1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Black box popping up,slow/stuck PC,document folder won't load, windows wont connect.

Discussion in 'Virus & Other Malware Removal' started by Compash, May 8, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    Hi everyone,

    I have encountered the problem with my Dell PC.

    When I am casually browsing online, sometime a black empty command box will pop up for 1 second and then disappear. And sometime it will pop up again 1 second later, and disappear immediately.

    And then when I go to document folder, and nothing will be in the folder, the pathway box at top will be loading the green bar, it will takes forever, eventually it will get stuck, without showing any documents in the folder while in reality, it has several files saved. It was impossible to use outlook email app as well. And it will take a while for the mouse pointer to stop being refreshed. Dell PC will get stuck, and I won't be able to shut it down by clicking on shut down option using mouse pointer, only way I can shut down the PC is to press the physical button of shut down.

    And then I will turn on the PC, which may take several attempt, and when it finally work, I will get notification at right bottom corner of my desktop which will say "Failed to connect to a Windows service. Windows couldn't connect to the Group Policy Client service. This problem prevents standard users from signing in. As an administrative user, you can review the system event log for details about why the service didn't respond."

    Sometime it will work, and document folder will open instantly, showing all the files without any problem.

    I did run diagnostic on this PC via boot menu with F12 key. No problem was found.
    I also checked BIOS version, which was BIOS A05, and I did update it to BIOS A07.
    But the problem still occurs.

    I am using McAvee security, which says my computer is protected.

    But I did use Malwarebytes Anti-Malware, and it will show up PUP.Optional.Astromenda.A, and I would quarantine it, and then Malwarebytes will congratulate me by saying it is fixed. But if I scan it again, it will show up again, seems like I can't remove it.


    I also checked for corrupted files, using System File Checker, and there are some bad files which cannot be repaired such as:

    2015-05-07 22:24:57, Info CSI 0000058c [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-05-07 22:25:05, Info CSI 0000058e [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-05-07 22:25:05, Info CSI 0000058f [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"
    2015-05-07 22:31:39, Info CSI 000008d5 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-05-07 22:31:39, Info CSI 000008d7 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-05-07 22:31:39, Info CSI 000008d8 [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"


    I don't know which one is causing the problem.

    I am worried about how Dell is going…. and it is new PC, just about 9 months old.

    Many thanks in advance for your valuable time and help.

    Regards,

    Compash

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 8.1, 64 bit
    Processor: Intel(R) Core(TM) i5-4440S CPU @ 2.80GHz, Intel64 Family 6 Model 60 Stepping 3
    Processor Count: 4
    RAM: 8117 Mb
    Graphics Card: Intel(R) HD Graphics 4600, -2016 Mb
    Hard Drives: C: Total - 941483 MB, Free - 858625 MB;
    Motherboard: Dell Inc., 05R2TK
    Antivirus: Windows Defender, Disabled
     
  2. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    *bump*
     
  3. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    Hello Compash and welcome to TSG,

    Continue as follows please:

    Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

    [​IMG] Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. [​IMG]
    Choose Settings. at the bottom of the screen click the
    "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

    [​IMG] Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. [​IMG] Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

    [​IMG] Internet Explorer - Click the Tools menu in the upper right-corner of the browser. [​IMG] Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
    NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

    Next,

    Follow the instructions in the following link to show hidden files:

    http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

    Next,

    Please open Malwarebytes Anti-Malware.

    • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
    • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
    • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • With some infections, you may see this message box.

      'Could not load DDA driver'
    • Click 'Yes' to this message, to allow the driver to load after a restart.
    • Allow the computer to restart. Continue with the rest of these instructions.
    • When the scan is complete, click Apply Actions.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    • After the restart once you are back at your desktop, open MBAM once more.

    To get the log from Malwarebytes do the following:

    • Click on the History tab > Application Logs.
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


    If Malwarebytes is not installed follow these instructions first:

    Download Malwarebytes Anti-Malware to your desktop.
    • Double-click mbam-setup and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish. Follow the instructions above....

    Next,

    Download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

    Let me see those logs in your reply....

    Thank you,

    Kevin...
     
  4. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    Hi Kevin,

    Many thanks for replying to my thread. I appreciate it.

    But I did use Malwarebytes Anti-Malware before (few days back), and it did detect multiple malwares, and all were removed apart from Astromenda one, which keep showing up. But since I scanned it again today, there was multiple malwares again (I don't know where they came from all of sudden again?) which I did remove all of it again today. And then scan it again, seems like everything is removed apart from PUP.Optional.Astromenda.A. But others one (aside Astromenda) may come back again.

    Looking forward hearing from you again, hopefully this problem will be resolved soon.

    Compash



    Please see my two Malwarebytes Anti-Malware logs and Farbar Recovery Scan Tool log:-


    Malwarebytes Anti-Malware 1st log


    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 15/05/2015
    Scan Time: 11:28:38
    Logfile:
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.15.02
    Rootkit Database: v2015.05.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Sabira

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 485214
    Time Elapsed: 8 min, 30 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 3
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A697B6D4-D947-45E9-BB93-932EC383144A}, Quarantined, [7d71ff94e3a7a69015303a332adb13ed],
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0B0666C-D46E-43ED-B54D-292BA62BCD6A}, Quarantined, [06e86132c1c9b383f450c1ac4db8c53b],
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7CEE9F8-F46D-4719-8335-9F797AC29D4A}, Quarantined, [18d6a4efc8c2ef4789bc78f538cd867a],

    Registry Values: 6
    PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, Quarantined, [7678167dc6c43501b11b0accf40f21df]
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A697B6D4-D947-45E9-BB93-932EC383144A}|AppName, cb91448f-4adb-4089-8201-e3e4cf11763a-2.exe-codedownloader.exe, Quarantined, [7d71ff94e3a7a69015303a332adb13ed]
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0B0666C-D46E-43ED-B54D-292BA62BCD6A}|AppName, 3dc9ad44-cf8d-4b0d-ab93-a60e282461b8-2.exe-buttonutil.exe, Quarantined, [06e86132c1c9b383f450c1ac4db8c53b]
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7CEE9F8-F46D-4719-8335-9F797AC29D4A}|AppName, cb91448f-4adb-4089-8201-e3e4cf11763a-2.exe-codedownloader.exe, Quarantined, [18d6a4efc8c2ef4789bc78f538cd867a]
    PUP.Optional.Iminent.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|Url, http://start.iminent.com/?appId=FD3D980A-D07B-4A30-8512-84AD0EBE82D5&ref=toolbox&q={searchTerms}, Quarantined, [1fcff79caedc9a9c60984c8b62a1ab55]
    PUP.Optional.Iminent.A, HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Iminent\inst\SearchTheWeb.ico, Quarantined, [8c62167d107af2446b8d15c28281e020]

    Registry Data: 0
    (No malicious items detected)

    Folders: 1
    PUP.Optional.CrossRider.A, C:\Program Files (x86)\Internet Speed Checker, Quarantined, [40aecec5addde650f54128ac12f10ff1],

    Files: 3
    PUP.Optional.CrossRider.A, C:\Program Files (x86)\Internet Speed Checker\bgNova.html, Quarantined, [40aecec5addde650f54128ac12f10ff1],
    PUP.Optional.CrossRider.A, C:\Program Files (x86)\Internet Speed Checker\1293297481.mxaddon, Quarantined, [40aecec5addde650f54128ac12f10ff1],
    PUP.Optional.Astromenda.A, C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0Dzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=",), Replaced,[e20cace795f5a690e9f8005cf70f857b]

    Physical Sectors: 0
    (No malicious items detected)


    (end)




    Malwarebytes Anti-Malware 2nd log:-

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 15/05/2015
    Scan Time: 11:39:55
    Logfile:
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.15.02
    Rootkit Database: v2015.05.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Sabira

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 484016
    Time Elapsed: 8 min, 38 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 1
    PUP.Optional.Astromenda.A, C:\Users\Sabira
    45trg
    ye3]#2\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0Dzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=",), Replaced,[08e69af99eecb6804c95223aab5bf40c]

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    Farbar Recovery Scan Tool log


    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 02
    Ran by Sabira at 2015-05-15 13:33:52
    Running from C:\Users\Sabira\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2771644027-2860193389-1954980343-500 - Administrator - Disabled)
    fatem_000 (S-1-5-21-2771644027-2860193389-1954980343-1004 - Limited - Enabled) => C:\Users\fatem_000
    Guest (S-1-5-21-2771644027-2860193389-1954980343-501 - Limited - Disabled)
    Sabira (S-1-5-21-2771644027-2860193389-1954980343-1001 - Administrator - Enabled) => C:\Users\Sabira
    shami_000 (S-1-5-21-2771644027-2860193389-1954980343-1005 - Limited - Enabled) => C:\Users\shami_000
    yamee_000 (S-1-5-21-2771644027-2860193389-1954980343-1006 - Limited - Enabled) => C:\Users\yamee_000

