Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

DC3_FEXEC

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

DC3_FEXEC

Unread postby wondermonkey77 » November 18th, 2016, 1:52 am

have three registry files that keep showing up in my AdwCleaner and they won't go away...



Key Found: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\Software\DC3_FEXEC
Key Found: HKCU\Software\DC3_FEXEC
Key Found: [x64] HKCU\Software\DC3_FEXEC


I did try to get help from another forum, but they couldn't help me. Thank you for any help.

LastRegBack: 2016-11-14 00:41

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-11-2016
Ran by Kate Luther (18-11-2016 00:44:47)
Running from C:\Users\Kate Luther\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-11 16:59:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2668550203-4061090781-3284410018-500 - Administrator - Disabled)
Guest (S-1-5-21-2668550203-4061090781-3284410018-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2668550203-4061090781-3284410018-1002 - Limited - Enabled)
Kate Luther (S-1-5-21-2668550203-4061090781-3284410018-1000 - Administrator - Enabled) => C:\Users\Kate Luther

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat 9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
AirStream-Suite (HKLM-x32\...\{734D87EE-15DC-49C9-943E-605E9B55A5D8}) (Version: 5.4.4 - )
Amazon Kindle (HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
ATI Catalyst Install Manager (HKLM\...\{AB7F4312-8037-4EBF-9D0F-5513CDFD534C}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
calibre (HKLM-x32\...\{1E376DEC-875A-4F53-9149-168582A0E274}) (Version: 2.71.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
CDisplay (HKLM-x32\...\{8DA9D7E6-8F69-4171-9007-81B0A84C83F6}) (Version: 1.8.5 - CDisplay)
Cisco Valet Connector (HKLM-x32\...\Cisco Valet Connector) (Version: 1.2.10148.2 - Cisco Consumer Products LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Diner Dash 5 - Boom Collectors Edition (HKLM-x32\...\Diner Dash 5 - Boom Collectors Edition1.0) (Version: 1.0 - Foxy Games)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Duplicate File Finder (HKLM-x32\...\{1041487C-12E6-47FE-B83A-E9891782C8FE}}_is1) (Version: 6.2.2 - Ashisoft)
FileBot (HKLM\...\{58D65487-B775-4B9E-B4F2-B0D57A3A49A5}) (Version: 4.7.2 - Reinhard Pointner)
FormatFactory 3.9.5.1 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.1 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Drive (HKLM-x32\...\{3D7AB4D4-2E45-4986-BAC5-5B3CEED21FAA}) (Version: 1.32.3592.6117 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.62.0 - JMicron Technology Corp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.4.0dev5_win_20160823100204 - MusicBrainz)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
PeerBlock 1.1+ (r691) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.691 - PeerBlock, LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Seagate DiscWizard (HKLM-x32\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8326 - Seagate)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.96.5684 - Electronic Arts)
System Requirements Lab Detection (HKLM-x32\...\{5C988AC0-8DAD-4D0A-8ACC-6B98E53E8507}) (Version: 6.1.6.0 - Husdawg, LLC)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.3.0 - Azureus Software, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kate Luther\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kate Luther\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kate Luther\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kate Luther\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kate Luther\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {005DDBDC-D10B-47F3-B8BE-E4B591E2A891} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
Task: {046FC648-5D63-41BE-ABA0-B8A79AEFE776} - System32\Tasks\{32A38684-22AB-4DF3-85F6-09B2449A5025} => C:\Users\Kate Luther\Downloads\7z920.exe
Task: {04DC0D93-CCF8-41DE-AE9C-B4DED7F4225D} - System32\Tasks\Opera scheduled Autoupdate 1430369011 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {063CAA9D-EB5E-488D-AE95-238F5B064B79} - System32\Tasks\{7B68790D-2F2D-4CA1-8299-1BCA6DECDF63} => pcalua.exe -a "C:\Users\Kate Luther\Downloads\jxpiinstall(1).exe" -d "C:\Users\Kate Luther\Downloads"
Task: {09B109D5-A570-4957-A2CB-D855235409D5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {17A070B4-C5DF-4A9C-8E75-F1260C6268D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {265D8BD4-DE94-4ADD-91D9-E7AE16AEADC9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {2A3D9D60-708A-421A-888E-E71AFC5A724B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {351B1DFA-229D-4DF4-AF3D-EDE30B7F26C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.)
Task: {3EC7027E-D13A-43ED-A5A3-E2461D5E2613} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {417729FC-CE07-41D5-B8E1-B51D28BAB040} - System32\Tasks\{97EAFE4C-D49E-43B1-89DC-B7684DEDFF1C} => C:\Users\Kate Luther\Downloads\7z920.exe
Task: {563BBA7A-A4F9-4388-8CCE-3806D90B7218} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => C:\Windows\system32\GWX\GWX.exe
Task: {5F1AD213-6B78-458E-9B03-47BDE03BC461} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => C:\Windows\system32\GWX\GWX.exe
Task: {6F2AF5FB-00B6-4807-AB13-F710EDD1EEE4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => C:\Windows\system32\GWX\GWX.exe
Task: {8024E141-D1EA-48F2-8511-B02CAA787F7E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {85440883-F40A-401C-AE79-9663AED563D5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => C:\Windows\system32\GWX\GWX.exe
Task: {8B7A2500-8561-400A-B2A7-6D8BFE4B9636} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => C:\Windows\system32\GWX\GWX.exe
Task: {8F7A1925-2B34-491A-B00F-C9C887C8EBE2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {93310E2B-D1EC-4454-9D3F-311CE4F57883} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {9533A49F-3ACF-4CD8-A6A3-9ADDCF850B8E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {AF667875-2FED-482B-9713-D69052DE0219} - System32\Tasks\NAT Monitor => $(Arg0)
Task: {BDF28607-47B2-440D-934D-21FD11DB45BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {C81C961B-AC89-46A8-9286-51E9850C308A} - System32\Tasks\mtcqtu => C:\Users\Kate Luther\mtcqtu\kqmp.exe [2016-10-09] (AutoIt Team)
Task: {E2AF1DB9-86DC-4360-B8EF-74344DAC5440} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {E7D969F3-6908-440A-A3D6-DAE9E4E6F873} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => C:\Windows\system32\GWX\GWX.exe
Task: {EC928034-3684-4A6D-899C-45F8281FC04A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {EDE1FED5-0699-4F57-9A20-6FB4F4DE87A2} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-05-16 14:59 - 2016-01-29 05:49 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-11 13:32 - 2012-02-11 13:32 - 00045056 _____ () C:\Windows\SysWOW64\UTSCSI.EXE
2009-10-16 17:59 - 2009-10-16 17:59 - 01328480 _____ () C:\Program Files (x86)\Seagate\DiscWizard\fox.dll
2016-11-17 10:18 - 2016-11-17 10:18 - 00385024 _____ () C:\Users\Kate Luther\AppData\Local\Temp\libsqlitejdbc-1703572743562435810.lib
2013-05-25 17:22 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
2013-05-25 17:22 - 2009-02-27 16:32 - 00020480 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
2015-03-31 00:01 - 2015-10-11 22:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-09 23:08 - 2016-01-05 10:45 - 00094888 _____ () C:\Program Files (x86)\Vuze\aereg.dll
2014-02-09 14:34 - 2016-01-05 10:45 - 00190640 _____ () C:\Users\Kate Luther\AppData\Roaming\Azureus\plugins\azitunes\jacob-1.17-M2-x86.dll
2014-02-09 14:34 - 2016-01-05 10:45 - 00021680 _____ () C:\Users\Kate Luther\AppData\Roaming\Azureus\plugins\azitunes\libProcessAccess.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7917 more sites.

IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\123simsen.com -> www.123simsen.com

There are 7917 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-11-02 20:04 - 00453427 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15559 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kate Luther\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Kate Luther\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DiscWizardMonitor.exe => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: lxdiamon => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe"
MSCONFIG\startupreg: lxdimon.exe => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{57A3C5E4-C8B2-4A3D-A879-F920A84BE216}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{F7E60D55-C835-4D5A-B278-D53EEFC396B9}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{7DB1AC45-A86A-435A-9582-89ECE1E6E74F}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{3B83F71F-98A3-413A-9981-C248D1D02A93}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [TCP Query User{61A38DA8-0C0B-426B-961E-97A2BB6F9068}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{730B127C-7C7C-457E-B63D-72AE4B7BB96B}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{1B215B84-93A7-4338-8FAF-3721433697A0}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{57E34469-4653-4C51-BF7C-07BF741E607D}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{C5F279AB-AF7E-42ED-9A7B-3637DDFC7E2C}] => (Allow) C:\Users\Kate Luther\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{128A36A0-6E29-4AA5-B57F-DF0B4DF71989}] => (Allow) C:\Users\Kate Luther\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6BC3D1ED-E3BC-4C51-BBD1-7CDEA54F6474}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{84E91B01-E032-488D-A784-7B7D60777EA3}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{6A345EA2-3845-4228-AF87-A64E2B518CCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AA8CAB29-F0A8-466B-B701-E7A3E1C8EAD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87A19C55-C3EF-42A1-94CE-F794BF78D279}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F70CE71B-7011-41B2-9EE5-60FDDA27048E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{7D88BC97-F9EA-425F-A9E5-BB7B6999C640}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{979988DA-CA1D-448E-8118-B574FD61115C}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{19D15132-3D2E-42DC-8D06-E264624086CA}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{0B188B21-9A28-480A-868E-0A64EA040B70}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{C4E6480E-DABB-4568-86C4-E32673822DB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A4EE2D15-799F-4079-9198-2FF58AB85EB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B2F62521-413E-4C5C-95BC-07419FEF6462}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E090C275-2899-480C-841E-5457A891193F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1D4FEDC2-6F53-4C41-8DB9-CE047786D5B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7DDB6623-4286-4C92-BB19-114F0930A24E}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{3297AABB-397D-4B79-B204-BFB462B4A1B2}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{D5D7F59D-9F66-4229-BFA4-4605B6DF7B6D}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{40E7C951-E208-4272-B2F1-AF28FCF13A2B}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{F68B4B40-2725-4775-BEEF-1A43B3D17692}] => (Allow) C:\Users\Kate Luther\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{1EBDEDA7-F08E-4FE7-A0ED-4B980024B12E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD5CFF38-D5EC-4810-A4E3-81AB288DB188}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CDB53E0C-A8A0-4F5E-AB72-EAC2B756745F}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{74AE022E-0DB7-4B24-ABAE-537B676726F1}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [TCP Query User{CE92129A-B8A3-4E01-9B71-D27B137130D7}C:\program files (x86)\vuze\azureus.exe] => (Block) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{ACD8FAE3-3A22-475D-A273-259BBE4CEEE8}C:\program files (x86)\vuze\azureus.exe] => (Block) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{2DEA0795-A49B-4D6F-B848-B40EE6D1A584}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{6EE2A0D7-CF94-4BA8-ADC0-503131215083}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{43FC8FE7-0B60-42A7-9BD1-C3E49D1762B5}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{E829BF1B-0D6B-4487-A6DD-FDE030944B37}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{8526E04B-53CD-4FCF-B83D-A383C24E645B}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{2A67B0E5-FCF6-4412-B677-5F5A8812A521}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{28768F5D-D5F4-4E9F-AB7E-C3D342FAC708}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{173CFDD2-54E9-4E21-A68C-0E430BF5301C}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{588279D4-CC6A-4BD2-9A6A-39A7070A7BE1}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [TCP Query User{ADB567E8-13D6-405C-8E2B-D381CA50A109}C:\program files (x86)\musicbee\musicbee.exe] => (Allow) C:\program files (x86)\musicbee\musicbee.exe
FirewallRules: [UDP Query User{AC6366A7-22D2-4E65-867C-C8A54E1E01A6}C:\program files (x86)\musicbee\musicbee.exe] => (Allow) C:\program files (x86)\musicbee\musicbee.exe
FirewallRules: [{14CB9C43-DA05-4E9C-8F35-BE0092F64E9B}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{DD0BD09C-2EA1-430D-9409-7C7E844D6276}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{7067E222-A0E8-441F-ADFF-A2D8D9DC29CE}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{DCD18342-BF45-4B82-BDFA-4986D95436E3}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C95C1049-59FE-4847-890B-77AF9095ACEB}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [TCP Query User{87FAABE3-DDE0-49AA-80BF-12D9F3BD2DCB}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{AB93BEC5-20AB-4FB7-8F5E-F4D39B1F91A5}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{ED226E94-5446-40D4-A6F6-1151C8E96012}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{EE3991EE-72FA-4946-BC4F-D806672349E3}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{5FCCA6CF-192D-4708-AF9E-72F0EDC6C578}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

