Recent Posts

Pages: 1 [2] 3 4 ... 10
Post Here for Malware Removal ... / Re: [In Progress] A/V Scans hanging up
« Last post by Hoov on Yesterday at 07:37:54 PM »
Kind of. It tells me that it is not a single file it is hanging up on, but there is something in Windows that is stopping the scan.

With windows running normally, Please download and install Speccy. Once that is done, then start it up. Once it is done analyzing, click on File and then on Save Snapshot. Save the snapshot to your desktop and then right click on it and select Send To and then Compressed (Zipped) Folder. I will send you a PM on what to do with the file.
Post Here for Malware Removal ... / Re: [In Progress] A/V Scans hanging up
« Last post by PGB on Yesterday at 07:26:04 PM »
I just tries MSE again.  It stopped running at Tie elapsed: 00:15:10 and the green progress line is only 3/4 the way across. Shows Items Scanned: 1400557 and it stopped on Item: C:\Windows\Installer\$PatchCache$\Managed\0EE3A20E3911C454E895DBCF6ECEB722\9.5.0\Guid_  (cannot see any further to the right)

Does this help?
Post Here for Malware Removal ... / Re: [In Progress] A/V Scans hanging up
« Last post by PGB on Yesterday at 06:42:12 PM »
Once I hid all Microsoft Services, MSE was no longer available for me to run in selective startup.  I ran the Malawarebytes Threat Scan.  It completed in 00:07:48, scanned 384,314 items, 0 threats detected.

Then I ran msconfig and selected normal startup, OK, rebooted; then ran MSE Full Scan.  It hung up at
that was 00:15:14 into the scan, 1396472 items scanned.

I re-ran Malawarebytes in normal mode and it hung at
Objects scanned:90,916
Elapsed time: 00:20:41 ...the timer kept running, even though I hit PAUSE
Detected Objects: 0

Does this help?
Post Here for Malware Removal ... / Re: [In Progress] A/V Scans hanging up
« Last post by Hoov on Yesterday at 05:23:58 PM »
Start windows cleanly and run both scans again. Wait until the the scans hang up and then look at the file they are on. Let me know both of the files they are on (after starting windows normally again). Instructions for starting Windows cleanly are below.

To start windows cleanly go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Once you have figured out the file they are sticking on, run msconfig and select normal startup then click apply then OK and reboot windows.
Post Here for Malware Removal ... / Re: [In Progress] A/V Scans hanging up
« Last post by PGB on Yesterday at 02:57:15 PM »
Hello Hoov!  I don't know-- never looked for that.  Sorry, am not sophisticated in this arena!
Post Here for Malware Removal ... / Re: [In Progress] A/V Scans hanging up
« Last post by Hoov on Yesterday at 02:19:41 PM »
Hello it is Hoov again.

Are your scans hanging up on the same file?
Post Here for Malware Removal ... / [In Progress] A/V Scans hanging up
« Last post by PGB on Yesterday at 12:06:58 PM »
Have been here before -- you guys are tremendous!  Recently when manually running Microsoft Security Essentials or MalwareBytes, the scan hangs up and over an our does not complete.  Is something not right in my ssytem?