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
    FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
    Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
    Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.0 - Adobe Systems Incorporated.)
    Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
    ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{FF8455A9-21E8-457D-AC64-510A705D53B3}) (Version: 1.1.2.50 - ArcSoft)
    BitTorrent (HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\BitTorrent) (Version: 7.9.2.35144 - BitTorrent Inc.)
    BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
    BlueStacks Notification Center (HKLM-x32\...\{CF297F45-BB2C-4454-AEDA-EFAB01AFDCE3}) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
    Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
    Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
    Canon MG7100 series User Registration (HKLM-x32\...\Canon MG7100 series User Registration) (Version: - *Canon Inc.)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
    Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
    Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
    Dell Update (HKLM-x32\...\{3F862535-33F3-4F3F-864E-6D4F6FD3258D}) (Version: 1.5.2000.0 - Dell Inc.)
    DELLOSD (HKLM-x32\...\{594E7534-5ECB-4FAC-B26F-583B0CFCBCEC}) (Version: 1.00.0006 - DELL)
    Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
    Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
    Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) Smart Connect Technology (HKLM\...\{9B5FD763-5074-474C-B898-24567E6450C8}) (Version: 4.2.40.2439 - Intel Corporation)
    Kodi (HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Kodi) (Version: - XBMC-Foundation)
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
    McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.210 - McAfee, Inc.)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    PDFMate Free PDF Merger 1.0.8 (HKLM-x32\...\PDFMate Free PDF Merger_is1) (Version: - pdfmate.com)
    PerfV700_V750 User's Guide (HKLM-x32\...\PerfV700_V750 User's Guide) (Version: - )
    PrtScr 1.7 (HKLM-x32\...\PrtScr_is1) (Version: - FireStarter)
    Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.31.1053 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.1.300 - Qualcomm Atheros Communications) Hidden
    Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.31.1053 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Network Manager (Version: 1.0.31.1053 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Performance Suite (HKLM-x32\...\{F7C7EFEC-D7AB-4BDE-B5FA-D76231DA4E80}) (Version: 1.0.31.1053 - Qualcomm Atheros)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
    SilverFast Epson-SE 6.6.1r2b (HKLM-x32\...\SilverFast Epson-SE) (Version: - LaserSoft Imaging AG)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    08-05-2015 14:56:42 Scheduled Checkpoint
    13-05-2015 01:08:36 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {14641721-6E16-40CD-A4EE-B86BA1AB0B8E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {1DBCBE56-38DB-45E8-A600-A8A493E46D0C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {208E31E3-3FCD-48B1-BF9E-242FF5584D4A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
    Task: {2AC3BFA0-32C9-4A07-AF53-3BBB43765CF7} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {3FD92324-06BF-4DFF-B702-1C7B4581CFFB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
    Task: {400BB0A6-89F9-43DC-BF42-3056EB62A018} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
    Task: {4997C862-57A0-417B-AA0E-D35A190DE21C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {4C65E53E-0AEF-4A49-9842-A3B3C51560B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
    Task: {62444CCF-63A8-4A58-AB39-B4526DF29FA4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-20] (Microsoft Corporation)
    Task: {633BC3C6-1F19-4998-859B-DFCBEC3D2E92} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
    Task: {6E4FBD85-F084-4E4B-A720-98259CDC32EB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {7452D166-04C2-4DB1-A5FE-A607D2730CAD} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
    Task: {83C9C36D-1B68-48A3-BB87-76C55E1A6CE6} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
    Task: {864D3E13-5C03-4906-B33A-C7B8EA3DFB22} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
    Task: {9EDAD025-F1D6-4509-8D9D-137EA2EB4DF5} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
    Task: {BC923CAD-AE82-4886-B6A6-4575DC1B98E4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {CEE2EF38-FCF8-49E9-8655-E065CDC856BB} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
    Task: {E69149DF-81FC-41D7-B301-6791C1EF3CCF} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2771644027-2860193389-1954980343-1001
    Task: {EF547238-D25B-46D1-9239-DC89003AD957} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
    Task: {F23931A0-D44B-407D-83D1-0282969F8DC5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {F8723268-7917-44DE-9E3D-2670C5B0D421} - \ASP No Task File <==== ATTENTION
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-01-30 05:21 - 2013-08-02 09:40 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-01-30 06:14 - 2013-08-01 14:22 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-01-30 06:30 - 2013-05-18 02:12 - 00131072 _____ () C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
    2014-06-26 19:37 - 2013-05-14 10:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    2013-08-13 04:06 - 2013-08-13 04:06 - 00198120 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    2013-08-13 04:06 - 2013-08-13 04:06 - 00054760 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
    2013-08-13 04:06 - 2013-08-13 04:06 - 00034792 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
    2014-01-30 06:30 - 2013-01-26 07:29 - 00544768 _____ () C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
    2015-05-09 14:04 - 2015-05-09 14:05 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
    2013-08-15 12:48 - 2013-08-15 12:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2013-08-15 12:45 - 2013-08-15 12:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
    2013-08-15 12:52 - 2013-08-15 12:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2014-09-08 15:25 - 2013-07-14 17:19 - 02766336 _____ () C:\Program Files (x86)\PrtScr\PrtScr.exe
    2013-08-15 21:03 - 2013-08-15 21:03 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
    2015-04-24 19:19 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-04-24 19:19 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-04-24 19:19 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-04-24 19:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-04-24 19:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2014-09-08 15:25 - 2013-06-06 14:44 - 18730496 _____ () C:\Program Files (x86)\PrtScr\dsp_ipp.dll
    2014-09-08 15:25 - 2013-04-11 02:18 - 00509440 _____ () C:\Program Files (x86)\PrtScr\QuickFontCache.dll
    2014-09-08 15:25 - 2013-04-06 09:26 - 00487424 _____ () C:\Program Files (x86)\PrtScr\freetype.dll
    2014-06-22 16:58 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
    2014-06-22 16:58 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
    2015-05-15 11:04 - 2015-05-05 05:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
    2015-05-15 11:04 - 2015-05-05 05:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
    2014-01-30 06:39 - 2013-03-05 04:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
    2013-03-05 20:41 - 2013-03-05 20:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
    2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
    2014-01-30 06:30 - 2013-08-09 13:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2015-02-26 17:07 - 2015-02-09 16:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
    2014-01-30 06:46 - 2012-11-26 07:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
    2015-02-26 17:07 - 2014-02-18 19:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Users\fatem_000\OneDrive:ms-properties
    AlternateDataStreams: C:\Users\Sabira\SkyDrive:ms-properties
    AlternateDataStreams: C:\Users\shami_000\OneDrive:ms-properties
    AlternateDataStreams: C:\Users\yamee_000\OneDrive:ms-properties

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, the associated entry will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\skype.com -> hxxps://apps.skype.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\Wallpaper_Pirelli_FINAL.jpg
    DNS Servers: 192.168.0.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{CE95F662-1AAE-4774-85BF-558C8BAE6900}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{F7EF53B6-0F41-4780-B98E-F4ED80D28EA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
    FirewallRules: [{8D3CC3A6-1D74-4101-91FD-C486E0BA19CE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{0C47A2DC-DA98-4215-8027-28D4C0FA16A3}] => (Allow) LPort=2869
    FirewallRules: [{D425AF95-2FA5-4532-BBB8-1B197AB83F22}] => (Allow) LPort=1900
    FirewallRules: [{5EBD23DE-5F2F-4265-B6BA-871446A6A3A5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{057A051A-47AE-4841-B7CA-7EB24294C3A3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [TCP Query User{41560567-4A1A-408B-BC99-A4C2CAA3FC57}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{F0E8ADF6-7B14-4DAE-AC1E-B99D7DD22C89}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [TCP Query User{B121C86A-0F76-45AF-AADE-8C15EC013896}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{3E059A50-FA45-425A-88FF-11650DF99834}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{F1D29C0B-1483-477B-9E8C-288DEB0372C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/15/2015 02:55:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1a54

    Start Time: 01d08eb04397cd32

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 8027c0f5-faa5-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/15/2015 02:41:56 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
    Description: There was an error with the Windows Location Provider database

    Error: (05/15/2015 02:34:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 11f8

    Start Time: 01d08daab87c7c64

    Termination Time: 25

    Application Path: C:\Windows\Explorer.EXE

    Report Id: 776242fb-faa2-11e4-82be-543530a68c7a

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (05/15/2015 01:27:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2a90

    Start Time: 01d08ea2ee0c960a

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 1ec2d6fe-fa99-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/15/2015 01:00:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1f58

    Start Time: 01d08ea10b602e20

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 55b43e6b-fa95-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/15/2015 00:42:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2370

    Start Time: 01d08e9b34625df8

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: e7e7e0da-fa92-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/14/2015 11:48:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2be8

    Start Time: 01d08e97037f7ee0

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 5062ffef-fa8b-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/14/2015 11:06:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 282c

    Start Time: 01d08e8ea1cdfa05

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 6effa947-fa85-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/14/2015 10:09:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2260

    Start Time: 01d08e893fe32a2a

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 8cc6d246-fa7d-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/14/2015 09:48:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2ea8

    Start Time: 01d08e863ff8f8cb

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 8cdfc1c6-fa7a-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1


    System errors:
    =============
    Error: (05/15/2015 11:02:42 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
    Description: The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 11:02:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-4440S CPU @ 2.80GHz
    Percentage of memory in use: 61%
    Total physical RAM: 8117.98 MB
    Available physical RAM: 3124.06 MB
    Total Pagefile: 9461.98 MB
    Available Pagefile: 3315.25 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.8 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:919.42 GB) (Free:833.6 GB) NTFS
    Drive x: (PBR Image) (Fixed) (Total:9.44 GB) (Free:0.68 GB) NTFS
    Drive y: (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.62 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: E02AF0F9)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================
     
  5. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    FRST will produce two logs "FRST.txt" and "Addition.txt", you have posted the secondary log "Addition.txt" I also need to see the primary log "FRST.txt".

    Logs are saved to this folder: C:\FRST\Logs
     
  6. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    Hi Kevin,

    So sorry for not including the log.

