Jump to content

CCSwells

Members
 View Profile  See their activity

  • Posts

    10

  • Joined

  • Last visited

 Content Type 

Everything posted by CCSwells

  1. CCSwells
    Thanks for your help!
  2. CCSwells
    My Apologies: The requested files are attached FRST.txt Addition.txt CheckResults.txt
  3. CCSwells
    2nd post MBAM CheckResultsmbam-check result log version: 2.1.1.1001======================================== User Account type: AdministratorOS: Windows 7 Service Pack 1 Service Pack 1 64 bit Operating SystemCurrent Version and Build: 6.1.7601.0 Malwarebytes Anti-Malware: 2.0.3.1025Installed On: 2014/11/20Malware Database: 2014.11.24.10Rootkit Database: 2014.11.22.01Remediation Database: 2013.10.16.01IP Database: 0000.00.00.00Domain Database: 0000.00.00.00License: PremiumMalware Protection: 4 (The service is running.)Malicious Website Protection: 1 (The service is not running.)Chameleon: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleonLog Created: 2014/11/24 18:28:56Compatibility Flag Settings:================================= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\LayersHKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\LayersC:\Program Files (x86)\Skype\Phone\Skype.exeREG_SZ # WINXPSP2 Malwarebytes Anti-Malware Shell Extension Block Check:====================================================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked: MBAM Startup Entries: =====================HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnceHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Malwarebytes Anti-Malware Service and Driver Status:======================================================= --------------Driver File Info:--------------C:\windows\system32\drivers\mbam.sysFile Size: 25816 BYTES FileVersion: 0.1.15.0 MD5: [5c3669b71657f22e67a1d4bd49d2cbe7]C:\windows\system32\drivers\mwac.sysFile Size: 63704 BYTES FileVersion: 1.0.6.0 MD5: [95ef63a7827d4e3a229cbbcb42619e93]C:\windows\system32\drivers\mbamswissarmy.sysFile Size: 129752 BYTES FileVersion: 0.2.13.0 MD5: [26c43960c99ee861a5d0edc4dcf3b1c3]C:\windows\system32\drivers\mbamchameleon.sysFile Size: 93400 BYTES FileVersion: 1.1.4.0 MD5: [d3311b31c470e7681b14d9b014cbf9ed] --------------MBAMProtector:--------------Type: 2State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)WIN32_EXIT_CODE: 0SERVICE_EXIT_CODE: 0CHECKPOINT: 0WAIT_HINT: 0 --------------MBAMService:--------------Type: 16State: 4 (The service is running.)WIN32_EXIT_CODE: 0SERVICE_EXIT_CODE: 0CHECKPOINT: 0WAIT_HINT: 0 --------------MBAMScheduler:--------------Type: 16State: 4 (The service is running.)WIN32_EXIT_CODE: 0SERVICE_EXIT_CODE: 0CHECKPOINT: 0WAIT_HINT: 0 --------------MBAMChameleon:--------------Type: N/AState: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleonWIN32_EXIT_CODE: N/ASERVICE_EXIT_CODE: N/ACHECKPOINT: N/AWAIT_HINT: N/A --------------MBAMWebAccessControl:--------------Type: 2State: 1 (The service is not running.) (State is stopped)WIN32_EXIT_CODE: 1075SERVICE_EXIT_CODE: 0CHECKPOINT: 0WAIT_HINT: 0 Required Dependencies:====================== --------------BFE:--------------Type: N/AState: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: BFEWIN32_EXIT_CODE: N/ASERVICE_EXIT_CODE: N/ACHECKPOINT: N/AWAIT_HINT: N/A HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFEHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\ParametersHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\PolicyHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTimeHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\FilterHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\PersistentHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\FilterHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\ProviderHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer--------------fltmgr:--------------Type: 2State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)WIN32_EXIT_CODE: 0SERVICE_EXIT_CODE: 0CHECKPOINT: 0WAIT_HINT: 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgrAttachWhenLoaded REG_DWORD 1DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001Group REG_SZ FSFilter InfrastructureImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sysDescription REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000ErrorControl REG_DWORD 3Start REG_DWORD 0Tag REG_DWORD 1Type REG_DWORD 2HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum0 REG_SZ Root\LEGACY_FLTMGR\0000Count REG_DWORD 1NextInstance REG_DWORD 1 C:\windows\system32\drivers\fltmgr.sysFile Size: 289664 BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]C:\windows\SysWOW64\olepro32.dllFile Size: 90112 BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96] MBAM Registry Settings and License Info:========================================--------------Settings:--------------Advanced: AutomaticQuarantine: true AutostartProtection: true LimitedMode: false StartSilentMode: false StartupDelay: 0 ApplicationState: First-Run-After-Installation: false General: DaysUntilNotifyExpiration: 5 Language: en RightClickAccess: false SilentErrors: false Logging: ExportLog: true Notification: ProtectionTray: DisplayMilliseconds: 7000 ScanHistory: Duration_Complete: 100058 Duration_Driver: 0 Duration_Filesystem: 69 Duration_Heuristics: 440224 Duration_Loading: 0 Duration_MasterBootRecord: 0 Duration_Memory: 40000 Duration_PreScan: 13713 Duration_Registry: 16061 Duration_Sector: 0 Duration_Startup: 6246 ItemCount_Complete: 262227 ItemCount_Driver: 0 ItemCount_Filesystem: 42005 ItemCount_Heuristics: 8939 ItemCount_Loading: 0 ItemCount_MasterBootRecord: 0 ItemCount_Memory: 2797 ItemCount_PreScan: 0 ItemCount_Registry: 539 ItemCount_Sector: 0 ItemCount_Startup: 882 LastScanDateEpoch: 1416869269739 LastScanType: 1 (Threat Scan)Update: LastUpdate: 2014-11-24T23:03:37 NotifyInstallReady: true NotifyOutdatedDatabase: 7 ProxyPassword: ProxyPort: 0 ProxyServer: ProxyUsername: UseProxy: false UseProxyAuthentication: false --------------Account:-------------- Account Status: Premium Expiration Time: 2034/11/20 23:00:56 Activation Time: 2014/11/20 23:00:56 Trial Used: true --------------Access Policies:-------------- Scheduler Queue:================ tasks: 221cda88-6087-4dd4-b7b0-a00aa3983e4a: parameters: NotifyWhenUpdateCompletes: true TaskType: 3 triggers: 2dd7f2e8-a003-4f18-bed2-1f632ef296bd: dateinterval: 0:0:0 lastscheduled: Mon, 24 Nov 2014 18:03:28.295032 -0500 lasttriggered: Mon, 24 Nov 2014 18:03:28.295032 -0500 nextscheduled: Mon, 24 Nov 2014 19:15:01.278844 -0500 recovery: 00:00:00 start: Thu, 20 Nov 2014 23:03:28.278844 -0500 timeinterval: 01:00:00 type: 3 uuid: 2dd7f2e8-a003-4f18-bed2-1f632ef296bd type: update uuid: 221cda88-6087-4dd4-b7b0-a00aa3983e4a 250d292c-9e2f-4e3a-b646-648ce2c8c68d: parameters: CheckForUpdatesBeforeScanStart: true ProcessLaunchedFromScheduler: true ScanConfig: ExitWhenNoMalwareDetected: false ExportLog: true FileSystemOption: true RebootSystemWhenMalwareDetected: false RemoveMalwareAutomaticallyWhenScanEnds: false ScanArchives: true ScanExtra: true ScanHeuristic: true ScanMemoryObjects: true ScanPUM: 2 ScanPUP: 2 ScanRegistry: true ScanRootkits: false ScanStartup: true ScanTargets: ScanType: 1 (Threat Scan) Silent: true TerminateExplorerWhenMalwareIsRemoved: false StartTaskFromSystemAccount: false TaskType: 0 triggers: 0ea4d9ff-cab0-471e-a67d-a5377cf06b42: dateinterval: 1:0:0 lastscheduled: Mon, 24 Nov 2014 17:47:35.784830 -0500 lasttriggered: Mon, 24 Nov 2014 17:47:35.784830 -0500 nextscheduled: Tue, 25 Nov 2014 02:04:41 -0500 recovery: 23:00:00 start: Fri, 21 Nov 2014 02:06:54 -0500 timeinterval: 00:00:00 type: 4 uuid: 0ea4d9ff-cab0-471e-a67d-a5377cf06b42 type: scan uuid: 250d292c-9e2f-4e3a-b646-648ce2c8c68d Pending File Rename Operations: ================================If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.Pending File Rename Operations: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\home\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db MBAMProtector Registry Values:============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtectorType REG_DWORD 2Start REG_DWORD 3ErrorControl REG_DWORD 1ImagePath REG_EXPAND_SZ \??