DDS (Ver_2012-11-20.01)
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/30/2013 6:58:57 PM
System Uptime: 8/30/2015 1:58:17 PM (1 hours ago)
Motherboard: ASUSTeK COMPUTER INC. |  | Z87-PLUS
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz | SOCKET 1150 | 3401/100mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 238 GiB total, 56.671 GiB free.
D: is CDROM ()
Y: is NetworkDisk (NTFS) - 3663 GiB total, 807.738 GiB free.
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP296: 8/30/2015 11:14:22 AM - Scheduled Checkpoint
==== Installed Programs ======================
Acronis True Image 2014
Adobe Acrobat Reader DC
Adobe Flash Player 18 ActiveX
Adobe Flash Player 18 NPAPI
Adobe Refresh Manager
AMD Accelerated Video Transcoding
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Asmedia ASM106x SATA Host Controller Driver
Brother HL-5250DN
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco WebEx Meetings
Citrix Online Launcher
Corel PaintShop Pro X6
Creative Content
CrystalDiskMark 3.0.2f
DC-Bass Source 1.3.0
Definition Update for Microsoft Office 2010 (KB3054979) 32-Bit Edition
DirectVobSub 2.40.4209
DivX Setup
ERUNT 1.1j
ffdshow v1.1.4399 [2012-03-22]
Fuze Meeting
FXCM MetaTrader 4
FXCM Trading Station
Google Chrome
Google Update Helper
Hubb Client Data Manager
Integrated Investor
Intel(R) Management Engine Components
Intel(R) Network Connections
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
iSEEK AnswerWorks English Runtime
Java 8 Update 31
Java 8 Update 45
Java Auto Updater
Lagarith Lossless Codec (1.3.27)
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version
Microsoft .NET Framework 4.5.2
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 4.0 x64 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Moyea FLV Player version
Mozilla Firefox 40.0.3 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MySpeed v5.4.5
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
Nitro Reader 3
OpenOffice 4.1.1
OpenSource Flash Video Splitter
PipStrider III
PrimoPDF -- brought to you by Nitro PDF Software
Quicken 2012
Quicken 2015
Quicken WillMaker Plus 2012
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek High Definition Audio Driver
RealUpgrade 1.1
Replay Video Capture 7
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio RecordNow 10 Music Lab
Roxio Update Manager
Samsung Magician
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
Security Update for Microsoft Excel 2010 (KB3055044) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598244) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2863817) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB3055033) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB3054876) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB3055039) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SHARP MX/DX Series PCL/PS Printer Driver
Skype Click to Call
Skype™ 7.0
Sonic CinePlayer Decoder Pack
TeamViewer 9
Top Producer Outlook Sync
Trade Navigator
TradeStation 9.1
TradeStation 9.5
TTM Squeeze 2.2
TTM Squeeze Radar 3.2
TTM Voodoo Lines
Update for Microsoft Access 2010 (KB2965300) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589282) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965296) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054962) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3055041) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VectorVest 7
Video Downloader
VisualTour Studio
VT Remote Support
WinPcap 4.1.3
Wisdom-soft ScreenHunter 6.0 Free
Xvid Video Codec
==== Event Viewer Messages From Past Week ========
8/30/2015 2:47:18 AM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17937  BrowserJavaVersion: 11.45.2
Run by Phyllis at 14:01:23 on 2015-08-30
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.32706.28089 [GMT -4:00]
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\proclaunch.exe
c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\ffprobe.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [Dropbox Update] "C:\Users\Phyllis\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
uRunOnce: [Application Restart #4] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --win-jumplist-action=recently-closed --flag-switches-begin --flag-switches-end --restore-last-session{01829190-3b47-4637-ad7c-4d1c1cbec748}
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
mRun: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
StartupFolder: C:\Users\Phyllis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Phyllis\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Phyllis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SCREEN~1.LNK - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://
TCP: NameServer =
TCP: Interfaces\{73BD1BBB-596A-4971-BC51-8CBFF9CB11DB} : DHCPNameServer =
TCP: Interfaces\{F381B6C9-5FF3-4264-99BD-7DB56032B7E3} : DHCPNameServer =
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp:// 
x64-mSearch Page = hxxp:// 
x64-mDefault_Page_URL = hxxp://
x64-mDefault_Search_URL = hxxp://
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg_DTS] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
================= FIREFOX ===================
FF - ProfilePath - C:\Users\Phyllis\AppData\Roaming\Mozilla\Firefox\Profiles\3hyawouq.default-1384237558205\
FF - prefs.js: browser.startup.homepage - hxxp://
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files\thinkorswim\npthinkorswim.dll
FF - plugin: C:\Program Files\thinkorswim\nptossc.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\Users\Phyllis\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Phyllis\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll
FF - plugin: C:\Users\Phyllis\AppData\Roaming\Mozilla\Firefox\Profiles\3hyawouq.default-1384237558205\extensions\\plugins\npRACtrl.dll
FF - plugin: C:\Users\Phyllis\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
============= SERVICES / DRIVERS ===============
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2013-1-10 47512]