    Here is it:

    "FRST.txt"



    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 02
    Ran by Sabira (administrator) on HOMEOFFICE on 15-05-2015 13:33:23
    Running from C:\Users\Sabira\Desktop
    Loaded Profiles: Sabira (Available profiles: Sabira & fatem_000 & shami_000 & yamee_000)
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    () C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
    () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Dell Inc.) C:\Program Files (x86)\DELL\SupportAssistAgent\bin\SupportAssistAgent.exe
    (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe
    () C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    () C:\Program Files (x86)\PrtScr\PrtScr.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
    () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
    (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
    (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
    (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
    (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
    (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
    (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
    (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
    (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-14] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-08-15] (Qualcomm®Atheros®)
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [PrtScr by FireStarter] => C:\Program Files (x86)\PrtScr\PrtScr.exe [2766336 2013-07-14] ()
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [GoogleChromeAutoLaunch_3C1B2192D11FF988E69B64C631FA80BC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-05-05] (Google Inc.)
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [387536 2013-08-02] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [326224 2013-08-02] (NVIDIA Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-01-30]
    ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-01-30]
    ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{99D8B059-63AA-415B-A8F3-48A4F6E3D867}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
    ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
    ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
    ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
    ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:55779;https=127.0.0.1:55779
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> DefaultScope {C2955A86-4974-4F3B-A59F-E7134FF2A874} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB977D20150203&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> {822BB52E-9C4D-4C06-B7CB-6BB3CE1D6F13} URL =
    SearchScopes: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> {C2955A86-4974-4F3B-A59F-E7134FF2A874} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB977D20150203&p={searchTerms}
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-08-15] (Qualcomm®Atheros®)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
    BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
    BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
    Toolbar: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-03]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-30]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0Dzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=
    CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Adblock Plus) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-16]
    CHR Extension: (Pushbullet) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-03-28]
    CHR Extension: (SiteAdvisor) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-17]
    CHR Extension: (AdBlock) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-08]
    CHR Extension: (Bookmark Manager) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
    CHR Extension: (Hangouts) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-09-11]
    CHR Extension: (Google Wallet) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-19]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-06]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-06]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-15] (Windows (R) Win 7 DDK provider) [File not signed]
    R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
    R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
    R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [131072 2013-05-18] () [File not signed]
    R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
    R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
    R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [210808 2015-02-10] (Dell Inc.)
    R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
    R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
    R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-13] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-04-17] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
    S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
    S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-15] (Qualcomm Atheros) [File not signed]
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-12] (SoftThinks SAS)
    R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 akwbx; C:\Windows\system32\DRIVERS\akwbx64.sys [3862736 2013-07-27] (Qualcomm Atheros, Inc.)
    R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-14] (Qualcomm Atheros, Inc.)
    R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-08-15] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
    R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
    R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-09] ()
    R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-09] ()
    R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-08] ()
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-08] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-15] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
    S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2015-05-08] ()
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
    S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-05-15 13:33 - 2015-05-15 13:33 - 00031232 _____ () C:\Users\Sabira\Desktop\FRST.txt
    2015-05-15 13:33 - 2015-05-15 13:33 - 00000000 ____D () C:\FRST
    2015-05-15 13:32 - 2015-05-15 13:32 - 02106368 _____ (Farbar) C:\Users\Sabira\Desktop\FRST64.exe
    2015-05-15 13:31 - 2015-05-15 13:31 - 01145856 _____ (Farbar) C:\Users\Sabira\Desktop\FRST.exe
    2015-05-15 11:43 - 2015-05-15 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-05-15 11:40 - 2015-05-15 11:40 - 00000000 ___RD () C:\Users\Sabira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2015-05-13 19:37 - 2015-05-13 19:37 - 00001838 _____ () C:\Users\Public\Desktop\Apps.lnk
    2015-05-13 19:37 - 2015-05-13 19:37 - 00001821 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
    2015-05-13 19:33 - 2015-05-13 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
    2015-05-13 00:38 - 2015-04-24 22:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 00:38 - 2015-03-05 00:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-12 02:53 - 2015-05-12 02:54 - 00000022 _____ () C:\Users\Sabira\Downloads\outlander-season-1-episode-14-english-6780.zip
    2015-05-10 23:13 - 2015-05-12 02:54 - 00055224 _____ () C:\Users\Sabira\Downloads\Outlander.S01E14.HDTV.x264-BATV.srt
    2015-05-09 14:03 - 2015-05-11 16:16 - 00000000 ____D () C:\Users\Sabira\Documents\Bluetooth Folder
    2015-05-08 23:01 - 2015-05-08 23:01 - 00509440 _____ (Tech Support Guy System) C:\Users\Sabira\Downloads\SysInfo.exe
    2015-05-08 18:04 - 2015-05-08 18:04 - 13232896 _____ (DELL INC.) C:\Users\Sabira\Downloads\XPS_2720_A07.EXE
    2015-05-08 18:04 - 2015-05-08 18:04 - 00031152 _____ () C:\Windows\system32\Drivers\pmxdrv.sys
    2015-05-07 22:38 - 2015-05-07 22:38 - 00069611 _____ () C:\Users\Sabira\Desktop\sfcdetails.text
    2015-05-06 23:22 - 2015-05-14 03:08 - 00000000 ____D () C:\Users\Sabira\Desktop\Cattery Bussiness and Buildings
    2015-04-24 19:19 - 2015-04-24 19:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2015-04-24 19:19 - 2015-04-24 19:23 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-04-24 19:19 - 2015-04-24 19:19 - 00001409 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2015-04-24 19:19 - 2015-04-24 19:19 - 00001397 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2015-04-24 19:19 - 2015-04-24 19:19 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2015-04-24 19:19 - 2015-04-24 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2015-04-24 19:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2015-04-24 19:18 - 2015-04-24 19:18 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sabira\Downloads\spybot-2.4.exe
    2015-04-22 12:00 - 2015-05-15 11:38 - 00002248 _____ () C:\Windows\PFRO.log
    2015-04-21 17:53 - 2015-03-14 09:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2015-04-21 17:53 - 2015-03-14 09:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2015-04-20 17:30 - 2015-03-23 22:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-04-20 17:30 - 2015-03-23 22:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-04-20 17:30 - 2015-03-23 22:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-04-20 17:30 - 2015-03-23 22:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-04-20 17:30 - 2015-03-23 22:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-04-20 17:30 - 2015-03-20 05:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
    2015-04-20 17:30 - 2015-03-20 05:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-04-20 17:30 - 2015-03-20 05:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-04-20 17:30 - 2015-03-20 04:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-04-20 17:30 - 2015-03-20 03:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-04-20 17:30 - 2015-03-20 03:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-04-20 17:30 - 2015-03-20 03:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-04-20 17:30 - 2015-03-13 05:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-04-20 17:30 - 2015-03-13 04:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-04-20 17:30 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-04-20 17:30 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2015-04-20 17:30 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2015-04-20 17:30 - 2015-02-21 00:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2015-04-20 17:29 - 2015-03-13 05:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-04-20 17:29 - 2015-03-13 05:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-04-20 17:29 - 2015-03-13 04:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-04-20 17:29 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-04-20 17:29 - 2015-03-13 04:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-04-20 17:29 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-04-20 17:29 - 2015-03-13 04:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2015-04-20 17:29 - 2015-03-13 04:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-04-20 17:29 - 2015-03-13 04:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-04-20 17:29 - 2015-03-13 04:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-04-20 17:29 - 2015-03-13 04:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-04-20 17:29 - 2015-03-13 03:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2015-04-20 17:29 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-04-20 17:29 - 2015-03-13 03:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-04-20 17:29 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-04-20 17:29 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-04-20 17:29 - 2015-03-13 03:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-04-20 17:29 - 2015-03-13 03:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-04-20 17:29 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-04-20 17:29 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-04-20 17:29 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-04-20 17:29 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2015-04-20 17:28 - 2015-03-22 23:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-04-20 17:28 - 2015-03-04 11:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2015-04-20 17:28 - 2015-03-04 04:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2015-04-20 17:28 - 2015-03-04 03:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2015-04-15 01:51 - 2015-03-14 09:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-04-15 01:51 - 2015-03-14 02:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-04-15 01:51 - 2015-03-14 02:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-04-15 01:51 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-04-15 01:51 - 2015-03-14 02:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-04-15 01:51 - 2015-03-14 02:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-04-15 01:51 - 2015-03-14 01:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-04-15 01:51 - 2015-03-14 01:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-04-15 01:51 - 2015-03-14 01:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-04-15 01:51 - 2015-03-14 01:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2015-04-15 01:51 - 2015-03-14 01:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2015-04-15 01:51 - 2015-03-14 01:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-04-15 01:51 - 2015-03-14 01:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-04-15 01:51 - 2015-03-14 01:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-04-15 01:51 - 2015-03-14 01:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-04-15 01:51 - 2015-03-14 01:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-04-15 01:51 - 2015-03-14 00:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-04-15 01:51 - 2015-03-14 00:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-05-15 13:25 - 2015-02-15 22:21 - 01263772 _____ () C:\Windows\WindowsUpdate.log
    2015-05-15 13:04 - 2014-06-19 21:44 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-15 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-05-15 12:08 - 2014-06-19 20:49 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1001
    2015-05-15 11:46 - 2014-01-30 06:45 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
    2015-05-15 11:43 - 2014-01-30 06:25 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-15 11:39 - 2014-09-08 04:09 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-15 11:39 - 2014-06-19 21:44 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-15 11:39 - 2014-06-19 20:45 - 00000000 ___DO () C:\Users\Sabira\SkyDrive
    2015-05-15 11:38 - 2015-04-10 21:19 - 00006448 _____ () C:\Windows\setupact.log
    2015-05-15 11:38 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-15 11:38 - 2013-08-22 14:25 - 01048576 ___SH () C:\Windows\system32\config\BBI
    2015-05-15 11:28 - 2014-09-08 04:09 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-15 11:28 - 2014-09-08 04:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-15 11:28 - 2014-09-08 04:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-05-15 11:09 - 2014-06-19 20:51 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2721A28C-B303-4BB3-8F48-1A3927178477}
    2015-05-15 11:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
    2015-05-14 10:31 - 2014-06-20 02:31 - 00000000 ____D () C:\Users\Sabira\AppData\Roaming\Skype
    2015-05-13 19:39 - 2014-11-23 14:28 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
    2015-05-13 19:37 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
    2015-05-13 19:33 - 2014-11-23 14:29 - 00000000 ____D () C:\ProgramData\BlueStacks
    2015-05-13 19:33 - 2014-11-23 14:29 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
    2015-05-13 19:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2015-05-13 12:56 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
    2015-05-08 19:12 - 2015-03-18 17:11 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
    2015-05-07 21:58 - 2014-06-19 20:42 - 00000000 ____D () C:\Users\Sabira
    2015-05-06 23:17 - 2014-01-30 06:44 - 00000000 ____D () C:\Program Files (x86)\McAfee
    2015-05-06 22:58 - 2014-06-21 03:57 - 00000000 ____D () C:\Users\Sabira\AppData\Local\CrashDumps
    2015-05-01 19:23 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\CanonIJPLM
    2015-04-29 19:38 - 2014-01-30 06:18 - 00000000 ____D () C:\Windows\SysWOW64\NV
    2015-04-29 19:38 - 2014-01-30 06:18 - 00000000 ____D () C:\Windows\system32\NV
    2015-04-29 16:50 - 2014-01-30 06:14 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-04-24 21:05 - 2014-09-30 11:36 - 00000000 ____D () C:\Users\shami_000
    2015-04-24 21:05 - 2014-08-07 02:15 - 00000000 ____D () C:\Users\yamee_000
    2015-04-24 21:05 - 2014-07-24 13:12 - 00000000 ____D () C:\Users\fatem_000
    2015-04-23 17:13 - 2014-06-24 23:11 - 00000000 ____D () C:\Users\Sabira\AppData\Local\Microsoft Help
    2015-04-22 16:12 - 2015-03-18 17:12 - 00003916 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2015-04-22 14:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
    2015-04-21 18:34 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
    2015-04-20 23:30 - 2014-12-11 03:47 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-04-20 23:30 - 2014-07-10 01:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-04-20 19:42 - 2014-06-19 22:11 - 00000000 ____D () C:\Windows\system32\MRT
    2015-04-20 19:38 - 2014-06-24 23:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-04-20 19:38 - 2014-06-19 22:11 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Files in the root of some directories =======