09-11-2016 00:23:56 JRT Pre-Junkware Removal
09-11-2016 09:05:49 Installed calibre
09-11-2016 09:22:51 JRT Pre-Junkware Removal
11-11-2016 03:00:10 Windows Update
13-11-2016 12:51:51 Windows Update
13-11-2016 19:00:12 Windows Backup
14-11-2016 10:06:40 Restore Point Created by FRST
16-11-2016 23:49:41 Revo Uninstaller's restore point - FBReader for Windows
16-11-2016 23:52:21 Revo Uninstaller's restore point - ESET Online Scanner v3
17-11-2016 00:06:11 Windows Backup
17-11-2016 00:27:37 Revo Uninstaller's restore point - Reimage Repair
17-11-2016 00:31:38 Revo Uninstaller's restore point - Reimage Protector

==================== Faulty Device Manager Devices =============

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: asmthub3
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: asmthub3
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2016 10:18:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/17/2016 10:18:11 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/17/2016 10:18:11 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/17/2016 10:18:11 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/17/2016 10:18:11 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (11/17/2016 10:18:07 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/17/2016 10:18:07 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/17/2016 10:18:07 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/17/2016 10:18:07 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/17/2016 10:18:07 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))


System errors:
=============
Error: (11/17/2016 10:18:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/17/2016 10:18:11 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (11/17/2016 10:18:10 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (11/17/2016 10:17:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/17/2016 12:09:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (11/17/2016 12:07:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (11/17/2016 12:07:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (11/17/2016 12:07:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).

Error: (11/17/2016 12:07:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Virtual Disk service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (11/17/2016 12:07:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Block Level Backup Engine Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.


CodeIntegrity:
===================================
Date: 2016-11-18 00:44:06.739
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-17 10:30:16.749
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-17 10:18:49.299
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-17 00:37:00.694
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-17 00:25:56.954
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-17 00:10:44.123
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-17 00:01:26.573
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-16 23:50:33.253
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-16 23:40:27.024
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-16 23:31:45.943
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD FX(tm)-8120 Eight-Core Processor
Percentage of memory in use: 36%
Total physical RAM: 8137.35 MB
Available physical RAM: 5203.01 MB
Total Virtual: 16272.88 MB
Available Virtual: 13075.85 MB

==================== Drives ================================

Drive c: (Telltale Heart) (Fixed) (Total:1862.92 GB) (Free:1705.61 GB) NTFS
Drive e: (Internal Combustion) (Fixed) (Total:232.88 GB) (Free:232.78 GB) NTFS
Drive f: (TEAM JUICE) (Removable) (Total:0.12 GB) (Free:0.08 GB) FAT32
Drive h: (Organized Lightning) (Fixed) (Total:1863.01 GB) (Free:1604.93 GB) NTFS
Drive i: (Lil Ass Kicker) (Fixed) (Total:1862.98 GB) (Free:1762.69 GB) NTFS
Drive k: (One True Keeper) (Fixed) (Total:3725.9 GB) (Free:2456.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4B2C8F5A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 19C319C2)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 3726 GB) (Disk ID: 9BBB52EA)

Partition: GPT.

========================================================
Disk: 5 (Size: 124 MB) (Disk ID: 91F72D24)
Partition 1: (Not Active) - (Size=124 MB) - (Type=06)

==================== End of Addition.txt ============================
wondermonkey77
Active Member
 
Posts: 3
Joined: November 18th, 2016, 1:42 am
Top
Advertisement
Register to Remove

Re: DC3_FEXEC

Unread postby mAL_rEm018 » November 20th, 2016, 1:47 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.


Hello wondermonkey77,

Welcome to Malware Removal! My name is mAL_rEm018, but feel free to call me mAL. I will be helping you with your malware related problems :)

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.

To make sure everything goes smoothly, I would like you to observe the following rules:
  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread. Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum. Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

Before we proceed please read and get acquainted with the following topic: HOW TO GET HELP IN THIS FORUM - everyone must read this, where the conditions for receiving help here are explained.

