Inc.)
    Task: {0973F372-7CE2-4615-937F-B8F77AA4A3ED} - System32\Tasks\Sony\VAIO Registration => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [2009-07-13] (Sony Electronics, Inc.)
    Task: {0D38F78C-DFA3-4EC0-A44C-0686D6BA3FA5} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
    Task: {155BCC86-4B19-496D-A0BE-ED4CE7E5D299} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {160DD5AE-326E-4129-8FC4-E07562951361} - System32\Tasks\SUPERAntiSpyware Scheduled Task 5dc701af-7193-4fc8-8cc2-be40302ad012 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {1B723476-E127-4ABE-A30E-963B9AB3B2BB} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-08-06] (Sony Electronics, Inc.)
    Task: {201F9A15-A12B-4D30-A912-781E6A720AEB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {3EEDEAD7-0025-441F-AE36-2AB7E518D03A} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe
    Task: {3FEF21E8-297A-4B1D-A6E3-CA73B340BEEB} - System32\Tasks\{D05ADC59-36AA-4707-882A-65139533B3B8} => Iexplore.exe http://ui.skype.com/ui/0/6.13.59.104/en/abandoninstall?page=tsBing
    Task: {40385760-1A95-4C3A-9CAF-AF330C7449DB} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
    Task: {576AB7EA-6407-4632-8EA7-B4BE67338CD1} - System32\Tasks\Sony\Main => C:\Windows\Sonysys\Taskfile\bootupdate.exe [2009-08-20] ( )
    Task: {58DA9BCF-73E1-4262-812C-654C92ACCCE1} - System32\Tasks\{5B73285B-B7B3-4C12-BC72-7ACAA2691D53} => pcalua.exe -a C:\Users\Lila\Desktop\Utilities\ZapJasc.exe -d C:\Users\Lila\Desktop\Utilities
    Task: {7B6B628E-94BA-4CD4-8512-8978660BC528} - System32\Tasks\Sony\VAIO Mini Program => C:\Program Files\Sony\First Experience\Miniprogram.exe [2009-08-26] ()
    Task: {8A3B4776-3BC9-4E97-8E52-8746211FEAED} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {95796A2E-4DBE-4258-B7AA-DA97403F83E5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {B516EB68-5829-4C17-8D60-B17FFD14A878} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {BDC6DBD5-D786-473A-A5F8-5105C75E5EE3} - \{DEA80C2E-DC22-4722-AD6E-00BDC96E508C} No Task File <==== ATTENTION
    Task: {C4F94560-5294-4700-8624-83C6CBDE8076} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {C8851E48-1480-4FF5-9D94-8C09DE85F42A} - System32\Tasks\SUPERAntiSpyware Scheduled Task 96c5fce4-a01b-485f-b6d9-56d70aaf19a1 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {D5A34A1E-3868-427D-A7AE-4852865CF390} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-09] (AVAST Software)
    Task: {D842F6A9-B271-4AB9-992A-DF8B559B6607} - System32\Tasks\{647EAD1C-E739-48A5-BB95-F10294731E7C} => pcalua.exe -a "C:\Users\Lila\Desktop\PSP Plugins\EyeCandy4000\Eye Candy 4000 (Retail).exe" -d "C:\Users\Lila\Desktop\PSP Plugins\EyeCandy4000"
    Task: {D90D44F2-6214-4A53-92CD-1E1396D24E7F} - System32\Tasks\SUPERAntiSpyware Scheduled Task 14b8d3fb-378f-4cf5-8f82-282b0e4bad21 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {DAE91CFB-7EAF-437F-B130-23AA0F3EA84A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {DB933F6B-4A79-4059-B1D9-2EAFB381B657} - System32\Tasks\SUPERAntiSpyware Scheduled Task 00ef3d56-5f6a-43cb-8e10-6e30adb3dc2d => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {DF033E57-2DA6-40FC-A921-22382CAF85F4} - \UpdaterEX No Task File <==== ATTENTION
    Task: {E3491964-412F-424B-8868-9D044A2CCEE4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {F5DD0EDE-62D9-49E6-B8D5-580D849DE75C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {FEB10C8B-3509-49A2-8D3C-D099D5B2AE04} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2009-07-30] (Sony Corporation)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 00ef3d56-5f6a-43cb-8e10-6e30adb3dc2d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 14b8d3fb-378f-4cf5-8f82-282b0e4bad21.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5dc701af-7193-4fc8-8cc2-be40302ad012.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 96c5fce4-a01b-485f-b6d9-56d70aaf19a1.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==================== Loaded Modules (whitelisted) ==============