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2014-12-11 116000]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-8-7 28008]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-4-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-11-4 55024]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2015-3-11 25056]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2014-12-11 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2014-12-11 198432]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2014-12-11 161568]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2014-12-11 117024]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-12-11 3873784]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [2013-10-30 927232]
R2 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2013-11-12 118056]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-5-1 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-5-1 1772672]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2013-10-30 240584]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-1-3 183200]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2013-10-24 417640]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-4-30 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-11-12 72216]
R2 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-6-23 109272]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-23 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-23 1133880]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 124568]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2012-10-30 230416]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-11-25 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-6-13 5261584]
R2 WSWNDA3100v2;WSWNDA3100v2;C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2015-3-11 307928]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2014-12-11 367200]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-10-30 96768]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2013-10-30 496400]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-26 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-26 786416]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-6-23 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-23 63704]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-10-30 169432]
S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-6-4 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-6-4 166384]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2014-2-4 7142320]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2015-3-11 1256192]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-10-16 249856]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-8-11 114688]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-17 442368]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-15 19456]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-6-4 1120752]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-3-3 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-15 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-31 1255736]
=============== Created Last 30 ================
2015-08-30 17:58:41   75888   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E4EDB35-1E1A-4722-B958-319DEC694D6B}\offreg.200.dll
2015-08-30 15:39:01   75888   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E4EDB35-1E1A-4722-B958-319DEC694D6B}\offreg.1016.dll
2015-08-30 06:29:49   75888   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E4EDB35-1E1A-4722-B958-319DEC694D6B}\offreg.172.dll
2015-08-30 06:29:24   1190000   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E05FFBB2-7FB3-4F9B-8F8C-79C050DE8D78}\gapaengine.dll
2015-08-30 06:29:14   11745192   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E4EDB35-1E1A-4722-B958-319DEC694D6B}\mpengine.dll
2015-08-29 20:45:59   11745192   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-27 20:12:48   --------   d-----w-   C:\Program Files (x86)\TradeStation 9.5
2015-08-20 07:00:16   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2015-08-20 07:00:16   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2015-08-12 07:10:03   124624   ----a-w-   C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 07:10:03   103120   ----a-w-   C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
==================== Find3M  ====================
2015-08-30 17:59:31   113880   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-08-25 15:15:07   35688   ----a-w-   C:\Windows\System32\LMIport.dll
2015-08-25 15:15:07   122752   ----a-w-   C:\Windows\System32\LMIRfsClientNP.dll
2015-08-25 15:15:07   107368   ----a-w-   C:\Windows\System32\LMIinit.dll
2015-08-12 06:47:09   778440   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2015-08-12 06:47:09   142536   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-30 18:06:57   2565120   ----a-w-   C:\Windows\System32\d3d10warp.dll
2015-07-30 18:06:57   1648128   ----a-w-   C:\Windows\System32\DWrite.dll
2015-07-30 18:06:57   1180160   ----a-w-   C:\Windows\System32\FntCache.dll
2015-07-30 18:06:42   41984   ----a-w-   C:\Windows\System32\lpk.dll
2015-07-30 18:06:39   100864   ----a-w-   C:\Windows\System32\fontsub.dll
2015-07-30 18:06:35   14336   ----a-w-   C:\Windows\System32\dciman32.dll
2015-07-30 18:06:34   46080   ----a-w-   C:\Windows\System32\atmlib.dll
2015-07-30 17:57:30   1987584   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2015-07-30 17:57:30   1251328   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2015-07-30 17:57:08   70656   ----a-w-   C:\Windows\SysWow64\fontsub.dll
2015-07-30 17:57:05   10240   ----a-w-   C:\Windows\SysWow64\dciman32.dll
2015-07-30 17:57:02   34304   ----a-w-   C:\Windows\SysWow64\atmlib.dll
2015-07-30 17:55:56   25600   ----a-w-   C:\Windows\SysWow64\lpk.dll
2015-07-30 16:56:07   3208192   ----a-w-   C:\Windows\System32\win32k.sys
2015-07-30 16:52:53   372736   ----a-w-   C:\Windows\System32\atmfd.dll
2015-07-30 16:49:55   299520   ----a-w-   C:\Windows\SysWow64\atmfd.dll