The FRST.txt log you provided is incomplete. Please navigate to the following location and copy/paste the complete log in your next reply.
C:\Users\Kate Luther\Downloads\FRST.txt
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia
Top

Re: DC3_FEXEC

Unread postby wondermonkey77 » November 20th, 2016, 11:46 pm

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01
Ran by Kate Luther (administrator) on KATELUTHER-PC (20-11-2016 22:43:48)
Running from C:\Users\Kate Luther\Downloads
Loaded Profiles: Kate Luther (Available Profiles: Kate Luther)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Cisco Consumer Products LLC) C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
() C:\Windows\SysWOW64\UTSCSI.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Acronis) C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
(Azureus Software, Inc) C:\Program Files (x86)\Vuze\Azureus.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe [904840 2009-10-16] (Acronis)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [bowsUpdate] => C:\Users\Kate Luther\AppData\Roaming\cej\tck.exe [750320 2012-01-29] (AutoIt Team)
HKLM-x32\...\Run: [dicobusssUpdate] => C:\Users\Kate Luther\AppData\Roaming\mfm\mcn.exe [750320 2012-01-29] (AutoIt Team)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Tamurumefoni] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\KATELU~1\AppData\Roaming\Himopa"
HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\MountPoints2: {45d25abf-7a8b-11e5-aac3-5404a63d3ab4} - L:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\MountPoints2: {77939193-2f78-11e5-9506-5404a63d3ab4} - L:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\MountPoints2: {8e89e363-7094-11e2-803d-5404a63d3ab4} - K:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\...\MountPoints2: {909e3893-1611-11e4-85b3-5404a63d3ab4} - L:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AirStream-Suite.lnk [2016-10-29]
ShortcutTarget: AirStream-Suite.lnk -> C:\Windows\Installer\{734D87EE-15DC-49C9-943E-605E9B55A5D8}\_4A6A2BE3C42A9108E8B195.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3693FF7B-DD1A-4A18-B59B-DE2387C6B0BB}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3BD4B43E-FB52-4907-8D82-8437E9FD92BC}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58FEDC39-CF78-4BAA-A226-DBF315C54242}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{775B0F4E-EC3F-4425-BAD8-FCD0FCA77C95}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88DAC899-338B-48B6-9599-93D0E9EE7CD8}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{A22D6AE4-58F0-4877-B5CD-11E2423F9624}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A41AFAE1-619A-4B3B-BA25-FBBBBD423CC9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ED714F57-3670-42D8-BA39-C339523CD371}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2668550203-4061090781-3284410018-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-09] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Kate Luther\AppData\Roaming\Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733 [2016-11-20]
FF NewTab: Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733 -> hxxps://www.facebook.com/
FF Keyword.URL: Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733 -> user_pref("keyword.URL", true);
FF Extension: (Grammarly for Firefox) - C:\Users\Kate Luther\AppData\Roaming\Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2016-11-09]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Kate Luther\AppData\Roaming\Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733\Extensions\adblockpopups@jessehakanen.net.xpi [2016-10-02]
FF Extension: (AdBlocker Ultimate) - C:\Users\Kate Luther\AppData\Roaming\Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733\Extensions\adblockultimate@adblockultimate.net.xpi [2016-11-18]
FF Extension: (Adblock Plus) - C:\Users\Kate Luther\AppData\Roaming\Mozilla\Firefox\Profiles\rluwpyd7.default-1475417574733\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2668550203-4061090781-3284410018-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Kate Luther\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=994519&fr=yo-yhp-ch
CHR Profile: C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default [2016-11-19]
CHR Extension: (YouTube) - C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-09]
CHR Extension: (Google Cast) - C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-10]
CHR Extension: (Adblock Plus) - C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-29]
CHR Extension: (Google Search) - C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-19]
CHR Extension: (Google Docs Offline) - C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-20]
CHR Extension: (Gmail) - C:\Users\Kate Luther\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-30]
CHR HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\KATELU~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-09-05]
CHR HKU\S-1-5-21-2668550203-4061090781-3284410018-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2016-04-26] (DTS)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-02-11] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-11] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-11] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-11] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-05] (Electronic Arts)
R2 RaAutoInstSrv_AM10; C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe [529024 2010-05-29] (Cisco Consumer Products LLC)
R2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2012-02-11] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AM10; C:\Windows\System32\DRIVERS\am10w7.sys [1101600 2010-02-13] (Ralink Technology Corp.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-26] (REALiX(tm))
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-06-30] (NVIDIA Corporation)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-04] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-20 22:43 - 2016-11-20 22:43 - 00000000 ____D C:\Users\Kate Luther\Downloads\FRST-OlderVersion
2016-11-19 18:05 - 2016-11-19 18:05 - 00065630 _____ C:\Users\Kate Luther\Downloads\Mary_J_Blige_Discography-((Demonoid_www.DNOID.me)).TORRENT
2016-11-19 18:04 - 2016-11-19 18:04 - 00030287 _____ C:\Users\Kate Luther\Downloads\[]Demonoid_www.DNOID.me[]-Dionne_Warwick_(19_Albums).TORRENT
2016-11-19 18:03 - 2016-11-19 18:03 - 00053182 _____ C:\Users\Kate Luther\Downloads\[[Demonoid_www.DNOID.me]]-Whitney_Houston_Album_Collection.TORRENT
2016-11-19 18:03 - 2016-11-19 18:03 - 00039926 _____ C:\Users\Kate Luther\Downloads\-_Demonoid_www.DNOID.me_-[iTunes]_Alicia_Keys_Songs_in_A_Minor_(10th_Anniversary_Edition)_(Collector's_Edition)_(2011).TORRENT
2016-11-19 18:03 - 2016-11-19 18:03 - 00034629 _____ C:\Users\Kate Luther\Downloads\Whitney_Houston_Discography_320_(13_Albums)(by_dragan09)-((Demonoid_www.DNOID.me)).TORRENT
2016-11-19 18:02 - 2016-11-19 18:02 - 00102836 _____ C:\Users\Kate Luther\Downloads\The_Beatles_Black_Box_Set_16_CDs_192kbps-[[Demonoid_www.DNOID.me]].TORRENT
2016-11-19 18:01 - 2016-11-19 18:01 - 00953429 _____ C:\Users\Kate Luther\Downloads\The_Beatles_The_Bootleg_Box_Set_Collection_1989_2009_(20_Box_Sets_203_CDs)(MP3_320_kbps)(Incl_All_Cover_Artwork)-(Demonoid_www.DNOID.me).TORRENT
2016-11-19 18:00 - 2016-11-19 18:00 - 00040469 _____ C:\Users\Kate Luther\Downloads\Harry_Chapin_(12_CDs)-((Demonoid_www.DNOID.me)).TORRENT