    2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-02-16 19:43 - 2009-04-01 22:51 - 00052736 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
    2008-08-26 09:41 - 2008-08-26 09:41 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2014-02-13 13:24 - 2014-02-13 13:24 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00238080 _____ () C:\Program Files\Sony\VAIO Care\ManagedVAIORecovery.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00074240 _____ () C:\Program Files\Sony\VAIO Care\VAIORecovery.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00069120 _____ () C:\Program Files\Sony\VAIO Care\Logging.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00027648 _____ () C:\Program Files\Sony\VAIO Care\VAIOCommon.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00207360 _____ () C:\Program Files\Sony\VAIO Care\OsServices.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00042496 _____ () C:\Program Files\Sony\VAIO Care\PluginFactory.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\XMLTools.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00059392 _____ () C:\Program Files\Sony\VAIO Care\VAIOInstallAppsDrivers.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00155136 _____ () C:\Program Files\Sony\VAIO Care\InstallDB.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00137216 _____ () C:\Program Files\Sony\VAIO Care\InstallationTools.dll
    2014-02-13 13:19 - 2009-07-24 16:17 - 00024576 _____ () C:\Program Files\Sony\VAIO Care\VAIOUtility.dll
    2015-02-25 16:54 - 2015-02-25 16:54 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15022503\algo.dll
    2015-02-26 14:28 - 2015-02-26 14:28 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15022601\algo.dll
    2014-02-13 13:40 - 2009-07-01 09:49 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
    2014-02-13 13:40 - 2009-07-01 09:49 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
    2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-11-09 15:48 - 2014-11-09 15:48 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    AlternateDataStreams: C:\ProgramData\TEMP:DDCCB2FA

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2196296775-3493883262-1510572285-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lila\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.100.254

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2196296775-3493883262-1510572285-500 - Administrator - Disabled)
    Bill (S-1-5-21-2196296775-3493883262-1510572285-1003 - Limited - Enabled) => C:\Users\Bill
    Guest (S-1-5-21-2196296775-3493883262-1510572285-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2196296775-3493883262-1510572285-1002 - Limited - Enabled)
    Lila (S-1-5-21-2196296775-3493883262-1510572285-1001 - Administrator - Enabled) => C:\Users\Lila

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/20/2015 05:52:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
    Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
    Exception code: 0xc0000005
    Fault offset: 0x00000000001729ac
    Faulting process id: 0x9e4
    Faulting application start time: 0xExplorer.EXE0
    Faulting application path: Explorer.EXE1
    Faulting module path: Explorer.EXE2
    Report Id: Explorer.EXE3

    Error: (02/20/2015 03:25:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program mbam.exe version 1.0.1.711 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: bc0

    Start Time: 01d04d246865177c

    Termination Time: 15

    Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

    Report Id: 5e802f9d-b94f-11e4-af71-60380e038425

    Error: (02/18/2015 10:11:40 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=40.0.2214.111;lang=;guid=E5FDE7297F7049BE90A7387D5AB2D33D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\ae0a0b27-c1ef-43be-8c83-5f5b01654640.dmp

    Error: (02/15/2015 01:15:56 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020

    Error: (02/15/2015 01:15:41 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020

    Error: (02/15/2015 01:11:40 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: PbCore, Version=1.5.0.6190, Culture=neutral, PublicKeyToken=null . Error code = 0x80070002

    Error: (01/29/2015 07:35:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program chrome.exe version 40.0.2214.93 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 5ac

    Start Time: 01d03c341c21270a

    Termination Time: 9

    Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    Report Id: aa965bdf-a828-11e4-85f8-60380e038425

    Error: (01/26/2015 00:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Client application bug: DNSServiceResolve(34:c0:59:7d:9d:1d@fe80::36c0:59ff:fe7d:9d1d._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