2015-07-28 20:09:44   17344   ----a-w-   C:\Windows\System32\CompatTelRunner.exe
2015-07-28 20:05:53   774656   ----a-w-   C:\Windows\System32\invagent.dll
2015-07-28 20:05:50   743424   ----a-w-   C:\Windows\System32\generaltel.dll
2015-07-28 20:05:47   437760   ----a-w-   C:\Windows\System32\devinv.dll
2015-07-28 20:05:45   1116672   ----a-w-   C:\Windows\System32\appraiser.dll
2015-07-28 20:05:44   69120   ----a-w-   C:\Windows\System32\acmigration.dll
2015-07-28 20:05:44   227328   ----a-w-   C:\Windows\System32\aepdu.dll
2015-07-28 19:55:14   1148416   ----a-w-   C:\Windows\System32\aeinv.dll
2015-07-20 18:12:45   98304   ----a-w-   C:\Windows\System32\wudriver.dll
2015-07-20 18:12:45   3154944   ----a-w-   C:\Windows\System32\wucltux.dll
2015-07-20 18:12:45   192000   ----a-w-   C:\Windows\System32\wuwebv.dll
2015-07-20 18:12:16   91136   ----a-w-   C:\Windows\System32\WinSetupUI.dll
2015-07-20 18:12:05   12288   ----a-w-   C:\Windows\System32\
2015-07-20 18:12:02   37376   ----a-w-   C:\Windows\System32\wuapp.exe
2015-07-20 17:56:49   93184   ----a-w-   C:\Windows\SysWow64\wudriver.dll
2015-07-20 17:56:49   173056   ----a-w-   C:\Windows\SysWow64\wuwebv.dll
2015-07-20 17:56:08   34816   ----a-w-   C:\Windows\SysWow64\wuapp.exe
2015-07-16 20:54:33   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2015-07-16 20:37:26   66560   ----a-w-   C:\Windows\System32\iesetup.dll
2015-07-16 20:36:31   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2015-07-16 20:36:22   417792   ----a-w-   C:\Windows\System32\html.iec
2015-07-16 20:36:21   584192   ----a-w-   C:\Windows\System32\vbscript.dll
2015-07-16 20:35:40   88064   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2015-07-16 20:26:00   5923328   ----a-w-   C:\Windows\System32\jscript9.dll
2015-07-16 20:21:50   114688   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2015-07-16 20:21:47   144384   ----a-w-   C:\Windows\System32\ieUnatt.exe
2015-07-16 20:21:25   814080   ----a-w-   C:\Windows\System32\jscript9diag.dll
2015-07-16 20:12:23   968704   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2015-07-16 20:00:07   77824   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-07-16 19:51:47   504320   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2015-07-16 19:51:46   62464   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2015-07-16 19:50:54   47616   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2015-07-16 19:50:38   341504   ----a-w-   C:\Windows\SysWow64\html.iec
2015-07-16 19:49:37   64000   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2015-07-16 19:39:20   115712   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2015-07-16 19:38:51   620032   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2015-07-16 19:33:23   1359360   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2015-07-16 19:32:53   2125824   ----a-w-   C:\Windows\System32\inetcpl.cpl
2015-07-16 19:24:03   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-07-16 19:12:42   2427904   ----a-w-   C:\Windows\System32\wininet.dll
2015-07-16 19:12:39   4520448   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2015-07-16 19:12:29   856064   ----a-w-   C:\Windows\SysWow64\rdvidcrl.dll
2015-07-16 19:12:29   53248   ----a-w-   C:\Windows\SysWow64\tsgqec.dll
2015-07-16 19:12:28   6131200   ----a-w-   C:\Windows\SysWow64\mstscax.dll
2015-07-16 19:11:27   62976   ----a-w-   C:\Windows\System32\tsgqec.dll
2015-07-16 19:11:26   7077376   ----a-w-   C:\Windows\System32\mstscax.dll
2015-07-16 19:11:26   1057792   ----a-w-   C:\Windows\System32\rdvidcrl.dll
2015-07-16 19:06:06   2052608   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2015-07-16 19:05:15   1155072   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2015-07-16 18:42:02   1951232   ----a-w-   C:\Windows\SysWow64\wininet.dll
2015-07-16 00:43:52   107392   ----a-w-   C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2015-07-15 18:15:12   5568960   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2015-07-15 18:15:11   94656   ----a-w-   C:\Windows\System32\drivers\mountmgr.sys
2015-07-15 18:15:10   95680   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2015-07-15 18:15:10   155584   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2015-07-15 18:12:09   1730496   ----a-w-   C:\Windows\System32\ntdll.dll
2015-07-15 18:11:14   362496   ----a-w-   C:\Windows\System32\wow64win.dll
2015-07-15 18:11:14   243712   ----a-w-   C:\Windows\System32\wow64.dll
2015-07-15 18:11:14   13312   ----a-w-   C:\Windows\System32\wow64cpu.dll
2015-07-15 18:11:13   215040   ----a-w-   C:\Windows\System32\winsrv.dll
2015-07-15 18:11:01   210944   ----a-w-   C:\Windows\System32\wdigest.dll
2015-07-15 18:09:57   338432   ----a-w-   C:\Windows\System32\conhost.exe
2015-07-15 18:09:52   64000   ----a-w-   C:\Windows\System32\auditpol.exe
2015-07-15 18:05:47   60416   ----a-w-   C:\Windows\System32\msobjs.dll
2015-07-15 18:05:26   146432   ----a-w-   C:\Windows\System32\msaudite.dll
2015-07-15 17:59:45   3989952   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2015-07-15 17:59:45   3934656   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2015-07-15 17:56:24   1311768   ----a-w-   C:\Windows\SysWow64\ntdll.dll
2015-07-15 17:55:07   172032   ----a-w-   C:\Windows\SysWow64\wdigest.dll
2015-07-15 17:55:04   65536   ----a-w-   C:\Windows\SysWow64\TSpkg.dll
2015-07-15 17:55:02   43008   ----a-w-   C:\Windows\SysWow64\srclient.dll
2015-07-15 17:55:00   248832   ----a-w-   C:\Windows\SysWow64\schannel.dll
2015-07-15 17:55:00   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2015-07-15 17:54:56   14336   ----a-w-   C:\Windows\SysWow64\ntvdm64.dll
2015-07-15 17:54:55   221184   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
2015-07-15 17:54:54   259584   ----a-w-   C:\Windows\SysWow64\msv1_0.dll
2015-07-15 17:54:49   552960   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2015-07-15 17:54:43   36864   ----a-w-   C:\Windows\SysWow64\cryptbase.dll
============= FINISH: 14:01:37.66 ===============