    2014-09-08 02:45 - 2014-09-08 02:45 - 0000318 _____ () C:\Users\Sabira\AppData\Roaming\aps.uninstall.scan.results
    2014-09-08 02:44 - 2014-09-08 02:44 - 0616240 _____ (ClickMeIn Limited) C:\Users\Sabira\AppData\Local\nss5B63.tmp
    2014-01-30 06:15 - 2014-01-30 06:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2014-01-30 06:41 - 2014-01-30 06:42 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
    2014-01-30 06:39 - 2014-01-30 06:39 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    2014-01-30 06:39 - 2014-01-30 06:40 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
    2014-01-30 06:40 - 2014-01-30 06:41 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
    2014-01-30 06:39 - 2014-01-30 06:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

    Some content of TEMP:
    ====================
    C:\Users\fatem_000\AppData\Local\Temp\SkypeSetup.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-15 13:23

    ==================== End Of Log ============================
     
  7. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
    NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

    Next,

    Please open Malwarebytes Anti-Malware.

    • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
    • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
    • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • With some infections, you may see this message box.

      'Could not load DDA driver'
    • Click 'Yes' to this message, to allow the driver to load after a restart.
    • Allow the computer to restart. Continue with the rest of these instructions.
    • When the scan is complete, click Apply Actions.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    • After the restart once you are back at your desktop, open MBAM once more.

    To get the log from Malwarebytes do the following:

    • Click on the History tab > Application Logs.
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


    If Malwarebytes is not installed follow these instructions first:

    Download Malwarebytes Anti-Malware to your desktop.
    • Double-click mbam-setup and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish. Follow the instructions above....

    Next,

    Download AdwCleaner by Xplode onto your Desktop.
    • Double click on Adwcleaner.exe to run the tool.
    • Click on Scan
    • Once the scan is done, click on the Clean button. <<<--- Ensure this option is completed
    • You will get a prompt asking to close all programs. Click OK.
    • Click OK again to reboot your computer.
    • A text file will open after the restart. Please post the content of that logfile in your reply.
    • You can also find the logfile at C:\AdwCleaner[Sn].txt. Where n in the scan reference number

    Next,

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    Next,

    Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop
    Ensure to get the correct version for your system....
    32 Bit version:
    https://www.microsoft.com/downloads...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
    64 Bit version:
    https://www.microsoft.com/downloads...DE-367F-495E-94E7-6349F4EFFC74&displaylang=en

    Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
    In the "Scan Type" window, select Quick Scan
    Perform a scan and Click Finish when the scan is done.
    Retrieve the MSRT log as follows, and post it in your next reply:

    1) Select the Windows key and R key together to open the "Run" function
    2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

    notepad c:\windows\debug\mrt.log

    Let me see those logs, also let le know if there are any remaining issues or concerns...

    Thanks,

    Kevin.....
     

    Attached Files:

  8. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    Hi Kevin,

    Thanks for the reply. I did as you have instructed.

    Let me know what is your reply. *fingers crossed*

    Compash

    Fixlog.txt

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 02
    Ran by Sabira at 2015-05-15 17:18:42 Run:1
    Running from C:\Users\Sabira\Desktop
    Loaded Profiles: Sabira (Available profiles: Sabira & fatem_000 & shami_000 & yamee_000)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    Start
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:55779;https=127.0.0.1:55779
    CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyC tN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2 Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0D zz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0 FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=
    S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
    Task: {F8723268-7917-44DE-9E3D-2670C5B0D421} - \ASP No Task File <==== ATTENTION
    Emptytemp:
    End
    *****************

    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
    C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
    C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
    C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
    Chrome HomePage deleted successfully.
    PCDSRVC{3B54B31B-D06B6431-06020200}_0 => Service deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F8723268-7917-44DE-9E3D-2670C5B0D421}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8723268-7917-44DE-9E3D-2670C5B0D421}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASP" => Key deleted successfully.
    EmptyTemp: => Removed 1.2 GB temporary data.


    The system needed a reboot.

    ==== End of Fixlog 17:19:24 ====



    Anti-Malware application log

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 15/05/2015
    Scan Time: 17:28:06
    Logfile:
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.15.03
    Rootkit Database: v2015.05.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Sabira

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 483005
    Time Elapsed: 8 min, 4 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 1
    PUP.Optional.Astromenda.A, C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0Dzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=",), Replaced,[529dfa99b6d40e282c5a75e864a24cb4]

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    AdwCleaner Logfile

    # AdwCleaner v4.204 - Logfile created 15/05/2015 at 18:11:51
    # Updated 12/05/2015 by Xplode
    # Database : 2015-05-12.2 [Server]
    # Operating system : Windows 8.1 (x64)
    # Username : Sabira - HOMEOFFICE
    # Running from : C:\Users\Sabira\Desktop\adwcleaner_4.204.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\apn
    Folder Deleted : C:\ProgramData\Systweak
    Folder Deleted : C:\Program Files (x86)\globalUpdate
    Folder Deleted : C:\Program Files (x86)\predm
    Folder Deleted : C:\Program Files (x86)\Common Files\IMGUpdater
    Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
    Folder Deleted : C:\Users\Sabira\AppData\Local\globalUpdate
    Folder Deleted : C:\Users\Sabira\AppData\Roaming\ap_logs
    Folder Deleted : C:\Users\Sabira\AppData\Roaming\DesktopIconForAmazon
    Folder Deleted : C:\Users\Sabira\AppData\Roaming\Systweak
    File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
    File Deleted : C:\Windows\Reimage.ini
    File Deleted : C:\Users\Sabira\AppData\Roaming\aps.uninstall.scan.results

    ***** [ Scheduled tasks ] *****

    Task Deleted : LaunchSignup

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
    Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
    Key Deleted : HKCU\Software\AnyProtect
    Key Deleted : HKCU\Software\GlobalUpdate
    Key Deleted : HKCU\Software\InstalledBrowserExtensions
    Key Deleted : HKCU\Software\OCS
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\Reimage
    Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
    Key Deleted : HKLM\SOFTWARE\systweak
    Key Deleted : HKLM\SOFTWARE\TermTutor
    Key Deleted : HKLM\SOFTWARE\SPPDCOM
    Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
    Key Deleted : [x64] HKLM\SOFTWARE\Reimage
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\start.iminent.com
    Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:55779;hxxps=127.0.0.1:55779
    Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
    Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Google Chrome v42.0.2311.152

    [C:\Users\fatem_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
    [C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : nbljechdpodpbchbmjcoamidppmpnmlc
    [C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : pfkfdlcdbajamklbneflfbcmfgddmpae
    [C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0Dzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=
    [C:\Users\shami_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
    [C:\Users\yamee_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [6900 bytes] - [15/05/2015 18:04:32]
    AdwCleaner[S0].txt - [6437 bytes] - [15/05/2015 18:11:51]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6496 bytes] ##########





    Junkware Removal Tool

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.7.1 (05.14.2015:1)
    OS: Windows 8.1 x64
    Ran by Sabira on 15/05/2015 at 18:20:37.19
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Tasks

    Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1001
    Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1003
    Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1004
    Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1005
    Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1006
    Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask
    Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] C:\ProgramData\pcdr
    Successfully deleted: [Folder] C:\Users\Sabira\AppData\Roaming\pcdr





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 15/05/2015 at 18:22:26.92
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  9. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34