2016-11-19 17:59 - 2016-11-19 17:59 - 00095825 _____ C:\Users\Kate Luther\Downloads\Judy_Collins_Bread_and_Roses_1976_FLAC_O-Demonoid_www.DNOID.me-O.TORRENT
2016-11-19 17:59 - 2016-11-19 17:59 - 00084919 _____ C:\Users\Kate Luther\Downloads\Judy_Collins_Judith_1975_FLAC-[]Demonoid_www.DNOID.me[].TORRENT
2016-11-19 17:59 - 2016-11-19 17:59 - 00072697 _____ C:\Users\Kate Luther\Downloads\Joan_Baez_(17_more_albums_flac_lossless)-_Demonoid_www.DNOID.me_-.TORRENT
2016-11-19 17:58 - 2016-11-19 17:58 - 00017439 _____ C:\Users\Kate Luther\Downloads\[[Demonoid_www.DNOID.me]]-Judy_Collins_(3_albums_flac_eac_log_covers).TORRENT
2016-11-19 17:57 - 2016-11-19 17:57 - 00161545 _____ C:\Users\Kate Luther\Downloads\O-Demonoid_www.DNOID.me-O_Bob_Dylan_discography.TORRENT
2016-11-19 17:57 - 2016-11-19 17:57 - 00042270 _____ C:\Users\Kate Luther\Downloads\Meatloaf_Complete_Discography-[]Demonoid_www.DNOID.me[].TORRENT
2016-11-19 17:55 - 2016-11-19 17:55 - 00124538 _____ C:\Users\Kate Luther\Downloads\(Demonoid_www.DNOID.me)-The_Byrds_The_Complete_Columbia_Albums_Collection_(2011)(13CD_Box_Set)(HQ_Artwork_Disc_Box_Set_Booklet_Scans_Included)(FLAC_Images_cue_log).TORRENT
2016-11-19 17:54 - 2016-11-19 17:54 - 00012717 _____ C:\Users\Kate Luther\Downloads\The_Byrds_Sweetheart_of_the_Rodeo_[1968]-[]Demonoid_www.DNOID.me[].TORRENT
2016-11-18 10:13 - 2016-11-18 10:14 - 00041919 _____ C:\Users\Kate Luther\Downloads\O-Demonoid_www.DNOID.me-O_ATLANTA_Complete_FIRST_Season_1_S01_(2016_Series)_720p_Web_DL_x264.TORRENT
2016-11-18 10:13 - 2016-11-18 10:13 - 00041919 _____ C:\Users\Kate Luther\Downloads\(Demonoid_www.DNOID.me)-ATLANTA_Complete_FIRST_Season_1_S01_(2016_Series)_720p_Web_DL_x264.TORRENT
2016-11-18 00:45 - 2016-11-20 22:44 - 00015670 _____ C:\Users\Kate Luther\Downloads\FRST.txt
2016-11-17 00:14 - 2016-11-17 00:15 - 00000150 _____ C:\Windows\Reimage.ini
2016-11-17 00:09 - 2016-11-17 00:13 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\dclogs
2016-11-17 00:09 - 2016-11-17 00:09 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\Imminent
2016-11-15 23:21 - 2016-11-15 23:21 - 07476144 _____ (TeamViewer) C:\Users\Kate Luther\AppData\Roaming\TvQS.exe
2016-11-15 23:21 - 2016-11-15 23:21 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\TeamViewer
2016-11-11 05:10 - 2016-11-02 10:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-11 05:10 - 2016-11-02 10:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-11 05:10 - 2016-11-02 10:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-11 05:10 - 2016-11-02 10:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-11 05:10 - 2016-11-02 10:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-11 05:10 - 2016-11-02 10:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-11 05:10 - 2016-11-02 10:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-11 05:10 - 2016-11-02 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-11 05:10 - 2016-11-02 10:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-11 05:10 - 2016-11-02 09:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-11 05:10 - 2016-10-27 22:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-11 05:10 - 2016-10-27 22:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-11 05:10 - 2016-10-27 14:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-11 05:10 - 2016-10-27 14:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-11 05:10 - 2016-10-27 13:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-11 05:10 - 2016-10-27 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-11 05:10 - 2016-10-27 13:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-11 05:10 - 2016-10-27 13:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-11 05:10 - 2016-10-27 13:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-11 05:10 - 2016-10-27 13:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-11 05:10 - 2016-10-27 13:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-11 05:10 - 2016-10-27 13:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-11 05:10 - 2016-10-27 13:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-11 05:10 - 2016-10-27 13:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-11 05:10 - 2016-10-27 13:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-11 05:10 - 2016-10-27 13:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-11 05:10 - 2016-10-27 13:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-11 05:10 - 2016-10-27 13:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-11 05:10 - 2016-10-27 13:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-11 05:10 - 2016-10-27 13:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-11 05:10 - 2016-10-27 13:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-11 05:10 - 2016-10-27 13:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-11 05:10 - 2016-10-27 13:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-11 05:10 - 2016-10-27 13:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-11 05:10 - 2016-10-27 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-11 05:10 - 2016-10-27 13:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-11 05:10 - 2016-10-27 13:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-11 05:10 - 2016-10-27 12:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-11 05:10 - 2016-10-27 12:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-11 05:10 - 2016-10-27 12:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-11 05:10 - 2016-10-27 12:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-11 05:10 - 2016-10-27 12:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-11 05:10 - 2016-10-27 12:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-11 05:10 - 2016-10-27 12:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-11 05:10 - 2016-10-27 12:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-11 05:10 - 2016-10-27 11:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-11 05:10 - 2016-10-27 10:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-11 05:10 - 2016-10-25 10:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-11 05:10 - 2016-10-22 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-11 05:10 - 2016-10-22 12:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-11 05:10 - 2016-10-22 12:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-11 05:10 - 2016-10-22 12:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-11 05:10 - 2016-10-22 12:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-11 05:10 - 2016-10-22 12:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-11 05:10 - 2016-10-22 12:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-11 05:10 - 2016-10-22 12:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-11 05:10 - 2016-10-22 12:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-11 05:10 - 2016-10-22 12:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-11 05:10 - 2016-10-22 12:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-11 05:10 - 2016-10-22 12:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-11 05:10 - 2016-10-22 12:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-11 05:10 - 2016-10-22 12:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-11 05:10 - 2016-10-22 12:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-11 05:10 - 2016-10-22 12:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-11 05:10 - 2016-10-22 11:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-11 05:10 - 2016-10-22 11:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-11 05:10 - 2016-10-22 11:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-11 05:10 - 2016-10-22 11:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-11 05:10 - 2016-10-22 11:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-11 05:10 - 2016-10-22 11:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-11 05:10 - 2016-10-22 11:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-11 05:10 - 2016-10-22 11:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-11 05:10 - 2016-10-22 11:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-11 05:10 - 2016-10-22 11:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-11 05:10 - 2016-10-22 11:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-11 05:10 - 2016-10-22 11:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-11 05:10 - 2016-10-22 11:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-11 05:10 - 2016-10-15 10:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-11 05:10 - 2016-10-15 10:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-11 05:10 - 2016-10-15 10:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-11 05:10 - 2016-10-15 10:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-11 05:10 - 2016-10-11 10:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-11 05:10 - 2016-10-11 10:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-11 05:10 - 2016-10-11 10:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-11 05:10 - 2016-10-11 10:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-11 05:10 - 2016-10-11 10:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-11 05:10 - 2016-10-11 10:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-11 05:10 - 2016-10-11 10:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-11 05:10 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-11 05:10 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-11 05:10 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-11 05:10 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-11 05:10 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-11 05:10 - 2016-10-11 10:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-11 05:10 - 2016-10-11 10:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-11 05:10 - 2016-10-11 10:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-11 05:10 - 2016-10-11 10:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-11 05:10 - 2016-10-11 10:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-11 05:10 - 2016-10-11 10:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-11 05:10 - 2016-10-11 08:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-11 05:10 - 2016-10-11 08:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-11 05:10 - 2016-10-10 10:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-11 05:10 - 2016-10-10 10:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-11 05:10 - 2016-10-10 10:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-11 05:10 - 2016-10-10 10:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-11 05:10 - 2016-10-10 10:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-11 05:10 - 2016-10-10 10:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-11 05:10 - 2016-10-10 10:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-11 05:10 - 2016-10-10 10:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-11 05:10 - 2016-10-10 10:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-11 05:10 - 2016-10-10 09:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-11 05:10 - 2016-10-10 09:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-11 05:10 - 2016-10-10 09:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-11 05:10 - 2016-10-10 09:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-11 05:10 - 2016-10-10 09:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-11 05:10 - 2016-10-10 09:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-11 05:10 - 2016-10-07 10:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-11 05:10 - 2016-10-07 10:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-11 05:10 - 2016-10-07 10:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-11 05:10 - 2016-10-07 10:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-11 05:10 - 2016-10-07 10:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-11 05:10 - 2016-10-07 10:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 10:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-11 05:10 - 2016-10-07 10:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-11 05:10 - 2016-10-07 10:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-11 05:10 - 2016-10-07 10:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-11 05:10 - 2016-10-07 10:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-11 05:10 - 2016-10-07 09:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-11 05:10 - 2016-10-07 09:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-11 05:10 - 2016-10-07 09:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-11 05:10 - 2016-10-07 09:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-11 05:10 - 2016-10-07 09:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-11 05:10 - 2016-10-07 09:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 09:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 09:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-11 05:10 - 2016-10-07 09:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-11 05:10 - 2016-10-05 09:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-11 05:10 - 2016-09-15 09:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-11 05:10 - 2016-09-13 10:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-11 05:10 - 2016-09-13 10:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-11 05:10 - 2016-09-09 13:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-11 05:10 - 2016-09-09 13:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-11 05:10 - 2016-08-22 11:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 22:49 - 2016-11-18 00:46 - 00045258 _____ C:\Users\Kate Luther\Downloads\Addition.txt
2016-11-09 22:48 - 2016-11-20 22:43 - 00000000 ____D C:\FRST
2016-11-09 22:47 - 2016-11-20 22:43 - 02412544 _____ (Farbar) C:\Users\Kate Luther\Downloads\FRST64.exe
2016-11-09 09:43 - 2016-11-16 23:54 - 00000880 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-09 09:43 - 2016-11-09 09:43 - 00002812 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-11-09 09:43 - 2016-11-09 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-09 09:13 - 2016-11-09 09:15 - 00203568 _____ C:\TDSSKiller.3.1.0.12_09.11.2016_09.13.36_log.txt
2016-11-09 09:06 - 2016-11-09 09:06 - 00000974 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2016-11-09 08:58 - 2016-11-09 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-11-09 08:58 - 2016-11-09 08:58 - 00000000 ____D C:\Program Files\VS Revo Group
2016-11-09 00:45 - 2016-11-09 00:45 - 00000000 ____D C:\Windows\Sun
2016-11-08 06:28 - 2016-11-18 10:12 - 00000000 ___HD C:\Users\Kate Luther\AppData\Roaming\mfm
2016-11-08 06:28 - 2016-11-08 06:28 - 01168437 _____ (Sandboxie Holdings, LLC) C:\Users\Kate Luther\AppData\Roaming\oracleplugin.exe
2016-11-07 08:26 - 2016-11-13 13:07 - 00412144 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-07 06:58 - 2016-11-07 06:58 - 00110872 _____ C:\Users\Kate Luther\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-05 12:11 - 2016-11-05 12:11 - 00000000 ____D C:\Users\Kate Luther\Desktop\2014-10-17 Moline, IL
2016-11-02 12:21 - 2016-11-02 12:21 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-11-02 12:21 - 2016-11-02 12:21 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-11-02 08:52 - 2016-11-18 10:12 - 00000000 ___HD C:\Users\Kate Luther\AppData\Roaming\cej
2016-11-02 08:52 - 2016-11-14 10:07 - 00002742 _____ C:\Windows\System32\Tasks\NAT Monitor
2016-11-02 08:52 - 2016-11-14 10:07 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\5CE7090A-7FB7-4BFE-BD41-70923C9D689D
2016-11-02 08:52 - 2016-11-02 08:52 - 00003612 _____ C:\Windows\System32\Tasks\mtcqtu
2016-11-02 08:52 - 2016-11-02 08:52 - 00000000 __SHD C:\Users\Kate Luther\mtcqtu
2016-11-02 08:52 - 2014-04-11 22:08 - 00045216 ___SH (Microsoft Corporation) C:\Users\Kate Luther\RegSvcs.exe
2016-11-01 09:29 - 2016-11-01 09:29 - 00017000 _____ C:\Users\Kate Luther\AppData\Roaming\Himopa
2016-11-01 09:28 - 2016-11-01 09:28 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-10-29 16:02 - 2016-11-20 22:34 - 00000000 ____D C:\Users\Kate Luther\Airstream
2016-10-29 16:01 - 2016-11-20 22:34 - 00000000 ____D C:\Program Files (x86)\AirStream-Suite
2016-10-29 16:01 - 2016-10-29 16:01 - 00002605 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirStream-Suite.lnk
2016-10-29 15:36 - 2016-10-29 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee Remote
2016-10-21 22:06 - 2016-10-21 22:06 - 00899911 _____ C:\Users\Kate Luther\Desktop\john carroll.htm
2016-10-21 00:08 - 2016-10-21 07:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-20 22:43 - 2013-01-31 10:04 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\Azureus
2016-11-20 22:21 - 2016-01-19 14:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-20 21:51 - 2012-04-11 07:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-20 18:21 - 2016-01-19 14:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-20 17:28 - 2012-11-10 15:53 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-19 19:18 - 2015-04-29 23:45 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-11-19 19:18 - 2012-02-11 15:21 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-19 18:10 - 2016-10-02 13:20 - 00000000 ____D C:\Users\Kate Luther\Desktop\Vuze Downloads
2016-11-19 17:59 - 2016-06-05 12:49 - 00000000 ____D C:\Program Files\PeerBlock
2016-11-18 10:19 - 2009-07-13 23:45 - 00028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-18 10:19 - 2009-07-13 23:45 - 00028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-18 10:17 - 2009-07-14 00:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-18 10:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-11-18 10:11 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-17 10:30 - 2012-02-12 11:47 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\vlc
2016-11-17 00:12 - 2016-01-24 23:25 - 00000000 ____D C:\AdwCleaner
2016-11-16 23:55 - 2012-02-26 08:24 - 00000000 ____D C:\Users\Kate Luther\Desktop\food
2016-11-16 23:50 - 2012-02-11 11:59 - 00000000 ____D C:\Users\Kate Luther
2016-11-16 23:48 - 2014-06-01 13:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-14 21:39 - 2012-03-21 12:56 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-11-14 21:39 - 2012-03-21 12:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-11-14 19:22 - 2015-04-29 23:46 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 10:10 - 2015-10-30 10:02 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-11-14 10:07 - 2012-04-26 09:25 - 00000000 ____D C:\Users\Kate Luther\AppData\LocalLow\Temp
2016-11-14 10:06 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-11-14 10:06 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-11-13 13:44 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-11-11 03:05 - 2013-07-20 02:00 - 00000000 ____D C:\Windows\system32\MRT
2016-11-11 03:00 - 2012-02-20 22:44 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-10 09:49 - 2012-02-11 12:52 - 00000000 ____D C:\Users\Kate Luther\Desktop\Brainz Done
2016-11-09 22:51 - 2014-06-01 12:40 - 00000000 ____D C:\Users\Kate Luther\Desktop\spyware stuff
2016-11-09 17:28 - 2015-04-29 23:43 - 00003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1430369011
2016-11-09 09:51 - 2015-04-29 23:45 - 00003908 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-11-09 09:51 - 2012-04-11 07:04 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-09 09:51 - 2012-04-11 07:04 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-09 09:51 - 2012-02-20 05:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-09 09:51 - 2012-02-11 15:21 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-09 09:43 - 2013-01-26 23:06 - 00000000 ____D C:\Program Files\CCleaner
2016-11-09 09:12 - 2012-05-05 19:21 - 00000000 ____D C:\Users\Kate Luther\Desktop\Books
2016-11-09 09:06 - 2012-06-22 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-11-09 09:06 - 2012-06-22 22:31 - 00000000 ____D C:\Program Files (x86)\Calibre2
2016-11-09 00:45 - 2015-02-09 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-09 00:45 - 2014-02-19 23:38 - 00000000 ____D C:\ProgramData\Oracle
2016-11-09 00:43 - 2015-02-09 14:48 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-11-09 00:43 - 2015-02-09 14:48 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-09 00:40 - 2015-11-26 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-11-08 12:42 - 2015-05-04 08:55 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 10:31 - 2016-09-05 13:14 - 00000000 ___RD C:\Users\Kate Luther\Google Drive
2016-11-05 12:54 - 2015-11-17 08:59 - 00000000 ____D C:\Users\Kate Luther\Documents\Vuze Downloads
2016-11-05 12:54 - 2014-06-21 11:50 - 00000000 ____D C:\Users\Kate Luther\Documents\My Kindle Content
2016-11-05 12:32 - 2015-05-04 08:55 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 12:14 - 2015-09-07 13:47 - 00000000 ____D C:\Users\Kate Luther\AppData\Roaming\MusicBee
2016-11-02 19:58 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Branding
2016-11-02 12:22 - 2016-09-05 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-02 08:51 - 2009-07-13 21:34 - 00453327 ____R C:\Windows\system32\Drivers\etc\hosts.20161102-210444.backup
2016-11-02 08:37 - 2012-04-26 09:25 - 00000000 ____D C:\Users\Kate Luther\AppData\Local\Google
2016-11-01 23:29 - 2015-11-07 22:03 - 00000205 _____ C:\Users\Kate Luther\AppData\Roaming\WB.CFG
2016-11-01 09:28 - 2016-07-20 21:03 - 00001202 _____ C:\Users\Kate Luther\Desktop\Format Factory.lnk
2016-10-29 16:28 - 2014-08-29 02:18 - 00000000 ____D C:\Users\Kate Luther\AppData\Local\Adobe
2016-10-26 16:29 - 2010-11-20 22:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-21 07:15 - 2012-05-03 03:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2016-11-01 09:29 - 2016-11-01 09:29 - 0017000 _____ () C:\Users\Kate Luther\AppData\Roaming\Himopa
2016-11-08 06:28 - 2016-11-08 06:28 - 1168437 _____ (Sandboxie Holdings, LLC) C:\Users\Kate Luther\AppData\Roaming\oracleplugin.exe
2016-11-15 23:21 - 2016-11-15 23:21 - 7476144 _____ (TeamViewer) C:\Users\Kate Luther\AppData\Roaming\TvQS.exe
2015-11-07 22:03 - 2016-11-01 23:29 - 0000205 _____ () C:\Users\Kate Luther\AppData\Roaming\WB.CFG
2013-11-27 13:18 - 2013-11-27 13:18 - 0004096 ____H () C:\Users\Kate Luther\AppData\Local\keyfile3.drm
2013-05-27 19:51 - 2013-05-27 21:55 - 0000000 _____ () C:\ProgramData\as98213.txt
2015-11-26 11:56 - 2015-11-26 11:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-12 10:15 - 2015-11-12 10:15 - 0000108 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-05-27 20:07 - 2013-05-27 20:07 - 0000000 _____ () C:\ProgramData\rni7lojm.dat