    Error: (01/26/2015 00:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Client application bug: DNSServiceResolve(34:c0:59:7d:9d:1d@fe80::36c0:59ff:fe7d:9d1d._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

    Error: (01/26/2015 00:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: ERROR: handle_resolve_request bad interfaceIndex 24


    System errors:
    =============
    Error: (02/26/2015 06:24:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

    Error: (02/26/2015 06:24:42 AM) (Source: atikmdag) (EventID: 10261) (User: )
    Description: Display is not active

    Error: (02/26/2015 06:24:42 AM) (Source: atikmdag) (EventID: 19468) (User: )
    Description: CPLIB :: General - Invalid Parameter

    Error: (02/25/2015 09:12:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

    Error: (02/25/2015 09:11:25 AM) (Source: atikmdag) (EventID: 10261) (User: )
    Description: Display is not active

    Error: (02/25/2015 09:11:25 AM) (Source: atikmdag) (EventID: 19468) (User: )
    Description: CPLIB :: General - Invalid Parameter

    Error: (02/24/2015 10:41:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

    Error: (02/24/2015 10:40:40 PM) (Source: atikmdag) (EventID: 10261) (User: )
    Description: Display is not active

    Error: (02/24/2015 10:40:40 PM) (Source: atikmdag) (EventID: 19468) (User: )
    Description: CPLIB :: General - Invalid Parameter

    Error: (02/24/2015 11:27:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.


    Microsoft Office Sessions:
    =========================
    Error: (02/20/2015 05:52:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Explorer.EXE6.1.7601.175674d672ee4ole32.dll6.1.7601.175144ce7c92cc000000500000000001729ac9e401d04d2461696e0eC:\Windows\Explorer.EXEC:\Windows\system32\ole32.dllda85b983-b963-11e4-af71-60380e038425

    Error: (02/20/2015 03:25:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: mbam.exe1.0.1.711bc001d04d246865177c15C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe5e802f9d-b94f-11e4-af71-60380e038425

    Error: (02/18/2015 10:11:40 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=40.0.2214.111;lang=;guid=E5FDE7297F7049BE90A7387D5AB2D33D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\ae0a0b27-c1ef-43be-8c83-5f5b01654640.dmp

    Error: (02/15/2015 01:15:56 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020
    System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

    Error: (02/15/2015 01:15:41 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020
    System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

    Error: (02/15/2015 01:11:40 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: PbCore, Version=1.5.0.6190, Culture=neutral, PublicKeyToken=null . Error code = 0x80070002
    PbCore, Version=1.5.0.6190, Culture=neutral, PublicKeyToken=null

    Error: (01/29/2015 07:35:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: chrome.exe40.0.2214.935ac01d03c341c21270a9C:\Program Files (x86)\Google\Chrome\Application\chrome.exeaa965bdf-a828-11e4-85f8-60380e038425

    Error: (01/26/2015 00:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Client application bug: DNSServiceResolve(34:c0:59:7d:9d:1d@fe80::36c0:59ff:fe7d:9d1d._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

    Error: (01/26/2015 00:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Client application bug: DNSServiceResolve(34:c0:59:7d:9d:1d@fe80::36c0:59ff:fe7d:9d1d._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

    Error: (01/26/2015 00:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: ERROR: handle_resolve_request bad interfaceIndex 24


    CodeIntegrity Errors:
    ===================================
    Date: 2014-02-16 19:00:29.368
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 19:00:29.259
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 19:00:29.056
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 19:00:28.994
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 18:30:07.942
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 18:30:07.895
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 18:30:07.833
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 18:30:07.770
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 18:21:07.407
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-02-16 18:21:07.360
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
    Percentage of memory in use: 50%
    Total physical RAM: 4063.02 MB
    Available physical RAM: 2015.15 MB
    Total Pagefile: 8124.23 MB
    Available Pagefile: 5671.52 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:457.98 GB) (Free:397.63 GB) NTFS
    Drive g: (My Passport) (Fixed) (Total:465.73 GB) (Free:81.84 GB) NTFS
    Drive h: (My Passport) (Fixed) (Total:931.48 GB) (Free:766.41 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D1667CB9)
    Partition 1: (Not Active) - (Size=7.7 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=458 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CD88BD95)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 4 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 00038A56)
    Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  4. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    I downloaded the adware program and ran the scan, but wasn't sure if I should have it fix what is in the screen shots
     