    Microsoft Windows Malicious Software Removal Tool log



    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Fri Apr 10 15:05:06 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Fri Apr 10 15:10:49 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 10 15:11:16 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Fri Apr 10 15:15:21 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 10 15:15:31 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Fri Apr 10 17:37:58 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 10 17:38:12 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Fri Apr 10 20:45:53 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 10 20:46:06 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 13:22:42 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 13:24:02 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 13:59:03 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 13:59:10 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 14:44:22 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 14:44:28 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 15:44:21 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 15:46:41 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 15:48:48 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 15:48:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 16:30:20 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 16:30:24 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 16:34:55 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 16:34:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 17:18:06 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 17:18:24 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 17:21:11 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 17:21:13 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 17:23:09 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 17:23:10 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 19:31:22 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 19:31:26 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 19:35:44 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 19:35:46 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 22:37:54 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 22:38:04 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sat Apr 11 22:51:33 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 11 22:52:20 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 02:38:22 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 13:58:45 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 12 14:00:13 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 16:47:30 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 16:55:41 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 12 16:55:54 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 17:00:45 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 12 17:00:46 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 17:29:54 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 12 17:30:02 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 17:46:00 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 12 17:46:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 18:23:05 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 12 18:23:06 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Sun Apr 12 20:30:55 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 12 20:31:03 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 01:02:52 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 01:02:53 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 02:49:34 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 02:49:35 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 02:54:37 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 02:54:38 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 16:51:59 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 16:53:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 18:33:28 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 18:33:38 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 18:38:30 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 18:38:31 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 18:43:15 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 18:43:16 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 19:03:44 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 19:03:47 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 19:11:56 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 19:11:57 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 19:19:26 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 19:19:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 19:31:09 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 19:31:10 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 20:26:29 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 20:26:40 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 13 20:31:32 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 13 20:31:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 14:48:30 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 14:49:58 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 16:09:08 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 16:09:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 16:14:06 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 16:14:07 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 16:37:45 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 16:37:53 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 18:00:28 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 18:00:41 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 18:33:49 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 18:34:10 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 20:26:34 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 20:26:44 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Tue Apr 14 21:01:29 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 14 21:01:32 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Wed Apr 15 05:03:42 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 15 05:05:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Wed Apr 15 18:36:59 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 15 18:37:48 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Wed Apr 15 19:17:34 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 15 19:17:35 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 04:03:57 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 04:03:58 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 04:30:22 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 04:35:15 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 04:35:29 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 05:47:44 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 15:31:15 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 15:32:50 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 16:01:11 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 16:01:30 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 16:06:14 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 16:06:15 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 18:21:15 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 18:21:26 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 18:27:20 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 18:27:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 19:48:23 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 19:50:07 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 21:01:04 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 21:09:04 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 21:09:05 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 21:19:36 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 21:20:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 21:28:35 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 21:28:52 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 21:42:28 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Thu Apr 16 21:47:32 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 16 21:47:38 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Fri Apr 17 00:31:25 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 17 00:32:09 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)
    Started On Mon Apr 20 19:34:18 2015

    Engine: 1.1.11400.0
    Signatures: 1.193.1181.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 20 19:36:51 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 20 19:38:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0

    Results Summary:
    ----------------
    No infection found.
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 20 19:42:15 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 20 19:45:06 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 20 19:45:12 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 20 19:52:02 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 20 19:52:09 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 20 21:04:53 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 20 21:04:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue Apr 21 18:29:14 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 21 18:29:25 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue Apr 21 23:33:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 21 23:33:32 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 12:38:43 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 14:32:51 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 14:32:58 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 15:27:09 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 15:31:56 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 15:32:13 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 15:42:12 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 15:42:26 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 15:46:39 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 15:46:48 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 15:51:39 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 15:51:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 15:56:36 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 15:56:37 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 16:01:11 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 16:01:12 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 16:06:07 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 16:06:09 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 22 17:00:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 22 17:00:32 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 12:46:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 13:53:49 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 13:53:59 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 16:48:05 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 16:48:29 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 17:03:34 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 17:03:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 17:42:32 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 17:42:34 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 18:10:56 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 18:11:03 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 18:55:32 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 18:55:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 20:04:22 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 20:04:24 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 20:09:26 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 20:09:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 20:32:24 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 20:32:26 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 20:34:48 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 20:34:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 20:39:44 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 20:39:46 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 22:53:40 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 22:53:41 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 23 22:59:07 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 22:59:09 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri Apr 24 03:20:53 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 24 03:20:58 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri Apr 24 11:43:11 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 24 11:44:05 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri Apr 24 12:15:04 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 24 12:16:57 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri Apr 24 12:23:40 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 24 12:24:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri Apr 24 14:19:56 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 24 14:20:14 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 13:45:18 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 13:50:22 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 13:50:30 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 14:55:41 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 14:59:53 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 15:04:57 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 15:05:13 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 16:43:29 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 17:26:37 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 17:26:39 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 17:35:49 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 17:35:50 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 18:24:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 18:24:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 19:14:51 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 19:15:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 19:47:57 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 19:48:06 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat Apr 25 20:22:30 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 25 20:22:40 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 04:01:43 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 04:01:45 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 04:54:21 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 04:54:40 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 04:58:47 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 04:58:48 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 05:23:05 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 05:23:13 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 05:27:45 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 05:27:47 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 05:32:43 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 05:32:45 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 05:38:37 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 05:38:39 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 05:43:34 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 05:43:35 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 06:18:30 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 06:18:32 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 06:22:46 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 06:22:47 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 06:26:54 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 06:26:57 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 06:31:51 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 06:31:52 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 07:01:06 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 07:01:17 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 07:18:28 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 07:18:47 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 10:11:40 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 10:11:55 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 10:15:30 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 10:15:32 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 10:59:22 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 10:59:24 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 11:37:08 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 11:37:10 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 11:59:27 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 11:59:28 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 12:23:16 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 12:23:20 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 18:24:07 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 18:25:29 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun Apr 26 20:57:16 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 26 20:57:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 02:06:00 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 02:10:54 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 27 02:10:55 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 03:16:41 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 27 03:16:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 20:21:54 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 27 20:22:05 2015
     
  10. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 20:33:36 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 27 20:33:37 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 20:37:58 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 27 20:37:59 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 20:42:55 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 27 20:42:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon Apr 27 22:54:57 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon Apr 27 22:54:58 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue Apr 28 04:43:07 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue Apr 28 07:28:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 28 07:36:18 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue Apr 28 20:28:23 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue Apr 28 20:28:46 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 29 20:43:23 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 29 20:47:43 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 29 20:47:52 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 29 22:35:21 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 29 22:39:55 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 29 22:39:57 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed Apr 29 23:52:52 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 29 23:53:03 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 30 00:57:56 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 30 00:58:12 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 30 03:35:49 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 30 03:35:57 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 30 11:11:44 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 30 12:00:49 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 30 12:01:11 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu Apr 30 16:03:18 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 30 16:03:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 01 03:54:26 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 01 03:55:20 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 01 03:57:56 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 01 03:58:07 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 01 04:03:06 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 01 04:04:24 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 01 04:08:23 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 01 04:08:41 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 01 04:44:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 01 04:44:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 01 10:11:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 01 10:11:40 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 01 13:19:27 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 01 13:19:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 11:33:35 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 11:34:18 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 11:40:53 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 11:46:30 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 11:46:42 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 11:50:55 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 11:51:08 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 11:55:49 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 11:55:51 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 12:01:21 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 12:01:23 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 12:06:21 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 12:06:23 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 12:11:18 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 12:11:20 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 12:35:40 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 12:35:59 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 02 13:01:39 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 02 13:01:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 03 01:00:56 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 03 01:00:57 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon May 04 14:06:37 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon May 04 14:08:42 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon May 04 16:21:40 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon May 04 16:21:43 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 05 15:35:36 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 05 15:50:14 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 05 15:57:41 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue May 05 15:57:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 05 16:13:04 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue May 05 16:13:05 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 05 16:22:07 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 05 17:24:26 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue May 05 17:24:43 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 05 18:00:57 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue May 05 18:01:05 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 01:42:22 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 01:42:23 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 01:47:25 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 01:47:26 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 01:51:44 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 01:51:45 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 02:18:00 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 02:18:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 14:34:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 14:34:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 14:38:40 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 14:38:42 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 14:54:02 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 14:54:03 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 14:58:30 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 14:58:32 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 17:35:25 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 17:36:04 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 17:59:03 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 17:59:05 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 06 19:49:49 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 06 19:50:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 08 14:47:03 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 08 14:48:10 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 08 15:05:37 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 08 15:05:45 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 14:22:05 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 14:27:06 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 14:27:17 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 15:30:06 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 15:45:26 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 15:46:00 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 16:13:23 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 16:13:34 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 16:18:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 16:18:21 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 17:28:09 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 17:28:20 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 17:30:36 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 17:30:37 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 18:47:11 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 18:47:46 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 18:52:13 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 18:52:14 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 19:28:37 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 19:28:38 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 19:33:39 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 19:33:40 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sat May 09 21:27:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sat May 09 21:27:38 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 01:14:50 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 01:15:03 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 01:27:48 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 01:27:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 13:46:49 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 13:51:48 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 13:52:02 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 14:25:29 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 14:25:40 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 14:55:16 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 14:55:35 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 16:58:36 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 16:58:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 17:59:57 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 18:00:10 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 18:23:57 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 18:24:09 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 19:03:26 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 19:03:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 19:10:23 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 19:10:25 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Sun May 10 19:15:20 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Sun May 10 19:15:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon May 11 00:01:53 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon May 11 14:00:26 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon May 11 14:05:16 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon May 11 14:10:30 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Mon May 11 15:17:25 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Mon May 11 15:17:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 12 03:22:38 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue May 12 03:22:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 12 04:45:15 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 12 14:30:25 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 12 14:35:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue May 12 14:35:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Tue May 12 15:06:45 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Tue May 12 15:06:55 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 01:03:31 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 01:03:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 01:08:34 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 01:08:35 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 02:42:30 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 02:42:31 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 13:12:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 13:14:35 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 14:03:17 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 14:03:53 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 14:26:00 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 14:26:17 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 14:55:52 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 14:56:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 15:00:14 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 15:00:15 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Wed May 13 15:13:25 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 15:13:38 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 03:36:27 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 03:36:35 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 03:45:11 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 03:45:12 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 04:37:48 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 04:37:51 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 04:40:14 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 04:40:15 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 04:44:15 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 04:44:46 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 04:49:43 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 04:51:08 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 04:54:25 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 04:55:53 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 05:09:14 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 05:09:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 05:39:18 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 05:39:26 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 05:43:25 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 05:43:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 05:54:00 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 05:54:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 06:01:32 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 06:01:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 06:07:00 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 06:07:01 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 06:08:10 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 06:08:11 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 06:13:06 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 06:13:08 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 09:26:22 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 09:26:24 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 09:31:36 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 09:31:38 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 09:36:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 09:36:34 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 10:21:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 10:21:20 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 10:41:27 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 10:41:29 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 10:44:25 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 10:44:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 10:48:26 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 10:48:27 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 10:49:38 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 10:49:39 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 10:54:34 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 10:54:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 12:27:28 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 12:27:37 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 12:45:31 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 12:45:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 12:53:48 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 12:53:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 12:55:45 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 12:55:46 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 13:31:00 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 13:31:18 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 14:29:29 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 14:38:27 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 14:38:30 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 16:20:33 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 16:20:41 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 17:49:01 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 17:49:02 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 17:53:29 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 17:53:30 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 20:02:48 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 20:02:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 20:06:40 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 20:06:41 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 21:19:22 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 21:19:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 21:23:53 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 21:23:55 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 22:02:13 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 22:02:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 22:18:47 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 22:18:49 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 22:26:17 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 22:26:18 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 22:45:46 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 22:45:55 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Thu May 14 22:54:53 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 22:54:55 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 00:36:02 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 00:36:13 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 00:40:35 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 00:40:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 12:09:12 2015