Files to move or delete:
====================
C:\ProgramData\rni7lojm.dat
C:\Users\Kate Luther\RegSvcs.exe


Some files in TEMP:
====================
C:\Users\Kate Luther\AppData\Local\Temp\i4jdel0.exe
C:\Users\Kate Luther\AppData\Local\Temp\ReimagePackage.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-14 00:41

==================== End of FRST.txt ============================
wondermonkey77
Active Member
 
Posts: 3
Joined: November 18th, 2016, 1:42 am
Top

Re: DC3_FEXEC

Unread postby mAL_rEm018 » November 21st, 2016, 2:54 pm

Hello wondermonkey77,

In your next post please answer the following questions:
  • It was brought to my attention that you were receiving help for your problem at Bleeping Computer. Why didn't you continue with your helper?
  • Is this computer used for business purposes?
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia
Top

Re: DC3_FEXEC

Unread postby wondermonkey77 » November 21st, 2016, 3:02 pm

I had adv that when I was at that forum they didn't know how to fix it. And it is not a business comp
wondermonkey77
Active Member
 
Posts: 3
Joined: November 18th, 2016, 1:42 am
Top

Re: DC3_FEXEC

Unread postby pgmigg » November 21st, 2016, 4:18 pm

Posting at multiple forums

You are already receiving help with this problem at another forum

May I draw your attention to the ALL USERS OF THIS FORUM MUST READ THIS FIRST topic, which you should have read before posting for help.

See the section here where we tell you why this is not a good idea.

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5465
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Top
Advertisement
Register to Remove
Topic locked

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: pgmigg and 248 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index