   Hello Blackxxx01,
Glad you are still with me, good that you have stopped & asked before going any farther.Screenshot is fine too.

I should have explained what we are doing...Your profile is being renamed so that when Revo uninstalls your
current copy of Firefox, it will not delete your profile which can be moved back into the new copy of Firefox.
Otherwise you would get a default profile with none of your preferences, add- ons etc. installed.
  • So right click on your profile (9jsBh4ko.default)
  • In the pop up window click on Open File Location
  • In the Profiles window Right Click on the Profile & select Rename
  • Delete "9jsBh4ko.default" & rename it by typing Pete Profile
  • Click on the file to confirm & exit.

Next. Go ahead & remove your copy of Firefox with Revo instructions in post above ( Reply #16 on: August 25, 2015, 07:11:15 AM »)

Don`t hesitate to ask if you are uncertain about any point

Let me know how it went.


Windows 10 / Deep dives into the privacy of Microsoft’s new OS
« Last post by Bugbatter on Yesterday at 07:42:59 AM »
Windows 10 Privacy FAQ's

No Microsoft Is Not Spying On You With Windows 10
The Windows 10 privacy agreement doesn't mean Microsoft is secretly stealing the data from your hard disk. Where do people come up with these crazy ideas?
Hello Ben,

Thanks for the logs, to receive a notification of thread replies select the "Notify" tab at the top of the thread, accept the prompt....

Continue please:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.


Please follow these instructions:-

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:

64 Bit version:

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

Let me see those logs, also give an update on any remaining issues or concerns....

Thank you,

Pages: 1 [2] 3 4 ... 10
Click Here