    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 12:19:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 12:19:33 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 14:21:48 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 14:23:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 14:58:24 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 14:59:45 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 15:03:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 15:04:22 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 17:42:19 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 17:42:47 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 17:47:30 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 17:47:36 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
    Started On Fri May 15 17:51:54 2015

    Engine: 1.1.11502.0
    Signatures: 1.195.1215.0
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 17:51:56 2015


    Return code: 0 (0x0)

    ---------------------------------------------------------------------------------------
    Microsoft Windows Malicious Software Removal Tool v5.24, May 2015 (build 5.24.11401.0)
    Started On Fri May 15 18:27:51 2015

    Engine: 1.1.11602.0
    Signatures: 1.197.1100.0

    Results Summary:
    ----------------
    No infection found.
    Microsoft Windows Malicious Software Removal Tool Finished On Fri May 15 18:31:08 2015


    Return code: 0 (0x0)
     
  11. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    Thanks for those logs, run FRST again see if we`ve missed anything:

    Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....Also give an update on any remaining issues or concerns.

    Thanks,

    Kevin....
     
  12. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    Hi Kevin,

    Thank you for the reply. When I scan Malwarebytes Anti-Malware, I still have PUP.Optional.Astromenda.A even though I tried to fix it many times with Malwarebytes Anti-Malware, and it will say it is fixed, but it keep coming back every single time.

    Many thanks in advance for your time.

    Compash

    Malwarebytes Anti-Malware

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 15/05/2015
    Scan Time: 20:57:10
    Logfile:
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.15.05
    Rootkit Database: v2015.05.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Sabira

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 475701
    Time Elapsed: 6 min, 57 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 1
    PUP.Optional.Astromenda.A, C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0Dzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=",), Replaced,[18d96f245a307abcad35f36ab551966a]

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    FRST.txt

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 02
    Ran by Sabira (administrator) on HOMEOFFICE on 15-05-2015 20:50:27
    Running from C:\Users\Sabira\Desktop
    Loaded Profiles: Sabira (Available profiles: Sabira & fatem_000 & shami_000 & yamee_000)
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
    (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
    (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-14] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-08-15] (Qualcomm®Atheros®)
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [PrtScr by FireStarter] => C:\Program Files (x86)\PrtScr\PrtScr.exe [2766336 2013-07-14] ()
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Run: [GoogleChromeAutoLaunch_3C1B2192D11FF988E69B64C631FA80BC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-05-05] (Google Inc.)
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [387536 2013-08-02] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [326224 2013-08-02] (NVIDIA Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-01-30]
    ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-01-30]
    ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{99D8B059-63AA-415B-A8F3-48A4F6E3D867}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
    ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
    ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
    ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
    ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:55779;https=127.0.0.1:55779
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> {822BB52E-9C4D-4C06-B7CB-6BB3CE1D6F13} URL =
    SearchScopes: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> {C2955A86-4974-4F3B-A59F-E7134FF2A874} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB977D20150203&p={searchTerms}
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-08-15] (Qualcomm®Atheros®)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
    BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
    BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
    Toolbar: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-17] (McAfee, Inc.)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-03]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-30]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyC0A0C0EyEtAyCzz0CzyyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByEtByEzz0ByDtGtCyC0FtBtG0AtCyE0EtGyB0DyEyEtGyByCzz0BzytD0AtA0Dzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0E0DyEtByE0E0BtG0A0DyByCtGyEyB0BtCtG0Bzy0FtDtG0E0DzzyC0ByB0CyE0B0AyBtA2Q&cr=231831904&ir=
    CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Adblock Plus) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-16]
    CHR Extension: (Pushbullet) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-03-28]
    CHR Extension: (SiteAdvisor) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-17]
    CHR Extension: (AdBlock) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-08]
    CHR Extension: (Bookmark Manager) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
    CHR Extension: (Hangouts) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-09-11]
    CHR Extension: (Google Wallet) - C:\Users\Sabira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-19]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-06]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-06]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-15] (Windows (R) Win 7 DDK provider) [File not signed]
    S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
    S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
    S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    S2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [131072 2013-05-18] () [File not signed]
    S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
    S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
    S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [210808 2015-02-10] (Dell Inc.)
    R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
    R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
    R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-13] ()
    S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-04-17] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
    S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
    S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
    S2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-15] (Qualcomm Atheros) [File not signed]
    S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
    S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-12] (SoftThinks SAS)
    S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 akwbx; C:\Windows\system32\DRIVERS\akwbx64.sys [3862736 2013-07-27] (Qualcomm Atheros, Inc.)
    R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-14] (Qualcomm Atheros, Inc.)
    R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-08-15] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
    R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
    R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-09] ()
    R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-09] ()
    R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-08] ()
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-08] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-15] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
    S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2015-05-08] ()
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-05-15 20:02 - 2015-05-15 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-05-15 18:27 - 2015-05-15 18:27 - 51789024 _____ (Microsoft Corporation) C:\Users\Sabira\Desktop\Windows-KB890830-x64-V5.24.exe
    2015-05-15 18:22 - 2015-05-15 20:07 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1001
    2015-05-15 18:22 - 2015-05-15 18:22 - 00001553 _____ () C:\Users\Sabira\Desktop\JRT.txt
    2015-05-15 18:20 - 2015-05-15 18:20 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HOMEOFFICE-Windows-8.1-(64-bit).dat
    2015-05-15 18:20 - 2015-05-15 18:20 - 00000000 ____D () C:\RegBackup
    2015-05-15 18:17 - 2015-05-15 18:17 - 02721175 _____ (Thisisu) C:\Users\Sabira\Desktop\JRT.exe
    2015-05-15 18:13 - 2015-05-15 18:13 - 00000000 ___RD () C:\Users\Sabira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2015-05-15 16:44 - 2015-05-15 18:11 - 00000000 ____D () C:\AdwCleaner
    2015-05-15 16:43 - 2015-05-15 16:43 - 02209792 _____ () C:\Users\Sabira\Desktop\adwcleaner_4.204.exe
    2015-05-15 13:33 - 2015-05-15 20:50 - 00026840 _____ () C:\Users\Sabira\Desktop\FRST.txt
    2015-05-15 13:33 - 2015-05-15 20:50 - 00000000 ____D () C:\FRST
    2015-05-15 13:33 - 2015-05-15 13:34 - 00034869 _____ () C:\Users\Sabira\Desktop\Addition.txt
    2015-05-15 13:32 - 2015-05-15 13:32 - 02106368 _____ (Farbar) C:\Users\Sabira\Desktop\FRST64.exe
    2015-05-13 19:37 - 2015-05-13 19:37 - 00001838 _____ () C:\Users\Public\Desktop\Apps.lnk
    2015-05-13 19:37 - 2015-05-13 19:37 - 00001821 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
    2015-05-13 19:33 - 2015-05-13 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
    2015-05-13 00:38 - 2015-04-24 22:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 00:38 - 2015-03-05 00:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-09 14:03 - 2015-05-11 16:16 - 00000000 ____D () C:\Users\Sabira\Documents\Bluetooth Folder
    2015-05-08 23:01 - 2015-05-08 23:01 - 00509440 _____ (Tech Support Guy System) C:\Users\Sabira\Downloads\SysInfo.exe
    2015-05-08 18:04 - 2015-05-08 18:04 - 13232896 _____ (DELL INC.) C:\Users\Sabira\Downloads\XPS_2720_A07.EXE
    2015-05-08 18:04 - 2015-05-08 18:04 - 00031152 _____ () C:\Windows\system32\Drivers\pmxdrv.sys
    2015-05-07 22:38 - 2015-05-07 22:38 - 00069611 _____ () C:\Users\Sabira\Desktop\sfcdetails.text
    2015-05-06 23:22 - 2015-05-14 03:08 - 00000000 ____D () C:\Users\Sabira\Desktop\Cattery Bussiness and Buildings
    2015-04-24 19:19 - 2015-04-24 19:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2015-04-24 19:19 - 2015-04-24 19:23 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-04-24 19:19 - 2015-04-24 19:19 - 00001409 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2015-04-24 19:19 - 2015-04-24 19:19 - 00001397 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2015-04-24 19:19 - 2015-04-24 19:19 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2015-04-24 19:19 - 2015-04-24 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2015-04-24 19:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2015-04-24 19:18 - 2015-04-24 19:18 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sabira\Downloads\spybot-2.4.exe
    2015-04-22 12:00 - 2015-05-15 17:20 - 00002600 _____ () C:\Windows\PFRO.log
    2015-04-21 17:53 - 2015-03-14 09:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2015-04-21 17:53 - 2015-03-14 09:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2015-04-20 17:30 - 2015-03-23 22:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-04-20 17:30 - 2015-03-23 22:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-04-20 17:30 - 2015-03-23 22:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-04-20 17:30 - 2015-03-23 22:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-04-20 17:30 - 2015-03-23 22:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-04-20 17:30 - 2015-03-20 05:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
    2015-04-20 17:30 - 2015-03-20 05:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-04-20 17:30 - 2015-03-20 05:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-04-20 17:30 - 2015-03-20 04:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-04-20 17:30 - 2015-03-20 03:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-04-20 17:30 - 2015-03-20 03:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-04-20 17:30 - 2015-03-20 03:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-04-20 17:30 - 2015-03-13 05:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-04-20 17:30 - 2015-03-13 04:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-04-20 17:30 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-04-20 17:30 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2015-04-20 17:30 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2015-04-20 17:30 - 2015-02-21 00:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2015-04-20 17:29 - 2015-03-13 05:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-04-20 17:29 - 2015-03-13 05:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-04-20 17:29 - 2015-03-13 04:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-04-20 17:29 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-04-20 17:29 - 2015-03-13 04:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-04-20 17:29 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-04-20 17:29 - 2015-03-13 04:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2015-04-20 17:29 - 2015-03-13 04:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-04-20 17:29 - 2015-03-13 04:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-04-20 17:29 - 2015-03-13 04:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-04-20 17:29 - 2015-03-13 04:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-04-20 17:29 - 2015-03-13 03:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2015-04-20 17:29 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-04-20 17:29 - 2015-03-13 03:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-04-20 17:29 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-04-20 17:29 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-04-20 17:29 - 2015-03-13 03:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-04-20 17:29 - 2015-03-13 03:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-04-20 17:29 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-04-20 17:29 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-04-20 17:29 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-04-20 17:29 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2015-04-20 17:28 - 2015-03-22 23:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-04-20 17:28 - 2015-03-22 23:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-04-20 17:28 - 2015-03-04 11:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2015-04-20 17:28 - 2015-03-04 04:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2015-04-20 17:28 - 2015-03-04 03:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2015-04-15 01:51 - 2015-03-14 09:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-04-15 01:51 - 2015-03-14 02:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-04-15 01:51 - 2015-03-14 02:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-04-15 01:51 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-04-15 01:51 - 2015-03-14 02:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-04-15 01:51 - 2015-03-14 02:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-04-15 01:51 - 2015-03-14 01:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-04-15 01:51 - 2015-03-14 01:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-04-15 01:51 - 2015-03-14 01:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-04-15 01:51 - 2015-03-14 01:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2015-04-15 01:51 - 2015-03-14 01:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2015-04-15 01:51 - 2015-03-14 01:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-04-15 01:51 - 2015-03-14 01:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-04-15 01:51 - 2015-03-14 01:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-04-15 01:51 - 2015-03-14 01:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-04-15 01:51 - 2015-03-14 01:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-04-15 01:51 - 2015-03-14 00:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-04-15 01:51 - 2015-03-14 00:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-05-15 20:04 - 2015-02-15 22:21 - 01428972 _____ () C:\Windows\WindowsUpdate.log
    2015-05-15 20:04 - 2014-06-19 21:44 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-15 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-05-15 18:42 - 2014-06-19 20:45 - 00000000 __RDO () C:\Users\Sabira\SkyDrive
    2015-05-15 18:39 - 2014-09-08 04:09 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-15 18:20 - 2014-01-30 06:45 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
    2015-05-15 18:17 - 2014-01-30 06:25 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-15 18:13 - 2014-06-19 21:44 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-15 18:12 - 2015-04-10 21:19 - 00006962 _____ () C:\Windows\setupact.log
    2015-05-15 18:12 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-15 18:12 - 2013-08-22 14:25 - 01048576 ___SH () C:\Windows\system32\config\BBI
    2015-05-15 17:41 - 2014-06-19 20:51 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2721A28C-B303-4BB3-8F48-1A3927178477}
    2015-05-15 17:20 - 2014-09-08 02:40 - 00000008 __RSH () C:\ProgramData\ntuser.pol
    2015-05-15 17:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2015-05-15 17:18 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
    2015-05-15 17:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
    2015-05-15 11:28 - 2014-09-08 04:09 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-15 11:28 - 2014-09-08 04:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-15 11:28 - 2014-09-08 04:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-05-15 11:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
    2015-05-14 10:31 - 2014-06-20 02:31 - 00000000 ____D () C:\Users\Sabira\AppData\Roaming\Skype
    2015-05-13 19:39 - 2014-11-23 14:28 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
    2015-05-13 19:37 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
    2015-05-13 19:33 - 2014-11-23 14:29 - 00000000 ____D () C:\ProgramData\BlueStacks
    2015-05-13 19:33 - 2014-11-23 14:29 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
    2015-05-13 12:56 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
    2015-05-08 19:12 - 2015-03-18 17:11 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
    2015-05-07 21:58 - 2014-06-19 20:42 - 00000000 ____D () C:\Users\Sabira
    2015-05-06 23:17 - 2014-01-30 06:44 - 00000000 ____D () C:\Program Files (x86)\McAfee
    2015-05-06 22:58 - 2014-06-21 03:57 - 00000000 ____D () C:\Users\Sabira\AppData\Local\CrashDumps
    2015-05-01 19:23 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\CanonIJPLM
    2015-04-30 10:07 - 2014-06-19 22:11 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-04-29 19:38 - 2014-01-30 06:18 - 00000000 ____D () C:\Windows\SysWOW64\NV
    2015-04-29 19:38 - 2014-01-30 06:18 - 00000000 ____D () C:\Windows\system32\NV
    2015-04-29 16:50 - 2014-01-30 06:14 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-04-24 21:05 - 2014-09-30 11:36 - 00000000 ____D () C:\Users\shami_000
    2015-04-24 21:05 - 2014-08-07 02:15 - 00000000 ____D () C:\Users\yamee_000
    2015-04-24 21:05 - 2014-07-24 13:12 - 00000000 ____D () C:\Users\fatem_000
    2015-04-23 17:13 - 2014-06-24 23:11 - 00000000 ____D () C:\Users\Sabira\AppData\Local\Microsoft Help
    2015-04-22 16:12 - 2015-03-18 17:12 - 00003916 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2015-04-22 14:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
    2015-04-21 18:34 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
    2015-04-20 23:30 - 2014-12-11 03:47 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-04-20 23:30 - 2014-07-10 01:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-04-20 19:42 - 2014-06-19 22:11 - 00000000 ____D () C:\Windows\system32\MRT
    2015-04-20 19:38 - 2014-06-24 23:11 - 00000000 ____D () C:\ProgramData\Microsoft Help