    Attached Files:

  5. allheart55 (Cindy E)

    allheart55 (Cindy E) Administrator Administrator

    Joined:
    Jun 11, 2009
    Messages:
    10,518
    Location:
    Pennsylvania
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    ASUS M4A77TD AM3 AMD 770 ATX AMD
    CPU:
    AMD Phenom II X6 1090T-Thuban 3.2GHz
    Memory:
    Crucial-DDR3 SDRAM 1333-8GB
    Hard Drive:
    WD Caviar Black SE HDD 640 GB - WD Caviar Black SE HDD 500 GB
    Graphics Card:
    Sapphire Radeon HD-7870 2GB
    Power Supply:
    CORSAIR CMPSU-750W
    It looks as if you need malware removal assistance. I have messaged our malware experts.
    Someone will assist you shortly. Please be patient as our experts work on multiple forums.
     
  6. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    ok tyvm...will wait
     
  7. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    All in all, it looks pretty good. Are you asking because you just wanted to be sure, or because you're noticing odd behavior of your computer?

    -etavares
     
  8. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    well thats good news. I was wondering cause I am getting pages that popping up the odd time. its not on specific sites its when it feels like it I guess. I am thinking I should do a back up of my programs and set my laptop back to factory settings. I have the backup disks I made when I first bought my laptop, but not sure if all the drives? Would it be best to set to factory settings or use the disks that I have? would like your opinion on this if you don't mind.
    thank you so much
     
  9. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    That would work, and is the one guaranteed way to resolve all issues. If you want to go that route, let me know. If not, since you're getting popups, let's dig in a bit more. Are they occurring in Chrome, IE, other browsers? Only one browsersor all of them? Do they go to the same website or different ones?

    -etavares
     
  10. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    its happening on all browsers. I use chrome all of the time cause ff is just too darn slow now. takes forever for my home page to come up. can't do other things with ff either. IE well thats another story LOL I dislike it and refuse to it due to it being even slower then ff, but keep it up to date.
    thank you
     
  11. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    OK, let's run FRST, but in a slightly different manner. There is something underlying if it's across multiple browsers.

    • On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.

      Note:You need to run the version compatible with your system.

      Plug the flashdrive into the infected PC.
    • If you are usingWindows8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

      If you are usingVistaorWindows7 enter SystemRecoveryOptions.

      To enter SystemRecoveryOptionsfrom the AdvancedBootOptions:
      • Restart the computer.
      • As soon as the BIOS is loaded begin tapping the F8 key untilAdvancedBootOptions appears.
      • Use the arrow keys to select the Repair your computer menu item.
      • SelectUSas the keyboard language settings,andthen click Next.
      • Select the operating system you want to repair,andthen click Next.
      • Select your user account an click Next.
      Note:Incase you can not enter SystemRecoveryOptionsbyusing F8 method, you can useWindows installation disc,or make a repair disc.AnyWindows installation disc or a repair disc made on another computer can be used.To make a repair disk on Windows7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html

      To enter SystemRecoveryOptionsbyusingWindows installation disc:
      • Insert the installation disc.
      • Restart your computer.
      • If prompted, press any key to start Windowsfrom the installation disc.If your computer isnot configured to start from a CD or DVD, check your BIOS settings.[/*]
      • Click Repair your computer.
      • Select US as the keyboard language settings, and then click Next.
      • Select the operating system you want to repair, and then click Next.
      • Select your user account and click Next.
    • On the System Recovery Options menu you will get the following options:

      Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt


      Select Command Prompt
    • Once in the Command Prompt:
      • In the command window type in notepad and press Enter.
      • The notepad opens. Under File menu select Open.
      • Select "Computer" and find your flash drive letter and close the notepad.
      • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
        Note:
        Replace letter e with the drive letter of your flash drive.
      • The tool will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press Scan button.
      • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


    -etavares
     
  12. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    Ok I am confused here. I have downloaded the FRST to a memory stick.
    I don't understand the part about If you are usingVistaorWindows7 enter SystemRecoveryOptions.
    do I do the SystemRecoveryOptions after I run the FRST?
     
  13. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    No, we will run FRST from the Recovery Environment. So, boot into the recovery environment, once in the System Recovery Options menu, you'll go to Command Prompt, then run FRST. Does that make sense?

    -etavares
     
  14. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    I'm sorry for being so computer iliterate, but I will do my best to follow instructions.

    so what I should do is reboot my laptop and when it starts up press the F8 key. then run the FRST that is in the memory stick? then do you want me to come back here and post the scan results?
    this is not going to put my computer back to factory settings is it? cause I have lots to back up before I do that.
    ty
     
  15. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    No worries...questions are a good thing. If you follow the instructions, it will not reset your computer. I had to do something like this yesterday on my computer. What we're doing is entering the recovery environment to run FRST from the command prompt. We'll make no changes, short of running FRST and creating a log. You're welcome to back up at any point to be safe. :) We're basically running FRST but without your windows installation loading fully...this means that malware can't hide in Windows...it's exposed since that Windows installation on your computer isn't loaded.

    So first, we plug in the flash drive with FRST. Then we launch System Recovery Options:
    System Recovery Options from the Advanced Boot Options Menu:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    You'll see a list of options then. Select Command Prompt.


    Next, we need to find out what drive letter your computer assigned the flash drive with FRST.
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad. All you're looking for is the letter next to it like E:\ or F:\
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
      Note:
      Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. At this point you can shut down the computer, then boot normally.
    • Please copy and paste frst.txt from the flash drive into your reply here.

    Thanks!
    -etavares
     
  16. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    I am stuck again. I got into System Recovery Options and this is what I get

    when I start the computer up and press F8 and it comes to the screen..the repair computer is showing already so I press enter. then the US keyboard shows and I click on next then it comes to admin sign in and then from there I see what is typed below

    System Recovery Options
    Automatically fix problems that are preventing windows from starting


    System Restore
    restore windows to an earlier point


    System Image Recovery
    recover yo9ur computer using a system image you created earlier

    Window Memory
    Check your computer for memory hardware errors

    Command Prompt
    Open a command prompt window

    now I am confused as to which one to click on to get to my memory stick where the FRST is placed
    sorry for being so dahhhh
     
    Last edited: Feb 28, 2015
  17. allheart55 (Cindy E)

    allheart55 (Cindy E) Administrator Administrator

    Joined:
    Jun 11, 2009
    Messages:
    10,518
    Location:
    Pennsylvania
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    ASUS M4A77TD AM3 AMD 770 ATX AMD
    CPU:
    AMD Phenom II X6 1090T-Thuban 3.2GHz
    Memory:
    Crucial-DDR3 SDRAM 1333-8GB
    Hard Drive:
    WD Caviar Black SE HDD 640 GB - WD Caviar Black SE HDD 500 GB
    Graphics Card:
    Sapphire Radeon HD-7870 2GB
    Power Supply:
    CORSAIR CMPSU-750W
    Hi Just-Me,

    Under the list of options, you will need to select Command Prompt. Then follow the instructions given by Etavares.

     
  18. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    the FRST is in removable disk I. how should I type that in...or do I just put I in there LOL
    I am just reading what you have above carefully and think I know what to do now LOL
    keep everything crossed for me plz even your toes...hehehe
     
    allheart55 (Cindy E) likes this.
  19. Just-Me

    Just-Me Registered Members

    Joined:
    Mar 2, 2014
    Messages:
    117
    Operating System:
    Windows 7
    nope not running for me. I saw that when the command opened it had 32 bit. I tried typing in the G:\frst64...got a message saying....is not recognized as an internal or external command. operable program batch file.
    I then shut down the comp and started up and downloaded the 32 bit FRST and tried that one and got the same exact message. I opened up the G and its not even showing in there when I open the file. I know its in G cause I checked after the download. so what do you suggest now? sheesh
    tyvm
     
  20. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    Hi,

    You need the 64 bit version. The drive letter will probably change. If it was G:\ when you downloaded it and saved it, it very well may be a different letter when you reboot into the Command Prompt. What did it say when you launched Notepad from the Command Prompt? Was it still G:/> ?

    -etavares
     
    Just-Me likes this.

Share This Page