\C:\windows\system32\drivers\mbam.sysGroup REG_SZ FSFilter Anti-VirusDependOnService REG_MULTI_SZ FltMgr WOW64 REG_DWORD 1HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\InstancesDefaultInstance REG_SZ MBAMProtector InstanceHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector InstanceAltitude REG_SZ 328800Flags REG_DWORD 0HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\ParametersPassThruFile REG_SZ mbampt.exeProductPath REG_SZ C:\Program Files (x86)\Malwarebytes Anti-MalwareHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000Count REG_DWORD 1NextInstance REG_DWORD 1 MBAMService Registry Values:============================ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMServiceType REG_DWORD 16Start REG_DWORD 2ErrorControl REG_DWORD 1ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"DependOnService REG_MULTI_SZ MBAMProtector WOW64 REG_DWORD 1ObjectName REG_SZ LocalSystemDescription REG_SZ Malwarebytes Anti-Malware serviceDelayedAutostart REG_DWORD 0 MBAMScheduler Registry Values:============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMSchedulerType REG_DWORD 16Start REG_DWORD 2ErrorControl REG_DWORD 1ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"WOW64 REG_DWORD 1ObjectName REG_SZ LocalSystemDescription REG_SZ Malwarebytes Anti-Malware scheduler Terminal Services Status for (null) entries in PM logs and GetUserToken errors:=============================================================================== --------------TERMService:--------------Type: 32State: 4 (The service is running.)WIN32_EXIT_CODE: 0SERVICE_EXIT_CODE: 0CHECKPOINT: 0WAIT_HINT: 0 TermService Start is set to: 2 (Automatic Startup) Proxy Status: No proxy is Set LAN Settings:============= only 'Automatically detect settings' is selected SystemPartition:================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemPartition REG_SZ \Device\HarddiskVolume1 Balloon Tips Status:==================== Enabled Time Format Settings:===================== Should be:h:mm:ss ttAM PM : Currently:REG_SZ h:mm:ss ttREG_SZ AMREG_SZ PMREG_SZ : Language and Regional Settings:=============================== ACP: Language is English (United States)MACCP: Language is English (United States)OEMCP: Language is English (United States) Startup Folders for Error_Expanding_Variables Check:==================================================== All Users Startup Folder Exists.Current User's Startup Folder Exists. Context Menu Entries:===================== List of MBAM Related Directories:================================= C:\Program Files (x86)\Malwarebytes Anti-Malware\7z.dll File Size: 920888 BYTES FileVersion: 9.20.0.0 MD5: [ce5bab535bfa98530ddac4661a751dfe]changes.txt File Size: 3104 BYTES FileVersion: N/A MD5: [3ac874d1e1bfd50e4ceb220f5dd73f67]license.rtf File Size: 39478 BYTES FileVersion: N/A MD5: [8627b31943a534aad30d154c2b2c1aaf]master.conf File Size: 1258 BYTES FileVersion: N/A MD5: [9702ca5e82d3756c6d8af34a2ababaea]mbam.dll File Size: 579896 BYTES FileVersion: 1.0.16.0 MD5: [59569d4be0d79a2b8c3241c6dcea0034]mbam.exe File Size: 7229752 BYTES FileVersion: 1.0.1.711 MD5: [f89773dfa9b8c95a3ac2af1e7d99e483]mbamcore.dll File Size: 1829176 BYTES FileVersion: 1.1.20.0 MD5: [a8d4b1d04a5fcd862321ce106da7ce4e]mbamdor.exe File Size: 54072 BYTES FileVersion: 1.0.1.0 MD5: [842c198bb5fb3a051c34d493f3a7dff4]mbamext.dll File Size: 310584 BYTES FileVersion: 3.0.6.0 MD5: [c49fe57cfa679dc1427fd6737bdce551]mbampt.exe File Size: 39736 BYTES FileVersion: 1.0.0.0 MD5: [03cfd2a07ddf755aafac6e459d2d855a]mbamscheduler.exe File Size: 1871160 BYTES FileVersion: 3.1.1.0 MD5: [6d8a2ee4244630b290a837e79c0f37a1]mbamservice.exe File Size: 968504 BYTES FileVersion: 3.0.8.0 MD5: [09d4503cbb6adb3a54e7c7a75090b728]mbamsrv.dll File Size: 4463928 BYTES FileVersion: 1.2.0.0 MD5: [a422816a15cfac50567fd0f6582fd2cf]msvcp100.dll File Size: 421688 BYTES FileVersion: 10.0.40219.325 MD5: [ca55500e2e0515fcc888c4a5e01e64b7]msvcr100.dll File Size: 774456 BYTES FileVersion: 10.0.40219.325 MD5: [4c539e592e50633b21ab1e1fda40a32a]QtCore4.dll File Size: 2732856 BYTES FileVersion: 4.8.4.0 MD5: [61af7614418ba5b9e8b4eb82e459be53]QtGui4.dll File Size: 8575288 BYTES FileVersion: 4.8.4.0 MD5: [2954dc080087cf73818f959cb3ed9c13]QtNetwork4.dll File Size: 909112 BYTES FileVersion: 4.8.4.0 MD5: [d36b759179ddd214743dcfb8ed791fa2]unins000.dat File Size: 48426 BYTES FileVersion: N/A MD5: [fa1e1cb5bb7b83474b829c092c4074e6]unins000.exe File Size: 718037 BYTES FileVersion: 51.52.0.0 MD5: [d2796ecf50731e696f0c065d24c0827a] C:\Program Files (x86)\Malwarebytes Anti-Malware\\accessibleqtaccessiblewidgets4.dll File Size: 198968 BYTES FileVersion: 4.8.4.0 MD5: [ac1481e30e75034928f50923c42a530d] C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windowschameleon.chm File Size: 235882 BYTES FileVersion: N/A MD5: [c4190b71f037714aa77aba294434ba5b]firefox.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]firefox.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]firefox.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]firefox.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]iexplore.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]mbam-chameleon.com File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]mbam-chameleon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]mbam-chameleon.pif File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]mbam-chameleon.scr File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]mbam-killer.exe File Size: 1188664 BYTES FileVersion: 3.0.2.0 MD5: [311251e69b0db0562be1a2d6b556e552]rundll32.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]svchost.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]windows.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]winlogon.exe File Size: 761656 BYTES FileVersion: 3.1.7.0 MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f] C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformatsqgif4.dll File Size: 32568 BYTES FileVersion: 4.8.4.0 MD5: [ff014ac49ac32e5f1c7d6e271b320893] C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languageslang_ar.qm File Size: 139423 BYTES FileVersion: N/A MD5: [9771d098e918204a99fa0068f431e6ba]lang_bg.qm File Size: 147865 BYTES FileVersion: N/A MD5: [d250b37179f313e58267f7946e0522d4]lang_bs.qm File Size: 145523 BYTES FileVersion: N/A MD5: [6ab7a6274d4f9f7553c944f5c66201ba]lang_ca.qm File Size: 149256 BYTES FileVersion: N/A MD5: [0cc2735ee2f231ea5d964c323ca73e08]lang_cs.qm File Size: 142601 BYTES FileVersion: N/A MD5: [8426f7126d2851a1e6ca1f1f7e45d2ec]lang_da.qm File Size: 143131 BYTES FileVersion: N/A MD5: [6fe13d4a5a44a3390bf9940404eeb6c7]lang_de.qm File Size: 151959 BYTES FileVersion: N/A MD5: [9517c7c9865b5641c5c250c84b51a6d1]lang_el.qm File Size: 152327 BYTES FileVersion: N/A MD5: [4cd483236d99cf40e9d8cf534bac05e7]lang_en.qm File Size: 137689 BYTES FileVersion: N/A MD5: [d34a8afc30bb472c443f7f088513ff04]lang_es.qm File Size: 149211 BYTES FileVersion: N/A MD5: [1ee5f6535d02c94812e54e3ed65de6ac]lang_et.qm File Size: 141939 BYTES FileVersion: N/A MD5: [f6faee4a33654bb27dcf2f9d4cf955ef]lang_fi.qm File Size: 145730 BYTES FileVersion: N/A MD5: [9f4ff431ec70747591ef0e0eaf3ed2cb]lang_fr.qm File Size: 153965 BYTES FileVersion: N/A MD5: [8dd69dd62ee617dc3ca4f25ab2c70af8]lang_he.qm File Size: 134117 BYTES FileVersion: N/A MD5: [3ad149f1778e6e8f8f89ecfe67a1e62e]lang_hr.qm File Size: 139841 BYTES FileVersion: N/A MD5: [3e3737fe86eb595c5f6817eebf731aa7]lang_hu.qm File Size: 147806 BYTES FileVersion: N/A MD5: [7c3ae4dde80fa8759968b218a03a7a73]lang_id.qm File Size: 145710 BYTES FileVersion: N/A MD5: [c2a0325d9dfb5c5fce7a4832837896e7]lang_it.qm File Size: 148249 BYTES FileVersion: N/A MD5: [4766a519a653d8e6f6ad32094a2a059b]lang_ja.qm File Size: 122782 BYTES FileVersion: N/A MD5: [339134f906b770b833653682264bdc23]lang_ko.qm File Size: 119240 BYTES FileVersion: N/A MD5: [5042df441910dfe9f6a55d3c005b00c7]lang_lt.qm File Size: 146950 BYTES FileVersion: N/A MD5: [5c0fca31ff0a6d2b3f6d1722940a2dc6]lang_lv.qm File Size: 146072 BYTES FileVersion: N/A MD5: [8623ed6977cd81c0d520f5fd84788d93]lang_nl.qm File Size: 147725 BYTES FileVersion: N/A MD5: [1b391d5599be4724018624a27014eb75]lang_no.qm File Size: 144153 BYTES FileVersion: N/A MD5: [2d53348f8e74f26f065e0c83e8fff7fe]lang_pl.qm File Size: 147483 BYTES FileVersion: N/A MD5: [ce39bae20f8a2b42f93f2f5a5c6dd63e]lang_pt_BR.qm File Size: 146906 BYTES FileVersion: N/A MD5: [b337c75fa23ba36176719d54c0269560]lang_pt_PT.qm File Size: 144956 BYTES FileVersion: N/A MD5: [b41016907930a96a11aadb348fd9a1b6]lang_ro.qm File Size: 146821 BYTES FileVersion: N/A MD5: [69c447559268a873808d5ae48b425ad9]lang_ru.qm File Size: 148179 BYTES FileVersion: N/A MD5: [51d4d0c155de54f24b09be7040a7ff15]lang_sk.qm File Size: 144330 BYTES FileVersion: N/A MD5: [3a00a97315c24e6820f8939920ef14b4]lang_sl.qm File Size: 144582 BYTES FileVersion: N/A MD5: [47db99ccdd98936e6a38957321c71317]lang_sr.qm File Size: 143261 BYTES FileVersion: N/A MD5: [377d15c0da0249f4a7a58978b6307d81]lang_sv.qm File Size: 145435 BYTES FileVersion: N/A MD5: [a2b33c0364aad3e9d7daafdd4f286ee1]lang_th.qm File Size: 137957 BYTES FileVersion: N/A MD5: [6a24ece552172d805cd428853255d294]lang_tr.qm File Size: 144262 BYTES FileVersion: N/A MD5: [18b7fec7611c038780ee77044e523f70]lang_vi.qm File Size: 144480 BYTES FileVersion: N/A MD5: [708062759498e791186bbe64b7246d0c]lang_zh_tr.qm File Size: 110870 BYTES FileVersion: N/A MD5: [f223d83580b1ee35edea13293cb2c80d] C:\Program Files (x86)\Malwarebytes Anti-Malware\\Pluginsfixdamage.exe File Size: 821560 BYTES FileVersion: 1.1.0.1010 MD5: [0d7dd0e7f98a4f414fed44af0b50128b] C:\Users\home\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malwareactions.ref File Size: 314 BYTES FileVersion: N/A MD5: [b26a36c0696e299fdfebe180c09c2737]domains.ref File Size: 38 BYTES FileVersion: N/A MD5: [8c30b536b67543eb68e68b9640d4d498]exclusions.dat File Size: 0 BYTES FileVersion: N/A MD5: [d41d8cd98f00b204e9800998ecf8427e]ips.ref File Size: 33 BYTES FileVersion: N/A MD5: [8a1c580788ea8de3f32862c2c1cf373c]mbam-setup.exe File Size: 19828376 BYTES FileVersion: 2.0.3.1025 MD5: [33398d340008a0577507fca7fd443622]rules.ref File Size: 10267355 BYTES FileVersion: N/A MD5: [7586983e20fd5488e61fab39ab082e24]swissarmy.ref File Size: 24132 BYTES FileVersion: N/A MD5: [5441d75bac9a39c8dac2c1f691720f26] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configurationbuild.conf File Size: 4575 BYTES FileVersion: N/A MD5: [d7db71e480e60c35659288dd471688b6]database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]license.conf File Size: 586 BYTES FileVersion: N/A MD5: [a9278a8f2807df300a30fb3f555f0b65]manifest.conf File Size: 1716 BYTES FileVersion: N/A MD5: [78b2a3e4ab36cf7bb1dc7c8e83c0e869]marketing.conf File Size: 1434 BYTES FileVersion: N/A MD5: [19533c40d9c9778b2ab423dbcf063d80]net.conf File Size: 6072 BYTES FileVersion: N/A MD5: [ecff826c256b02bdf6340be8c499c553]notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]scheduler.conf File Size: 2234 BYTES FileVersion: N/A MD5: [c1c6e99f3e9777f19a80e334fe1acd69]settings.conf File Size: 1990 BYTES FileVersion: N/A MD5: [2036f4b97cd52adbc0a7ed6443f2ef7d]statistics.conf File Size: 597 BYTES FileVersion: N/A MD5: [adbe110d61d7841d06a3993f0a05f6a2] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restorebuild.conf File Size: 4155 BYTES FileVersion: N/A MD5: [287475cbeda24d01fe8d34660bc35e1c]database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]license.conf File Size: 23 BYTES FileVersion: N/A MD5: [0ec01df616b565180556881d8042255b]manifest.conf File Size: 1566 BYTES FileVersion: N/A MD5: [29b928c33aec22293649d003ea4ef224]marketing.conf File Size: 1434 BYTES FileVersion: N/A MD5: [19533c40d9c9778b2ab423dbcf063d80]net.conf File Size: 5344 BYTES FileVersion: N/A MD5: [973e9c5714cc0c56a7b9c83d876754dd]notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]scheduler.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]settings.conf File Size: 1725 BYTES FileVersion: N/A MD5: [06c52d7137dac16e1661f7cf004f2e4d]statistics.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logsmbam-log-2014-11-21 (02-14-37).xml File Size: 2500 BYTES FileVersion: N/A MD5: [16c9c44b7ebc782fff19602fd3ad34c7]mbam-log-2014-11-22 (15-00-25).xml File Size: 2492 BYTES FileVersion: N/A MD5: [fb9acb07ecbb337858f240579dcab812]mbam-log-2014-11-23 (13-24-48).xml File Size: 2500 BYTES FileVersion: N/A MD5: [55f6a247715fdf4859cfb27949a42823]mbam-log-2014-11-24 (17-47-48).xml File Size: 2498 BYTES FileVersion: N/A MD5: [6a0a60cd79e06d2ffc52baeafb0364ad]protection-log-2014-11-20.xml File Size: 11667 BYTES FileVersion: N/A MD5: [f71d30239fa37fa5bb7c340185b36d63]protection-log-2014-11-21.xml File Size: 5586 BYTES FileVersion: N/A MD5: [d13c7f225fc5132efee075c33d62e1a3]protection-log-2014-11-22.xml File Size: 12874 BYTES FileVersion: N/A MD5: [b966d9faae5fa4537afd26a3f9ea0aaa]protection-log-2014-11-23.xml File Size: 8789 BYTES FileVersion: N/A MD5: [fb15b4483a02f5c6e2388c3d03fa4bc2]protection-log-2014-11-24.xml File Size: 3899 BYTES FileVersion: N/A MD5: [9d9833e2619c4a361d98894e068ea379] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine Malware Exclusions:===================Web Exclusions:================Quarantined Items:==================================================================================END OF FILE
  4. CCSwells
    Hi Thanks for your help in advance Here are the logs requested: ( in multiple posts) Frst Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 (ATTENTION: ====> FRST version is 73 days old and could be outdated)Ran by home (administrator) on HOME-PC on 24-11-2014 17:53:10Running from F:\Tools\newTools9-18-14\random-audioPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCAvSvc.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe() C:\Windows\jmesoft\Service.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Monitor.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe(Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE() C:\Users\home\AppData\Roaming\U3\0877610284505F6C\LaunchPad.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\AutoUpdate.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [LenovoFSC] => C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-3028798937-3693838314-2347457642-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe [2562368 2013-12-02] (IObit)HKU\S-1-5-21-3028798937-3693838314-2347457642-1001\...\MountPoints2: E - E:\LaunchU3.exe -aHKU\S-1-5-21-3028798937-3693838314-2347457642-1001\...\MountPoints2: {1b29895a-f0e9-11e3-99f2-4437e62a9b39} - E:\LaunchU3.exe -aHKU\S-1-5-21-3028798937-3693838314-2347457642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe [2562368 2013-12-02] (IObit)HKU\S-1-5-21-3028798937-3693838314-2347457642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - E:\LaunchU3.exe -aHKU\S-1-5-21-3028798937-3693838314-2347457642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1b29895a-f0e9-11e3-99f2-4437e62a9b39} - E:\LaunchU3.exe -aBootExecute: autocheck autochk * bootdelete ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No FileStartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM-x32 - DefaultScope value is missing.SearchScopes: HKCU - {ED21CEE4-EC8D-46F5-A2B9-0C6A775E593A} URL = https://www.google.com/search?q={searchTerms}BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: =======CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ppGoogleNaClPluginChrome.dll No FileCHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll ()CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Computer, Inc.)CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Computer, Inc.)CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Computer, Inc.)CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Computer, Inc.)CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Computer, Inc.)CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Computer, Inc.)CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Computer, Inc.)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll No FileCHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No FileCHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No FileCHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\windows\SysWOW64\npDeployJava1.dll No FileCHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No FileCHR Profile: C:\Users\home\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]CHR Extension: (Google Drive) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]CHR Extension: (YouTube) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]CHR Extension: (Google Search) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]CHR Extension: (Google Wallet) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]CHR Extension: (Gmail) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe [886592 2013-11-15] (IObit)R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe [646976 2013-11-28] (IOBit)R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] () [File not signed]S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 bdfsfltr; C:\windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender)S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [32512 2014-06-10] ()R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-24] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11848 2009-06-05] ()U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2014-11-20] ()S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [329800 2011-11-21] (BitDefender S.R.L.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-24 17:53 - 2014-11-24 17:53 - 00000000 ____D () C:\FRST2014-11-23 21:15 - 2014-11-24 17:47 - 00000112 _____ () C:\windows\setupact.log2014-11-23 21:15 - 2014-11-23 21:15 - 00000592 _____ () C:\windows\PFRO.log2014-11-23 21:15 - 2014-11-23 21:15 - 00000000 _____ () C:\windows\setuperr.log2014-11-23 18:26 - 2014-11-23 18:26 - 00000000 ____D () C:\Users\home\AppData\Local\{A0A39584-6203-405B-BAF2-79759997713C}2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\Users\home\AppData\Local\{2F23B26A-CD4F-4176-9C25-15B7154CD705}2014-11-20 22:38 - 2014-11-24 17:47 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-11-20 22:38 - 2014-11-20 22:45 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-11-20 22:38 - 2014-11-20 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-11-20 22:38 - 2014-11-20 22:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-11-20 22:38 - 2014-11-20 22:38 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-11-20 22:38 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2014-11-20 22:38 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2014-11-20 22:38 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys2014-11-20 12:14 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe2014-11-20 12:13 - 2014-11-20 12:13 - 00004625 _____ () C:\windows\SysWOW64\jupdate-1.7.0_71-b14.log2014-11-20 12:13 - 2014-11-20 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-11-20 12:13 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll2014-11-20 12:13 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe2014-11-20 12:13 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe2014-11-20 12:04 - 2014-11-20 12:04 - 00321848 _____ (Malwarebytes Corporation) C:\Users\home\Downloads\mbam-clean-2.1.1.1001.exe2014-11-20 11:43 - 2014-11-20 11:43 - 00000000 ____D () C:\Users\home\AppData\Local\{A5E1A318-D4D5-4059-9002-E8229BAB7850}2014-11-19 10:34 - 2014-11-15 21:16 - 01707532 _____ (Thisisu) C:\Users\home\Desktop\JRT_NEW.exe2014-11-19 10:27 - 2014-11-20 11:07 - 00037624 _____ () C:\windows\system32\Drivers\TrueSight.sys2014-11-19 10:27 - 2014-11-19 10:27 - 00000000 ____D () C:\ProgramData\RogueKiller2014-11-16 17:23 - 2014-11-16 17:23 - 00000000 __SHD () C:\Users\home\AppData\Local\EmieBrowserModeList2014-11-15 21:14 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys2014-11-15 21:14 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll2014-11-15 21:14 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll2014-11-15 21:14 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll2014-11-15 21:14 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll2014-11-15 21:14 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll2014-11-15 21:14 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll2014-11-15 21:14 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll2014-11-15 21:14 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll2014-11-15 21:13 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2014-11-15 21:13 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2014-11-15 21:13 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-11-15 21:13 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-11-15 21:13 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2014-11-15 21:13 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-11-15 21:13 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2014-11-15 21:13 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2014-11-15 21:13 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2014-11-15 21:13 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-11-15 21:13 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-11-15 21:13 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-11-15 21:13 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2014-11-15 21:13 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2014-11-15 21:13 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2014-11-15 21:13 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2014-11-15 21:13 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-11-15 21:13 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-11-15 21:13 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2014-11-15 21:13 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-11-15 21:13 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2014-11-15 21:13 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-11-15 21:13 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2014-11-15 21:13 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-11-15 21:13 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2014-11-15 21:13 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2014-11-15 21:13 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-11-15 21:13 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-11-15 21:13 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-11-15 21:13 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-11-15 21:13 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2014-11-15 21:13 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2014-11-15 21:13 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2014-11-15 21:13 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2014-11-15 21:13 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-11-15 21:13 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-11-15 21:13 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2014-11-15 21:13 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-11-15 21:13 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-11-15 21:13 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2014-11-15 21:13 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-11-15 21:13 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-11-15 21:13 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2014-11-15 21:13 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-11-15 21:13 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-11-15 21:13 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-11-15 21:13 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-11-15 21:13 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-11-15 21:13 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2014-11-15 21:13 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-11-15 21:13 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-11-15 21:13 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-11-15 21:13 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2014-11-15 21:13 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-11-15 21:13 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-11-15 21:13 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2014-11-15 21:11 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll2014-11-15 21:10 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll2014-11-15 21:10 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll2014-11-15 21:10 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll2014-11-15 21:10 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll2014-11-15 21:10 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll2014-11-15 21:10 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll2014-11-15 21:10 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys2014-11-15 21:10 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll2014-11-15 21:10 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll2014-11-15 21:10 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll2014-11-15 21:10 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll2014-11-15 21:10 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll2014-11-15 21:10 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll2014-11-15 21:10 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll2014-11-15 21:10 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll2014-11-15 21:10 - 2014-09-19 04:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll2014-11-15 21:10 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll2014-11-15 21:10 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll2014-11-15 21:10 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll2014-11-15 21:10 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll2014-11-15 21:10 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll2014-11-15 21:10 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll2014-11-15 21:10 - 2014-09-19 04:23 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll2014-11-15 21:10 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll2014-11-15 21:10 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll2014-11-15 21:10 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll2014-11-15 21:10 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll2014-11-15 21:10 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll2014-11-15 21:10 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll2014-11-15 21:10 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll2014-11-15 21:10 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll2014-11-15 21:10 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll2014-11-15 21:10 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL2014-11-15 21:10 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL2014-11-01 17:43 - 2014-11-20 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-24 17:53 - 2014-11-24 17:53 - 00000000 ____D () C:\FRST2014-11-24 17:51 - 2009-07-14 00:13 - 00006514 _____ () C:\windows\system32\PerfStringBackup.INI2014-11-24 17:48 - 2014-06-10 17:41 - 00000000 ____D () C:\ProgramData\ProductData2014-11-24 17:47 - 2014-11-23 21:15 - 00000112 _____ () C:\windows\setupact.log2014-11-24 17:47 - 2014-11-20 22:38 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-11-24 17:47 - 2014-04-07 12:57 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2014-11-24 17:47 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2014-11-23 21:37 - 2014-04-07 12:57 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2014-11-23 21:23 - 2009-07-13 23:45 - 00017952 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-11-23 21:23 - 2009-07-13 23:45 - 00017952 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-11-23 21:18 - 2014-04-07 12:56 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2014-11-23 21:15 - 2014-11-23 21:15 - 00000592 _____ () C:\windows\PFRO.log2014-11-23 21:15 - 2014-11-23 21:15 - 00000000 _____ () C:\windows\setuperr.log2014-11-23 18:26 - 2014-11-23 18:26 - 00000000 ____D () C:\Users\home\AppData\Local\{A0A39584-6203-405B-BAF2-79759997713C}2014-11-23 18:26 - 2011-09-17 05:48 - 00000000 ____D () C:\Users\home\AppData\Roaming\Skype2014-11-22 15:11 - 2014-11-22 15:11 - 00000000 ____D () C:\Users\home\AppData\Local\{2F23B26A-CD4F-4176-9C25-15B7154CD705}2014-11-22 15:09 - 2014-04-07 12:57 - 00002102 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-11-20 22:45 - 2014-11-20 22:38 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-11-20 22:45 - 2014-11-20 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-11-20 22:45 - 2014-11-20 22:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-11-20 22:38 - 2014-11-20 22:38 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-11-20 21:56 - 2011-06-07 23:05 - 01775052 _____ () C:\windows\WindowsUpdate.log2014-11-20 12:41 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache2014-11-20 12:15 - 2014-05-23 23:47 - 00000000 ____D () C:\ProgramData\Oracle2014-11-20 12:13 - 2014-11-20 12:13 - 00004625 _____ () C:\windows\SysWOW64\jupdate-1.7.0_71-b14.log2014-11-20 12:13 - 2014-11-20 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-11-20 12:13 - 2012-05-07 16:08 - 00000000 ____D () C:\Program Files (x86)\Java2014-11-20 12:04 - 2014-11-20 12:04 - 00321848 _____ (Malwarebytes Corporation) C:\Users\home\Downloads\mbam-clean-2.1.1.1001.exe2014-11-20 11:50 - 2014-11-01 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons2014-11-20 11:50 - 2011-12-29 21:28 - 00000000 ____D () C:\windows\Minidump2014-11-20 11:43 - 2014-11-20 11:43 - 00000000 ____D () C:\Users\home\AppData\Local\{A5E1A318-D4D5-4059-9002-E8229BAB7850}2014-11-20 11:07 - 2014-11-19 10:27 - 00037624 _____ () C:\windows\system32\Drivers\TrueSight.sys2014-11-20 11:07 - 2014-06-10 16:54 - 00000000 ____D () C:\TDSSKiller_Quarantine2014-11-19 10:37 - 2009-07-14 00:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD2014-11-19 10:27 - 2014-11-19 10:27 - 00000000 ____D () C:\ProgramData\RogueKiller2014-11-17 12:31 - 2012-08-03 14:33 - 00000000 ____D () C:\Users\home\AppData\Roaming\SoftGrid Client2014-11-16 17:23 - 2014-11-16 17:23 - 00000000 __SHD () C:\Users\home\AppData\Local\EmieBrowserModeList2014-11-16 12:21 - 2009-07-13 23:45 - 00263640 _____ () C:\windows\system32\FNTCACHE.DAT2014-11-15 21:41 - 2013-08-13 22:53 - 00000000 ____D () C:\windows\system32\MRT2014-11-15 21:39 - 2012-02-06 15:56 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2014-11-15 21:32 - 2014-04-07 12:57 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-11-15 21:32 - 2014-04-07 12:57 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-11-15 21:16 - 2014-11-19 10:34 - 01707532 _____ (Thisisu) C:\Users\home\Desktop\JRT_NEW.exe2014-11-15 21:06 - 2014-06-10 17:41 - 00002290 _____ () C:\Users\Public\Desktop\Advanced SystemCare Ultimate 7.lnk2014-11-11 21:18 - 2014-04-07 12:56 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2014-11-11 21:18 - 2014-04-07 12:56 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2014-11-11 21:18 - 2014-04-07 12:56 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2014-11-07 14:49 - 2014-11-15 21:13 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2014-11-07 14:23 - 2014-11-15 21:13 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2014-11-05 23:04 - 2014-11-15 21:13 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-11-05 23:03 - 2014-11-15 21:13 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-11-05 23:03 - 2014-11-15 21:13 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2014-11-05 22:47 - 2014-11-15 21:13 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-11-05 22:46 - 2014-11-15 21:13 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2014-11-05 22:46 - 2014-11-15 21:13 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2014-11-05 22:44 - 2014-11-15 21:13 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2014-11-05 22:43 - 2014-11-15 21:13 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-11-05 22:36 - 2014-11-15 21:13 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-11-05 22:35 - 2014-11-15 21:13 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-11-05 22:31 - 2014-11-15 21:13 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2014-11-05 22:30 - 2014-11-15 21:13 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2014-11-05 22:30 - 2014-11-15 21:13 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2014-11-05 22:29 - 2014-11-15 21:13 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2014-11-05 22:28 - 2014-11-15 21:13 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-11-05 22:23 - 2014-11-15 21:13 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-11-05 22:20 - 2014-11-15 21:13 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2014-11-05 22:16 - 2014-11-15 21:13 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-11-05 22:13 - 2014-11-15 21:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2014-11-05 22:13 - 2014-11-15 21:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-11-05 22:12 - 2014-11-15 21:13 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2014-11-05 22:10 - 2014-11-15 21:13 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-11-05 22:10 - 2014-11-15 21:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2014-11-05 22:07 - 2014-11-15 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2014-11-05 22:05 - 2014-11-15 21:13 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-11-05 22:04 - 2014-11-15 21:13 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-11-05 22:03 - 2014-11-15 21:13 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-11-05 22:02 - 2014-11-15 21:13 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-11-05 22:00 - 2014-11-15 21:13 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2014-11-05 22:00 - 2014-11-15 21:13 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2014-11-05 21:59 - 2014-11-15 21:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2014-11-05 21:58 - 2014-11-15 21:13 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2014-11-05 21:57 - 2014-11-15 21:13 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-11-05 21:48 - 2014-11-15 21:13 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-11-05 21:42 - 2014-11-15 21:13 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2014-11-05 21:41 - 2014-11-15 21:13 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-11-05 21:41 - 2014-11-15 21:13 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-11-05 21:39 - 2014-11-15 21:13 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2014-11-05 21:38 - 2014-11-15 21:13 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-11-05 21:37 - 2014-11-15 21:13 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-11-05 21:36 - 2014-11-15 21:13 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2014-11-05 21:34 - 2014-11-15 21:13 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-11-05 21:30 - 2014-11-15 21:13 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-11-05 21:22 - 2014-11-15 21:13 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-11-05 21:21 - 2014-11-15 21:13 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-11-05 21:21 - 2014-11-15 21:13 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-11-05 21:20 - 2014-11-15 21:13 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2014-11-05 21:17 - 2014-11-15 21:13 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-11-05 21:04 - 2014-11-15 21:13 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-11-05 21:03 - 2014-11-15 21:13 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-11-05 20:53 - 2014-11-15 21:13 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2014-11-05 20:52 - 2014-11-15 21:13 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-11-05 20:48 - 2014-11-15 21:13 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-11-05 20:47 - 2014-11-15 21:13 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2014-11-02 13:15 - 2011-09-17 04:29 - 00060896 _____ () C:\Users\home\AppData\Local\GDIPFONTCACHEV1.DAT2014-11-02 13:15 - 2011-09-17 04:29 - 00000000 ____D () C:\Users\home\AppData\Local\Windows Live Writer2014-11-01 15:29 - 2011-09-17 05:27 - 00000000 ____D () C:\ProgramData\CanonIJPLM2014-10-31 16:57 - 2011-09-17 05:47 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-10-31 16:56 - 2011-09-17 05:47 - 00000000 ____D () C:\ProgramData\Skype2014-10-28 13:47 - 2014-04-09 01:28 - 00000000 ____D () C:\Users\home\Documents\Tricia2014-10-28 13:15 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-18 10:45 ==================== End Of Log ============================ AdditionAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014Ran by home at 2014-11-24 17:54:11Running from F:\Tools\newTools9-18-14\random-audioBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)Advanced SystemCare Ultimate 7 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.0.1 - IObit)Best Buy pc app (Version: 3.1.1.0 - Best Buy) HiddenBest of Slots II (HKLM-x32\...\Best of Slots II) (Version: - )Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )Canon MX870 series User Registration (HKLM-x32\...\Canon MX870 series User Registration) (Version: - )Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )CCScore (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenCoupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenESSCDBK (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenESScore (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenESSgui (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenESSini (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenESSPCD (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenESSSONIC (x32 Version: 6.2.0001.0001 - EASTMAN KODAK Company) HiddenESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hiddenessvatgt (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenFanSpeedControl (HKLM-x32\...\InstallShield_{0EC766C7-F444-42BF-A05F-4A790F5360EB}) (Version: 1.00.00.13 - Lenovo)FanSpeedControl (x32 Version: 1.00.00.13 - Lenovo) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenIntel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.4.1099 - IObit)Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.710 - Oracle)Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) HiddenJunk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hiddenkgcbaby (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hiddenkgcbase (x32 Version: 5.03.0000.0004 - EASTMAN KODAK Company) Hiddenkgchday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hiddenkgchlwn (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hiddenkgcinvt (x32 Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hiddenkgckids (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hiddenkgcmove (x32 Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hiddenkgcvday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) HiddenKodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)KSU (x32 Version: 632.62.0004.0001 - EASTMAN KODAK Company) HiddenLenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1311 - Lenovo)Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) HiddenLenovo Tinian Fn PS/2 Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.0.11.0321 - Lenovo)LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)Masque IGT Slots Lil' Lady (HKLM-x32\...\{90A66DB0-9084-4586-8AD1-58BA8F9F6DE5}) (Version: 1.0.0 - Masque Publishing)Masque Slots (HKLM-x32\...\Masque Slots) (Version: - )Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)mPlayer version 1.0 (HKLM-x32\...\{B482E758-D602-434C-80B9-DDEFEEAE4BCA}_is1) (Version: 1.0 - Download Freely, LLC)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)netbrdg (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenNotifier (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenOfotoXMI (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenPCDADDIN (x32 Version: 6.02.0001.0003 - EASTMAN KODAK Company) HiddenPCDHELP (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenQuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0006 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)SFR (x32 Version: 6.02.0001.0001 - Eastman Kodak Company) HiddenShared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)SHASTA (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenShopAtHome.com Helper (HKLM-x32\...\ShopAtHome.com Helper) (Version: 7.0.4.17 - ShopAtHome.com) <==== ATTENTIONSKIN0001 (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenSKINXSDK (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) HiddenSkype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)staticcr (x32 Version: 5.03.0000.0001 - EASTMAN KODAK Company) HiddenSurfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)Ten Pro Board Games (HKLM-x32\...\Ten Pro Board Games) (Version: - )tooltips (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenUninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - W3i, LLC)Uninstall Helper (x32 Version: 2.0.1.0 - W3i, LLC) HiddenVPRINTOL (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenWindows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWIRELESS (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) HiddenWMS Slots Reel 'em in (HKLM-x32\...\{B5E8EA9B-2DDB-427C-B18D-96C4B4B51999}) (Version: 1.00.0000 - Phantom EFX) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 25-10-2014 00:54:29 Windows Update28-10-2014 18:49:03 Windows Update29-10-2014 14:52:38 Windows Update29-10-2014 15:39:26 Windows Update02-11-2014 18:39:39 Windows Update02-11-2014 20:47:37 Windows Update07-11-2014 00:01:28 Windows Update11-11-2014 01:53:27 Windows Update16-11-2014 02:37:53 Windows Update16-11-2014 17:53:06 Windows Update16-11-2014 22:52:05 Windows Update17-11-2014 16:42:46 Windows Update17-11-2014 16:45:38 Windows Update20-11-2014 17:12:28 Installed Java 7 Update 7121-11-2014 02:55:09 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C99F811-700F-4958-96BF-D4B026622D9B} - System32\Tasks\{10191A5F-2DCC-4FFB-B000-67129ABBD7C4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)Task: {407A0D46-DBC2-4674-AAE3-BEC03DEBB736} - System32\Tasks\ASCAntivirusScan => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe [2013-12-02] (IObit)Task: {4CC2E91E-4238-4937-9D27-8C28FDEBBA5B} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Monitor.exe [2013-11-29] (IObit)Task: {73A8A13F-244B-40D2-BA19-3BE1833ACAD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)Task: {81020768-BC32-4F4F-A1B2-8B24CDA1CC6D} - System32\Tasks\ASC7U_SkipUac_home => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe [2013-12-02] (IObit)Task: {84D36B72-625F-4C92-BA18-7DBF3C99E6FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)Task: {953D4583-9334-458D-A48D-F438362F13E7} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-11] (Adobe Systems Incorporated)Task: {A165F292-8850-4018-97DE-67BA87DCCE8A} - \MySearchDial No Task File <==== ATTENTIONTask: {B3738AF9-BEFE-4A83-925A-83BC88B3EA07} - \UpdaterEX No Task File <==== ATTENTIONTask: {D9A16210-D012-4FB9-BBEA-9BF32C04D431} - System32\Tasks\{B4747232-3CF6-4C29-A4DC-BC5143E1A9D9} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.120.259&LastError=404Task: {F34067A6-3E70-4E5D-A49F-B639325704D0} - System32\Tasks\{A108AD88-87B8-4350-9753-0FF4188F5BE2} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)Task: {F97A6EF2-8A16-4247-A683-29B96FDC9939} - System32\Tasks\{B09827FD-1FBD-423A-A1BC-C5D0BDE6030D} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.120.259&LastError=404Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-09-17 05:27 - 2009-09-08 16:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE2011-06-07 23:06 - 2011-03-15 22:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe2008-05-04 16:02 - 2008-05-04 16:02 - 04603904 _____ () C:\Users\home\AppData\Roaming\U3\0877610284505F6C\LaunchPad.exe2014-06-10 17:41 - 2013-01-15 17:47 - 00517440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\sqlite3.dll2014-06-10 17:41 - 2013-11-14 15:02 - 00218944 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Antivirus\bdfltlib.dll2014-06-10 17:41 - 2013-11-14 15:07 - 00225600 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Antivirus\smartscn.dll2014-06-10 17:41 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\madExcept_.bpl2014-06-10 17:41 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\madBasic_.bpl2014-06-10 17:41 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\madDisAsm_.bpl2014-06-10 17:41 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\webres.dll2007-10-23 09:23 - 2007-10-23 09:23 - 02600960 _____ () C:\Users\home\AppData\Roaming\U3\0877610284505F6C\u3dapi10.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\home\Desktop\Marie, Here are your August hotel offers.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"MSCONFIG\startupreg: ApnUpdater => MSCONFIG\startupreg: CanonMyPrinter => c:\program files\canon\myprinter\bjmyprt.exe /logonMSCONFIG\startupreg: CanonSolutionMenu => c:\program files (x86)\canon\solutionmenu\cnslmain.exe /logonMSCONFIG\startupreg: HotKeysCmds => c:\windows\system32\hkcmd.exeMSCONFIG\startupreg: IgfxTray => c:\windows\system32\igfxtray.exeMSCONFIG\startupreg: jmekey => c:\windows\jmesoft\hotkey.exeMSCONFIG\startupreg: jmesoft => MSCONFIG\startupreg: mobilegeni daemon => MSCONFIG\startupreg: Persistence => c:\windows\system32\igfxpers.exeMSCONFIG\startupreg: QuickTime Task => "c:\program files (x86)\quicktime\qttask.exe" -atboottimeMSCONFIG\startupreg: RtHDVCpl => c:\program files\realtek\audio\hda\ravcpl64.exe -sMSCONFIG\startupreg: Skype => "c:\program files (x86)\skype\phone\skype.exe" /minimized /regrunMSCONFIG\startupreg: UpdatePRCShortCut => "c:\program files\lenovo\onekey app\lenovo rescue system\muitransfer\muistartmenu.exe" "c:\program files\lenovo\onekey app\lenovo rescue system" updatewithcreateonce "software\lenovo\onekey app\onekey recovery" ==================== Faulty Device Manager Devices ============= Name: Microsoft 6to4 AdapterDescription: Microsoft 6to4 AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft 6to4 Adapter #2Description: Microsoft 6to4 AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft ISATAP AdapterDescription: Microsoft ISATAP AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors:==================Error: (11/24/2014 05:51:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (11/24/2014 05:51:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (11/24/2014 05:48:35 PM) (Source: SideBySide) (EventID: 80) (User: )Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/23/2014 09:23:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (11/23/2014 09:23:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (11/23/2014 09:20:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (11/23/2014 09:20:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (11/23/2014 07:13:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (11/23/2014 07:13:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (11/23/2014 05:57:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. System errors:=============Error: (11/24/2014 05:52:08 PM) (Source: Service Control Manager) (EventID: 7003) (User: )Description: The MBAMWebAccessControl service depends the following service: BFE. This service might not be installed. Error: (11/24/2014 05:52:08 PM) (Source: Service Control Manager) (EventID: 7003) (User: )Description: The MBAMWebAccessControl service depends the following service: BFE. This service might not be installed. Error: (11/24/2014 05:48:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s). Error: (11/24/2014 05:48:13 PM) (Source: Disk) (EventID: 11) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/24/2014 05:48:12 PM) (Source: Disk) (EventID: 11) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/24/2014 05:48:10 PM) (Source: Disk) (EventID: 11) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/24/2014 05:47:46 PM) (Source: Service Control Manager) (EventID: 7003) (User: )Description: The MBAMWebAccessControl service depends the following service: BFE. This service might not be installed. Error: (11/24/2014 05:47:46 PM) (Source: Service Control Manager) (EventID: 7003) (User: )Description: The MBAMWebAccessControl service depends the following service: BFE. This service might not be installed. Error: (11/24/2014 05:47:36 PM) (Source: Service Control Manager) (EventID: 7003) (User: )Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. Error: (11/24/2014 05:47:33 PM) (Source: Service Control Manager) (EventID: 7003) (User: )Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. Microsoft Office Sessions:=========================Error: (11/24/2014 05:51:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: WmiApRplWmiApRpl8F20300004D070000 Error: (11/24/2014 05:51:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: Performance1637070000000000000000000009030000 Error: (11/24/2014 05:48:35 PM) (Source: SideBySide) (EventID: 80) (User: )Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\Tools\newTools9-18-14\esetsmartinstaller_enu.exe Error: (11/23/2014 09:23:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: WmiApRplWmiApRpl8F20300004D070000 Error: (11/23/2014 09:23:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: Performance1637070000000000000000000009030000 Error: (11/23/2014 09:20:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: WmiApRplWmiApRpl8F20300004D070000 Error: (11/23/2014 09:20:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: Performance1637070000000000000000000009030000 Error: (11/23/2014 07:13:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: WmiApRplWmiApRpl8F20300004D070000 Error: (11/23/2014 07:13:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: Performance1637070000000000000000000009030000 Error: (11/23/2014 05:57:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: WmiApRplWmiApRpl8F20300004D070000 ==================== Memory info =========================== Processor: Pentium® Dual-Core CPU E5800 @ 3.20GHzPercentage of memory in use: 33%Total physical RAM: 4061.18 MBAvailable physical RAM: 2695.9 MBTotal Pagefile: 8120.53 MBAvailable Pagefile: 6516.61 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:906.34 GB) (Free:862.53 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFSDrive f: () (Removable) (Total:7.47 GB) (Free:3.6 GB) FAT32 ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 05B20A32)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12) ========================================================Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================
  5. CCSwells
    Thanks Firefox, I will have that info for you shortly
  6. CCSwells
    Hi Having trouble on a Windows 7 PC that has had Malwarebytes Premium running since 6/14. Recently, (perhaps after upgrade to 2.0.3.1025) Malicious Website protection has been disabled. This is still the case despite following instructions on Root Admin's post at least twice and then used the Mbam-clean to completely remove it and then re-installed it again. Finally, I cleaned it again and installed the earlier version 2.0.2.1012 which also showed MWP disabled as soon as I started the free trial. I have let update install the new version, closed it and restarted it and then the PC to no avail. I have scanned with RKill, Kaspersky TDSSkiller, JRT, RogueKiller but they all come back clean so I don't think this is "BUG" related.
  7. CCSwells
    UPDATE: I also posted this on the bleepingcomputer forum yesterday and I believe it is now resolved...fingers crossed. I have included a link for the curious. Thanks to all who took a look at this in an effort to help...I appreciate it! http://www.bleepingcomputer.com/forums/t/548709/cannot-remove-proxy-settings-1270015050/?p=3482255
  8. CCSwells
    I realized that this was posted incorrectly and I have moved it to the appropriate forum...I hope
  9. CCSwells
    apologies...posted this in the wrong forum initially Hi and thanks for your help/time in advance. I have a Win7 SP1 64bitOS laptop that I cannot seem to clean. I have thrown everything at it (see below) and it continues to revert back to a proxy setting 127.0.0.1:5050. Just logging off and back triggers it, not necessary to restart. Unchecking the "Use a Proxy server..." grays the address and port box out but the apply button below the "Lan settings" button on the main page is not available Some of the things I've already tried and have logs for most Rkill TDSSKiller RogueKillerx64 adwccleaner3.306 JRT Malwarebytes emsisoft emergency kit tweaking.com windows repair Advance System Care 7.1 ComboFix also FRST64 but I am unsure how to do anything but look at the log. Rkill1st.txt mbam-log-2014-09-15 (12-36-17).xml Rkill.txt a2scan_140915-131023.txt FRST.txt Addition.txt JRT.txt protection-log-2014-09-15.xml ComboFix.txt
  10. CCSwells
    Hi and thanks for your help/time in advance. I have a Win7 SP1 64bitOS laptop that I cannot seem to clean. I have thrown everything at it (see below) and it continues to revert back to a proxy setting 127.0.0.1:5050. Just logging off and back triggers it, not necessary to restart. Unchecking the "Use a Proxy server..." grays the address and port box out but the apply button below the "Lan settings" button on the main page is not available Some of the things I've already tried and have logs for most Rkill TDSSKiller RogueKillerx64 adwccleaner3.306 JRT Malwarebytes emsisoft emergency kit tweaking.com windows repair Advance System Care 7.1 ComboFix also FRST64 but I am unsure how to do anything but look at the log. Rkill1st.txt a2scan_140915-131023.txt FRST.txt Addition.txt JRT.txt ComboFix.txt mbam-log-2014-09-15 (12-36-17).xml protection-log-2014-09-15.xml
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.