    ==================== Files in the root of some directories =======

    2014-09-08 02:44 - 2014-09-08 02:44 - 0616240 _____ (ClickMeIn Limited) C:\Users\Sabira\AppData\Local\nss5B63.tmp
    2014-01-30 06:15 - 2014-01-30 06:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2014-01-30 06:41 - 2014-01-30 06:42 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
    2014-01-30 06:39 - 2014-01-30 06:39 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    2014-01-30 06:39 - 2014-01-30 06:40 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
    2014-01-30 06:40 - 2014-01-30 06:41 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
    2014-01-30 06:39 - 2014-01-30 06:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

    Some content of TEMP:
    ====================
    C:\Users\Sabira\AppData\Local\Temp\Quarantine.exe
    C:\Users\Sabira\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-15 15:02

    ==================== End Of Log ============================




    Addition.txt


    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 02
    Ran by Sabira at 2015-05-15 20:51:04
    Running from C:\Users\Sabira\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2771644027-2860193389-1954980343-500 - Administrator - Disabled)
    fatem_000 (S-1-5-21-2771644027-2860193389-1954980343-1004 - Limited - Enabled) => C:\Users\fatem_000
    Guest (S-1-5-21-2771644027-2860193389-1954980343-501 - Limited - Disabled)
    Sabira (S-1-5-21-2771644027-2860193389-1954980343-1001 - Administrator - Enabled) => C:\Users\Sabira
    shami_000 (S-1-5-21-2771644027-2860193389-1954980343-1005 - Limited - Enabled) => C:\Users\shami_000
    yamee_000 (S-1-5-21-2771644027-2860193389-1954980343-1006 - Limited - Enabled) => C:\Users\yamee_000

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
    FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
    Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
    Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.0 - Adobe Systems Incorporated.)
    Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
    ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{FF8455A9-21E8-457D-AC64-510A705D53B3}) (Version: 1.1.2.50 - ArcSoft)
    BitTorrent (HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\BitTorrent) (Version: 7.9.2.35144 - BitTorrent Inc.)
    BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
    BlueStacks Notification Center (HKLM-x32\...\{CF297F45-BB2C-4454-AEDA-EFAB01AFDCE3}) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
    Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
    Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
    Canon MG7100 series User Registration (HKLM-x32\...\Canon MG7100 series User Registration) (Version: - *Canon Inc.)
    Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
    Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
    Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
    Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
    Dell Update (HKLM-x32\...\{3F862535-33F3-4F3F-864E-6D4F6FD3258D}) (Version: 1.5.2000.0 - Dell Inc.)
    DELLOSD (HKLM-x32\...\{594E7534-5ECB-4FAC-B26F-583B0CFCBCEC}) (Version: 1.00.0006 - DELL)
    Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
    Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
    Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) Smart Connect Technology (HKLM\...\{9B5FD763-5074-474C-B898-24567E6450C8}) (Version: 4.2.40.2439 - Intel Corporation)
    Kodi (HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\Kodi) (Version: - XBMC-Foundation)
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
    McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.210 - McAfee, Inc.)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    PDFMate Free PDF Merger 1.0.8 (HKLM-x32\...\PDFMate Free PDF Merger_is1) (Version: - pdfmate.com)
    PerfV700_V750 User's Guide (HKLM-x32\...\PerfV700_V750 User's Guide) (Version: - )
    PrtScr 1.7 (HKLM-x32\...\PrtScr_is1) (Version: - FireStarter)
    Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.31.1053 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.1.300 - Qualcomm Atheros Communications) Hidden
    Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.31.1053 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Network Manager (Version: 1.0.31.1053 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Performance Suite (HKLM-x32\...\{F7C7EFEC-D7AB-4BDE-B5FA-D76231DA4E80}) (Version: 1.0.31.1053 - Qualcomm Atheros)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
    SilverFast Epson-SE 6.6.1r2b (HKLM-x32\...\SilverFast Epson-SE) (Version: - LaserSoft Imaging AG)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    08-05-2015 14:56:42 Scheduled Checkpoint
    13-05-2015 01:08:36 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {14641721-6E16-40CD-A4EE-B86BA1AB0B8E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {1DBCBE56-38DB-45E8-A600-A8A493E46D0C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {1E5C1056-AACB-42DD-851C-531272FC633F} - \Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1006 No Task File <==== ATTENTION
    Task: {208E31E3-3FCD-48B1-BF9E-242FF5584D4A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
    Task: {2D372F3D-06A7-4F5B-BD74-5254CC71E8DB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
    Task: {3FD92324-06BF-4DFF-B702-1C7B4581CFFB} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
    Task: {400BB0A6-89F9-43DC-BF42-3056EB62A018} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
    Task: {4997C862-57A0-417B-AA0E-D35A190DE21C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {4C65E53E-0AEF-4A49-9842-A3B3C51560B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
    Task: {633BC3C6-1F19-4998-859B-DFCBEC3D2E92} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
    Task: {6E4FBD85-F084-4E4B-A720-98259CDC32EB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {7452D166-04C2-4DB1-A5FE-A607D2730CAD} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
    Task: {83C9C36D-1B68-48A3-BB87-76C55E1A6CE6} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
    Task: {864D3E13-5C03-4906-B33A-C7B8EA3DFB22} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
    Task: {93710550-E8E4-4846-9858-D1E824535216} - \Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1005 No Task File <==== ATTENTION
    Task: {9EDAD025-F1D6-4509-8D9D-137EA2EB4DF5} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
    Task: {B6FEB39C-BEB1-406D-986B-D9FAE6D3ECD4} - \Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1003 No Task File <==== ATTENTION
    Task: {BC923CAD-AE82-4886-B6A6-4575DC1B98E4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {C4EBB37B-BF54-4F58-A310-0C2E69F57048} - \Optimize Start Menu Cache Files-S-1-5-21-2771644027-2860193389-1954980343-1004 No Task File <==== ATTENTION
    Task: {CEE2EF38-FCF8-49E9-8655-E065CDC856BB} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
    Task: {E69149DF-81FC-41D7-B301-6791C1EF3CCF} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2771644027-2860193389-1954980343-1001
    Task: {EF547238-D25B-46D1-9239-DC89003AD957} - \PCDEventLauncherTask No Task File <==== ATTENTION
    Task: {F23931A0-D44B-407D-83D1-0282969F8DC5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-01-30 05:21 - 2013-08-02 09:40 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-06-26 19:37 - 2013-05-14 10:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    2013-08-13 04:06 - 2013-08-13 04:06 - 00198120 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    2013-08-13 04:06 - 2013-08-13 04:06 - 00054760 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
    2013-08-13 04:06 - 2013-08-13 04:06 - 00034792 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
    2015-05-09 14:04 - 2015-05-09 14:05 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
    2015-04-24 19:19 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-04-24 19:19 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-04-24 19:19 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-04-24 19:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-04-24 19:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2014-01-30 06:30 - 2013-08-09 13:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
    2015-05-15 11:04 - 2015-05-05 05:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
    2015-05-15 11:04 - 2015-05-05 05:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
    2015-05-15 11:04 - 2015-05-05 05:06 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Users\fatem_000\OneDrive:ms-properties
    AlternateDataStreams: C:\Users\Sabira\SkyDrive:ms-properties
    AlternateDataStreams: C:\Users\shami_000\OneDrive:ms-properties
    AlternateDataStreams: C:\Users\yamee_000\OneDrive:ms-properties

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, the associated entry will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\...\skype.com -> hxxps://apps.skype.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2771644027-2860193389-1954980343-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\Wallpaper_Pirelli_FINAL.jpg
    DNS Servers: 192.168.0.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{CE95F662-1AAE-4774-85BF-558C8BAE6900}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{F7EF53B6-0F41-4780-B98E-F4ED80D28EA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
    FirewallRules: [{8D3CC3A6-1D74-4101-91FD-C486E0BA19CE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{0C47A2DC-DA98-4215-8027-28D4C0FA16A3}] => (Allow) LPort=2869
    FirewallRules: [{D425AF95-2FA5-4532-BBB8-1B197AB83F22}] => (Allow) LPort=1900
    FirewallRules: [{5EBD23DE-5F2F-4265-B6BA-871446A6A3A5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{057A051A-47AE-4841-B7CA-7EB24294C3A3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [TCP Query User{41560567-4A1A-408B-BC99-A4C2CAA3FC57}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{F0E8ADF6-7B14-4DAE-AC1E-B99D7DD22C89}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [TCP Query User{B121C86A-0F76-45AF-AADE-8C15EC013896}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{3E059A50-FA45-425A-88FF-11650DF99834}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{F1D29C0B-1483-477B-9E8C-288DEB0372C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/15/2015 06:12:13 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_DiagTrack, version: 6.3.9600.17415, time stamp: 0x54504177
    Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
    Exception code: 0xc000000d
    Fault offset: 0x0000000000101e60
    Faulting process id: 0x50c
    Faulting application start time: 0xsvchost.exe_DiagTrack0
    Faulting application path: svchost.exe_DiagTrack1
    Faulting module path: svchost.exe_DiagTrack2
    Report Id: svchost.exe_DiagTrack3
    Faulting package full name: svchost.exe_DiagTrack4
    Faulting package-relative application ID: svchost.exe_DiagTrack5

    Error: (05/15/2015 02:55:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1a54

    Start Time: 01d08eb04397cd32

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 8027c0f5-faa5-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/15/2015 02:41:56 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
    Description: There was an error with the Windows Location Provider database

    Error: (05/15/2015 02:34:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 11f8

    Start Time: 01d08daab87c7c64

    Termination Time: 25

    Application Path: C:\Windows\Explorer.EXE

    Report Id: 776242fb-faa2-11e4-82be-543530a68c7a

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (05/15/2015 01:27:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2a90

    Start Time: 01d08ea2ee0c960a

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 1ec2d6fe-fa99-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/15/2015 01:00:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1f58

    Start Time: 01d08ea10b602e20

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 55b43e6b-fa95-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/15/2015 00:42:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2370

    Start Time: 01d08e9b34625df8

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: e7e7e0da-fa92-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/14/2015 11:48:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2be8

    Start Time: 01d08e97037f7ee0

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 5062ffef-fa8b-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/14/2015 11:06:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 282c

    Start Time: 01d08e8ea1cdfa05

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 6effa947-fa85-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

    Error: (05/14/2015 10:09:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2260

    Start Time: 01d08e893fe32a2a

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

    Report Id: 8cc6d246-fa7d-11e4-82be-543530a68c7a

    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

    Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1


    System errors:
    =============
    Error: (05/15/2015 08:50:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053

    Error: (05/15/2015 08:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Computer Browser service failed to start due to the following error:
    %%1053


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-4440S CPU @ 2.80GHz
    Percentage of memory in use: 33%
    Total physical RAM: 8117.98 MB
    Available physical RAM: 5395.75 MB
    Total Pagefile: 9461.98 MB
    Available Pagefile: 5486.31 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.84 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:919.42 GB) (Free:833.9 GB) NTFS
    Drive x: (PBR Image) (Fixed) (Total:9.44 GB) (Free:0.68 GB) NTFS
    Drive y: (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.62 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: E02AF0F9)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================
     
  13. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    Thanks for those logs, still work to do....

    Uninstall Spybot S&D, re-boot when complete....

    Next,

    Backup the Registry:

    Modifying the Registry can create unforeseen problems, so it's always wise to create a backup before doing so.

    • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
    • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
    • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
    • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
    • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
    • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
    • Make sure that at least the first two check boxes are selected.

      [​IMG]
    • Click on OK
    • Then click on YES to create the folder.
    • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


    Next,

    Select start, Type or copy/paste notepad.exe into the search box and press Enter.

    Notepad will open. Copy the following script and paste it to Notepad.

    Code:
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyServer"=-
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyServer"=-
    
    reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f
    
    Go to File menu and select Save as.
    Make sure that the Save as type option is set to All Files (*.*) and the place to save will be your desktop.

    Name the file fix.reg and select Save.

    The file fix.reg file should now be located onto your desktop.

    Import the file into the registry as follows:

    Locate the fix.reg file on your desktop.
    Right-click on the fix.reg file and select Merge.
    You'll be prompted about adding the information to the registry. Accept any prompts...

    When complete re-boot your system.....

    Next,

    Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

    Next,

    To go for a clean install of Chrome do the following:

    Remove all synced data from Chrome go here: http://www.howtogeek.com/103655/how-to-delete-your-google-chrome-browser-sync-data/ follow those instructions...

    Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

    Install Google Chrome from here: https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html

    Install Adblock Plus to Chrome: https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb

    Enable Flash Block to Chrome: http://www.howtogeek.com/58058/how-to-enable-flashblock-in-chrome-and-make-it-5000-more-secure/

    Import your Bookmarks back.....

    Next,

    Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....

    Thanks,

    Kevin...
     
  14. Compash

    Compash Thread Starter

    Joined:
    Jan 9, 2006
    Messages:
    34
    I am on the step, where I am trying to un-install the chrome, but it won't allow me, asking me to close chrome, including windows 8 app. Which I did. But it still keep asking me to do that (which I obviously did). I closed everything. Still it won't work.
     
  15. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    Boot to Safemode then uninstall Chrome.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1147939

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice