Jump to content

hirochihachi

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. All clear. Created the fixlog.txt and everything looked fine, but then Delfix removed it. =) Also removed my Hijack This, that's irritating but I can redownload it. Thanks a bunch and I appreciate the help!
  2. Addition.txtApologies, forgot about the log, but I did run the scan. No new symptoms, computer seems to be behaving itself nicely. # AdwCleaner v4.201 - Logfile created 18/04/2015 at 08:57:03# Updated 08/04/2015 by Xplode# Database : 2015-04-18.3 [server]# Operating system : Windows 7 Ultimate Service Pack 1 (x64)# Username : Mel - MEL-PC# Running from : C:\Users\Mel\Desktop\adwcleaner_4.201.exe# Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\c8449833-e575-8169-d9af-50797cee3ae3Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6040a42c}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20B9C05C-99C9-4BAB-B596-FB0C0E1C9F55}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17728 -\\ Mozilla Firefox v37.0.1 (x86 en-US) [8dbm1mur.default-1421694296002\prefs.js] - Line Deleted : user_pref("extensions.4u5PDhFhM2JvZUOp.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjw4rTn6rTrHrHC6qHg4rTU9pdU\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\[...] -\\ Google Chrome v42.0.2311.90 ************************* AdwCleaner[R0].txt - [2251 bytes] - [18/04/2015 08:54:58]AdwCleaner[s0].txt - [2209 bytes] - [18/04/2015 08:57:03] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2268 bytes] ########## Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01Ran by Mel (administrator) on MEL-PC on 18-04-2015 14:58:17Running from C:\Users\Mel\DesktopLoaded Profiles: Mel (Available profiles: Mel)Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Telstra Corporation Ltd.) C:\Program Files\Windstream Support Center\9.0.0.209\ma\bin\pcTrayApp.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe() C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe(Curse) C:\Users\Mel\AppData\Local\Apps\2.0\AE2VXK7Y.JT9\VBT3C43B.BQY\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE(Dropbox, Inc.) C:\Users\Mel\AppData\Roaming\Dropbox\bin\Dropbox.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(LULU SOFTWARE LIMITED) C:\Program Files (x86)\Soda PDF 3D Reader\creator-ws.exe(Alcatel-Lucent) C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\MAHostService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Joyent, Inc) C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\node.exe(Microsoft Corporation) C:\Windows\splwow64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [Windstream_McciTrayApp] => C:\Program Files\Windstream Support Center\9.0.0.209\ma\bin\pcTrayApp.exe [2905088 2014-09-11] (Telstra Corporation Ltd.)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()HKLM-x32\...\Run: [steelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition] => C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe [1945600 2011-10-03] ()HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (CANON INC.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\Run: [battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2861104 2015-04-07] (Blizzard Entertainment)HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\MountPoints2: {2fcb64f1-7b01-11e4-97b0-806e6f6e6963} - D:\AUTORUN.EXEHKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\MountPoints2: {b14562e9-0077-11e4-8149-806e6f6e6963} - D:\Gw2Setup.exeHKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Mel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2667224228-1020230360-1385556155-1000 -> {94586F80-A0BB-43C0-A448-910A55301690} URL = https://www.google.com/search?q={searchTerms}BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Mel\AppData\Roaming\Mozilla\Firefox\Profiles\8dbm1mur.default-1421694296002FF DefaultSearchEngine: GoogleFF DefaultSearchEngine.US: GoogleFF Homepage: hxxp://gmail.com/FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\npMotive.dll [2014-09-11] (Windstream)FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2014-09-11] (Windstream)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll No FileFF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll No FileFF Plugin-x32: Soda PDF 3D Reader -> C:\Program Files (x86)\Soda PDF 3D Reader\np-previewer.dll [2015-01-16] (LULU SOFTWARE LIMITED)FF Plugin HKU\S-1-5-21-2667224228-1020230360-1385556155-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No FileFF Plugin HKU\S-1-5-21-2667224228-1020230360-1385556155-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-01-21] (Apple Inc.)FF Extension: Windstream Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\mcciwbch@motive.com.xpi [2015-04-08]FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-08]FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_3d_reader@sodapdf.com] - C:\Program Files (x86)\Soda PDF 3D Reader\resources\soda3dreaderfirefoxextensionFF Extension: Soda PDF 3D Reader Creator - C:\Program Files (x86)\Soda PDF 3D Reader\resources\soda3dreaderfirefoxextension [2015-03-29] Chrome: =======CHR HomePage: Default -> CHR StartupUrls: Default -> "hxxp://www.google.com/"CHR Profile: C:\Users\Mel\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]CHR Extension: (Google Docs) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]CHR Extension: (Google Drive) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]CHR Extension: (YouTube) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]CHR Extension: (Adblock Plus) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-15]CHR Extension: (Google Search) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]CHR Extension: (Windstream Extension) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2015-04-15]CHR Extension: (Video Downloader professional) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-04-15]CHR Extension: (Google Sheets) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]CHR Extension: (Bookmark Manager) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]CHR Extension: (Voice Recognition) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2015-04-15]CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-04-15]CHR Extension: (The Great Suspender) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-04-15]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]CHR Extension: (Google Wallet) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]CHR Extension: (Gmail) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2015-01-14]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)S3 LULU Software CrashHandler; C:\Program Files (x86)\Soda PDF 3D Reader\crash-handler-ws.exe [786232 2015-01-16] (LULU SOFTWARE LIMITED)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-10-22] (Alcatel-Lucent) [File not signed]R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2013-10-22] (Alcatel-Lucent) [File not signed]S2 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [868688 2015-01-29] (LULU Software Limited)S3 Soda PDF 3D Reader; C:\Program Files (x86)\Soda PDF 3D Reader\ws.exe [1862456 2015-01-16] (LULU SOFTWARE LIMITED)R2 Soda PDF 3D Reader Creator; C:\Program Files (x86)\Soda PDF 3D Reader\creator-ws.exe [623416 2015-01-16] (LULU SOFTWARE LIMITED)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)R2 Windstream MAHostService; C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\MAHostService.exe [321024 2014-09-11] (Alcatel-Lucent) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-18] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)R3 SSMO4Filter; C:\Windows\System32\drivers\MO4Driver.sys [21504 2011-07-26] (Sagatek Co. Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-18 09:21 - 2015-04-18 09:21 - 00448512 _____ (OldTimer Tools) C:\Users\Mel\Desktop\TFC.exe2015-04-18 09:19 - 2015-04-18 09:19 - 00000602 _____ () C:\Users\Mel\Desktop\JRT.txt2015-04-18 09:04 - 2015-04-18 09:04 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MEL-PC-Windows-7-Ultimate-(64-bit).dat2015-04-18 09:04 - 2015-04-18 09:04 - 00000000 ____D () C:\RegBackup2015-04-18 09:03 - 2015-04-18 09:04 - 02686254 _____ (Thisisu) C:\Users\Mel\Desktop\JRT.exe2015-04-18 08:54 - 2015-04-18 08:57 - 00000000 ____D () C:\AdwCleaner2015-04-18 08:53 - 2015-04-18 08:54 - 00781312 _____ () C:\Users\Mel\Desktop\delfix_10.9 (1).exe2015-04-18 08:53 - 2015-04-18 08:53 - 02217984 _____ () C:\Users\Mel\Desktop\adwcleaner_4.201.exe2015-04-18 08:52 - 2015-04-18 08:52 - 00000000 ____D () C:\Users\Mel\Desktop\FRST-OlderVersion2015-04-18 08:46 - 2015-04-18 08:49 - 00000318 _____ () C:\DelFix.txt2015-04-18 08:46 - 2015-04-18 08:46 - 00000000 ____D () C:\Windows\ERUNT2015-04-18 08:45 - 2015-04-18 08:46 - 00781312 _____ () C:\Users\Mel\Desktop\delfix_10.9.exe2015-04-17 22:49 - 2015-04-17 22:50 - 00000000 ____D () C:\Users\Mel\AppData\Local\CrashDumps2015-04-17 22:38 - 2015-04-17 22:38 - 00045993 _____ () C:\Users\Mel\Downloads\Addition.txt2015-04-17 22:37 - 2015-04-17 22:37 - 00072041 _____ () C:\Users\Mel\Downloads\FRST.txt2015-04-17 22:21 - 2015-04-17 23:52 - 00000000 ____D () C:\ProgramData\RogueKiller2015-04-17 22:21 - 2015-04-17 22:21 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys2015-04-17 22:01 - 2015-04-17 22:20 - 20589656 _____ () C:\Users\Mel\Downloads\RogueKillerX64.exe2015-04-17 14:29 - 2015-04-17 14:29 - 00000000 ____D () C:\SUPPORT2015-04-17 14:29 - 2015-04-17 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revenue Management2015-04-17 14:28 - 2015-04-17 14:28 - 00000821 _____ () C:\Users\Public\Desktop\Office Hours Professional Demo.lnk2015-04-17 14:28 - 2015-04-17 14:28 - 00000810 _____ () C:\Users\Public\Desktop\Medisoft Advanced Demo.lnk2015-04-17 14:28 - 2015-04-17 14:28 - 00000779 _____ () C:\Users\Public\Desktop\Work Administrator.lnk2015-04-17 14:28 - 2015-04-17 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medisoft2015-04-17 14:27 - 2015-04-17 14:28 - 00000000 ____D () C:\Medisoft DEMO2015-04-17 14:25 - 2015-04-17 14:25 - 00000000 ____D () C:\MediData2015-04-17 14:24 - 2015-04-17 14:25 - 06163480 _____ () C:\Users\Mel\Downloads\CIMO8e.exe2015-04-17 11:15 - 2015-04-17 11:15 - 05820916 _____ () C:\Users\Mel\Downloads\CIMO8e.zip2015-04-16 21:51 - 2015-04-16 21:51 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_24FC2015-04-16 12:25 - 2015-04-16 12:33 - 00039871 _____ () C:\Users\Mel\Desktop\Addition.txt2015-04-16 12:24 - 2015-04-18 14:58 - 00026127 _____ () C:\Users\Mel\Desktop\FRST.txt2015-04-16 12:23 - 2015-04-18 14:58 - 00000000 ____D () C:\FRST2015-04-16 12:19 - 2015-04-18 08:52 - 02098176 _____ (Farbar) C:\Users\Mel\Desktop\FRST64.exe2015-04-16 10:55 - 2015-04-16 10:55 - 00000000 ____D () C:\Users\Mel\AppData\Local\Macromedia2015-04-15 13:35 - 2015-04-18 14:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-04-15 13:35 - 2015-04-15 13:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-04-15 13:35 - 2015-04-15 13:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-04-15 13:35 - 2015-04-15 13:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-04-15 13:35 - 2015-04-15 13:35 - 00000000 ____D () C:\Windows\system32\Macromed2015-04-15 01:15 - 2015-04-15 01:15 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-04-15 01:15 - 2015-04-15 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-04-15 01:08 - 2015-04-18 14:13 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-04-15 01:08 - 2015-04-18 12:48 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-04-15 01:08 - 2015-04-15 01:08 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-04-15 01:08 - 2015-04-15 01:08 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-04-15 01:04 - 2015-04-15 01:04 - 00002308 _____ () C:\Users\Mel\Downloads\software_removal_tool.log2015-04-15 00:52 - 2015-04-15 01:18 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2015-04-15 00:47 - 2015-04-15 01:18 - 00000000 ____D () C:\Users\Mel\Desktop\mbar2015-04-15 00:16 - 2015-04-18 12:48 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-04-15 00:16 - 2015-04-15 00:20 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Mel\Downloads\mbar-1.09.1.1004.exe2015-04-15 00:16 - 2015-04-15 00:16 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-04-15 00:16 - 2015-04-15 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-04-15 00:15 - 2015-04-15 00:47 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-04-15 00:15 - 2015-04-15 00:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-04-15 00:15 - 2015-04-15 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-04-15 00:15 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-04-15 00:15 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-04-15 00:09 - 2015-04-15 00:12 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Mel\Downloads\mbam-setup-2.1.4.1018.exe2015-04-14 22:58 - 2015-04-14 22:58 - 00334720 _____ (Sysinternals - www.sysinternals.com) C:\Users\Mel\Downloads\RootkitRevealer.exe2015-04-14 22:54 - 2015-04-14 22:54 - 00588816 _____ () C:\Users\Mel\Downloads\Autoruns.zip2015-04-14 22:44 - 2015-04-14 22:55 - 00000000 ____D () C:\Users\Mel\Desktop\rootkit revealer2015-04-14 22:44 - 2015-04-14 22:44 - 00231390 _____ () C:\Users\Mel\Downloads\RootkitRevealer.zip2015-04-14 21:32 - 2015-04-01 20:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-04-14 21:32 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-04-14 21:32 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-04-14 21:32 - 2015-03-13 00:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-04-14 21:32 - 2015-03-13 00:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-04-14 21:32 - 2015-03-13 00:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-04-14 21:32 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-04-14 21:32 - 2015-03-13 00:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-04-14 21:32 - 2015-03-13 00:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-04-14 21:32 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-04-14 21:32 - 2015-03-13 00:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-04-14 21:32 - 2015-03-13 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-04-14 21:32 - 2015-03-12 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-04-14 21:32 - 2015-03-12 23:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-04-14 21:32 - 2015-03-12 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-04-14 21:32 - 2015-03-12 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-04-14 21:32 - 2015-03-12 23:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-04-14 21:32 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-04-14 21:32 - 2015-03-12 23:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-04-14 21:32 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-04-14 21:32 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-04-14 21:32 - 2015-03-12 23:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-04-14 21:32 - 2015-03-12 23:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-04-14 21:32 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-04-14 21:32 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-04-14 21:32 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-04-14 21:32 - 2015-03-12 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-04-14 21:32 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-04-14 21:32 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-04-14 21:32 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-04-14 21:32 - 2015-03-12 23:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-04-14 21:32 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-04-14 21:32 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-04-14 21:32 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-04-14 21:32 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-04-14 21:32 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-04-14 21:32 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-04-14 21:32 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-04-14 21:32 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-04-14 21:32 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-04-14 21:32 - 2015-03-12 23:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-04-14 21:32 - 2015-03-12 23:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-04-14 21:32 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-04-14 21:32 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-04-14 21:32 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-04-14 21:32 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-04-14 21:32 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-04-14 21:32 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-04-14 21:32 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-04-14 21:32 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-04-14 21:32 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-04-14 21:32 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-04-14 21:32 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-04-14 21:32 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-04-14 21:32 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-04-14 21:32 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-04-14 21:32 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-04-14 21:31 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-04-14 18:05 - 2015-04-14 18:05 - 00000355 _____ () C:\Users\Mel\Desktop\Computer - Shortcut (2).lnk2015-04-14 17:02 - 2015-04-14 18:39 - 00000000 ____D () C:\Users\Mel\Desktop\backups2015-04-14 17:02 - 2015-04-14 17:02 - 00012748 _____ () C:\Users\Mel\Desktop\hijackthis.log2015-04-14 16:59 - 2015-03-24 23:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-04-14 16:59 - 2015-03-24 23:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-04-14 16:59 - 2015-03-24 23:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-04-14 16:59 - 2015-03-24 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-04-14 16:59 - 2015-03-24 23:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-04-14 16:59 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-04-14 16:57 - 2015-03-22 23:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-04-14 16:57 - 2015-03-22 23:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2015-04-14 16:57 - 2015-03-22 23:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-04-14 16:56 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2015-04-14 16:56 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2015-04-14 16:51 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2015-04-14 16:51 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2015-04-14 16:51 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2015-04-14 16:51 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2015-04-14 16:46 - 2015-03-17 01:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-04-14 16:46 - 2015-03-17 01:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-04-14 16:46 - 2015-03-17 01:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-04-14 16:46 - 2015-03-17 01:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2015-04-14 16:46 - 2015-03-17 01:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2015-04-14 16:46 - 2015-03-17 01:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2015-04-14 16:46 - 2015-03-17 01:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2015-04-14 16:46 - 2015-03-17 01:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-04-14 16:46 - 2015-03-17 01:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2015-04-14 16:46 - 2015-03-17 01:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2015-04-14 16:46 - 2015-03-17 01:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2015-04-14 16:46 - 2015-03-17 01:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-04-14 16:46 - 2015-03-17 01:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-04-14 16:46 - 2015-03-17 01:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-04-14 16:46 - 2015-03-17 01:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-04-14 16:46 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-04-14 16:46 - 2015-03-17 00:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2015-04-14 16:46 - 2015-03-17 00:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-04-14 16:46 - 2015-03-17 00:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2015-04-14 16:46 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2015-04-14 16:46 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-04-14 16:46 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2015-04-14 16:46 - 2015-03-16 23:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2015-04-14 16:46 - 2015-03-16 23:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2015-04-14 16:41 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys2015-04-14 16:12 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys2015-04-14 16:12 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll2015-04-14 16:12 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll2015-04-13 16:43 - 2015-04-17 14:30 - 00005928 _____ () C:\ads_err.adt2015-04-13 16:43 - 2015-04-17 14:30 - 00003072 _____ () C:\ads_err.adi2015-04-13 16:43 - 2015-04-13 16:43 - 00004136 _____ () C:\ads_err.adm2015-04-13 16:37 - 2015-04-17 14:27 - 00001563 _____ () C:\Windows\KB893803v2.log2015-04-13 16:37 - 2015-04-17 14:27 - 00000000 ____D () C:\Medisoft DEMO DEMO2015-04-13 16:37 - 2015-04-13 16:37 - 00000000 ____D () C:\ProgramData\Medisoft2015-04-13 16:36 - 2015-04-13 16:36 - 00000000 ____D () C:\Program Files (x86)\Medisoft2015-04-11 22:08 - 2015-04-11 22:08 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_38CF2015-04-11 14:32 - 2015-04-18 08:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22015-04-11 14:32 - 2015-04-18 08:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2015-04-11 14:32 - 2015-04-11 14:32 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2015-04-11 13:55 - 2015-04-11 14:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mel\Downloads\spybot-2.4.exe2015-04-11 13:41 - 2015-04-11 13:41 - 00000000 ____D () C:\Users\Mel\Downloads\backups2015-04-11 13:33 - 2015-04-11 13:33 - 00012778 _____ () C:\Users\Mel\Downloads\hijackthis.log2015-04-11 13:31 - 2015-04-11 13:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mel\Desktop\HijackThis.exe2015-04-11 13:17 - 2015-04-15 00:36 - 00000000 ____D () C:\Program Files (x86)\IndepthEdit2015-04-11 13:14 - 2015-04-14 15:15 - 00000020 _____ () C:\Users\Mel\AppData\Roaming\appdataFr3.bin2015-04-08 22:34 - 2015-04-09 23:05 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\.minecraft2015-04-08 22:34 - 2015-04-08 22:34 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\java2015-04-08 22:15 - 2015-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\Minecraft2015-04-08 22:15 - 2015-04-08 22:15 - 00000961 _____ () C:\Users\Public\Desktop\Minecraft.lnk2015-04-08 22:15 - 2015-04-08 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft2015-04-08 22:11 - 2015-04-08 22:12 - 02314240 _____ () C:\Users\Mel\Downloads\MinecraftInstaller.msi2015-04-08 12:05 - 2015-04-11 13:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-04-05 21:15 - 2015-04-05 21:15 - 00000000 ___SD () C:\Windows\SysWOW64\GWX2015-04-05 21:15 - 2015-04-05 21:15 - 00000000 ___SD () C:\Windows\system32\GWX2015-04-05 19:11 - 2015-04-05 19:15 - 00000000 ____D () C:\Users\Mel\Desktop\Camera phone 04-062015-03-31 08:42 - 2015-03-31 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi2015-03-31 08:42 - 2015-03-31 08:42 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi2015-03-29 23:33 - 2015-03-29 23:33 - 00001022 _____ () C:\Users\Public\Desktop\Soda PDF 3D Reader.lnk2015-03-29 23:32 - 2015-03-29 23:37 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Soda PDF 3D Reader2015-03-29 23:32 - 2015-03-29 23:32 - 00000000 ____D () C:\ProgramData\LULU Software2015-03-29 23:31 - 2015-03-30 00:10 - 00000000 ____D () C:\Users\Mel\Documents\Soda PDF Files2015-03-29 23:31 - 2015-03-29 23:32 - 00000000 ____D () C:\Program Files (x86)\Soda PDF 3D Reader2015-03-29 23:31 - 2015-03-29 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF 3D Reader2015-03-29 23:29 - 2015-03-29 23:29 - 00000000 ____D () C:\ProgramData\Soda PDF 3D Reader2015-03-29 23:28 - 2015-03-29 23:59 - 00000000 ____D () C:\Users\Mel\Downloads\The Walking Dead Comics 1-134 + Specials2015-03-29 23:28 - 2015-03-29 23:28 - 05971544 _____ (LULU Software Limited) C:\Users\Mel\Downloads\Soda_3D_7_Installer.exe2015-03-28 16:38 - 2015-03-28 16:38 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu2015-03-28 16:26 - 2015-03-28 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX470 series User Registration2015-03-28 16:23 - 2015-03-28 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX470 series Manual2015-03-28 16:09 - 2015-04-09 15:29 - 00000000 ____D () C:\ProgramData\CanonIJPLM2015-03-28 16:09 - 2015-03-28 16:09 - 00000000 ___HD () C:\ProgramData\CanonIJETV2015-03-28 16:07 - 2015-03-28 16:08 - 50908760 _____ () C:\Users\Mel\Downloads\win-mx470-1_0-ucd.exe2015-03-20 22:54 - 2015-03-20 22:54 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_3C58 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-18 14:49 - 2014-06-30 10:20 - 00000000 ____D () C:\Users\Mel\AppData\Local\Deployment2015-04-18 14:49 - 2014-06-30 10:19 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB52D448-0961-4830-9779-72FC4E3589E8}2015-04-18 14:40 - 2014-06-30 13:00 - 01574161 _____ () C:\Windows\WindowsUpdate.log2015-04-18 13:52 - 2014-08-17 14:29 - 00000000 ____D () C:\Users\Mel\AppData\Local\LogMeIn Hamachi2015-04-18 13:49 - 2015-01-12 18:12 - 00000000 ____D () C:\Users\Mel\AppData\Local\Battle.net2015-04-18 12:56 - 2009-07-14 00:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-04-18 12:56 - 2009-07-14 00:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-04-18 12:49 - 2014-07-15 08:48 - 00000000 ___RD () C:\Users\Mel\Dropbox2015-04-18 12:49 - 2014-07-15 08:45 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Dropbox2015-04-18 12:48 - 2015-01-14 18:49 - 00000000 ____D () C:\Program Files (x86)\Windstream Support Center2015-04-18 12:48 - 2009-07-14 00:51 - 00146824 _____ () C:\Windows\setupact.log2015-04-18 12:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-04-18 12:46 - 2014-06-30 10:55 - 00000000 ____D () C:\ProgramData\NVIDIA2015-04-18 08:58 - 2010-11-20 23:47 - 00171084 _____ () C:\Windows\PFRO.log2015-04-18 08:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing2015-04-18 08:27 - 2014-06-30 10:20 - 00118016 _____ () C:\Users\Mel\AppData\Local\GDIPFONTCACHEV1.DAT2015-04-18 08:26 - 2009-07-14 00:45 - 05076568 _____ () C:\Windows\system32\FNTCACHE.DAT2015-04-18 00:37 - 2014-08-31 22:54 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Mumble2015-04-17 21:48 - 2015-01-08 18:37 - 00000000 ____D () C:\ProgramData\Adobe2015-04-17 21:48 - 2014-07-01 15:58 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Adobe2015-04-17 21:47 - 2015-01-08 18:37 - 00000000 ____D () C:\Program Files (x86)\Adobe2015-04-17 11:25 - 2012-10-24 16:26 - 06163608 _____ () C:\Users\Mel\Desktop\CIMO8e.exe2015-04-17 11:05 - 2014-06-30 10:10 - 00000000 ____D () C:\Users\Mel\AppData\Local\VirtualStore2015-04-17 08:36 - 2015-01-08 18:37 - 00000000 ____D () C:\Users\Mel\AppData\Local\Adobe2015-04-17 01:10 - 2015-01-18 23:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132015-04-17 01:10 - 2015-01-18 23:24 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-04-17 01:10 - 2015-01-18 23:24 - 00000000 ____D () C:\Program Files (x86)\Office152015-04-16 13:04 - 2014-08-05 01:33 - 00111526 _____ () C:\Users\Mel\Desktop\New Text Document (2).txt2015-04-16 12:49 - 2014-07-27 09:15 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\uTorrent2015-04-15 03:04 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini2015-04-15 01:15 - 2014-06-30 10:20 - 00000000 ____D () C:\Users\Mel\AppData\Local\Google2015-04-15 01:15 - 2014-06-30 10:20 - 00000000 ____D () C:\Program Files (x86)\Google2015-04-15 00:36 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew2015-04-15 00:36 - 2009-07-14 01:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2015-04-14 23:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat2015-04-14 23:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2015-04-14 19:15 - 2014-12-19 14:36 - 00000000 ____D () C:\Windows\system32\appraiser2015-04-14 19:15 - 2014-06-30 12:00 - 00000000 ___SD () C:\Windows\system32\CompatTel2015-04-14 19:00 - 2014-06-30 10:48 - 00773912 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2015-04-14 19:00 - 2009-07-14 01:13 - 00773912 _____ () C:\Windows\system32\PerfStringBackup.INI2015-04-14 18:58 - 2014-06-30 11:56 - 00000000 ____D () C:\Windows\system32\MRT2015-04-14 18:52 - 2014-06-30 11:56 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-04-14 15:28 - 2014-07-01 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS2015-04-14 15:28 - 2014-07-01 14:38 - 00000000 ____D () C:\Program Files (x86)\ASUS2015-04-14 15:28 - 2014-06-30 10:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-04-12 13:40 - 2015-01-08 18:14 - 00000000 ____D () C:\Program Files\Canon2015-04-12 13:40 - 2015-01-08 18:11 - 00000000 ____D () C:\Program Files (x86)\Canon2015-04-12 02:01 - 2014-12-29 01:17 - 00000000 ____D () C:\Users\Mel\AppData\Local\Plex Media Server2015-04-11 20:22 - 2015-02-11 14:09 - 00000000 ____D () C:\Users\Mel\AppData\Local\AddLive_v32015-04-11 13:43 - 2014-07-01 19:35 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Skype2015-04-09 22:12 - 2014-07-15 08:48 - 00001009 _____ () C:\Users\Mel\Desktop\Dropbox.lnk2015-04-09 22:12 - 2014-07-15 08:46 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-04-09 21:13 - 2014-11-07 15:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-04-07 18:23 - 2015-01-12 18:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net2015-04-07 16:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF2015-04-06 22:32 - 2014-07-02 08:13 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\vlc2015-04-06 20:44 - 2014-12-29 00:19 - 00000000 ____D () C:\Users\Mel\Desktop\School2015-04-06 20:14 - 2015-01-12 18:16 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft2015-03-31 08:42 - 2014-08-17 14:28 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk2015-03-30 15:25 - 2014-09-04 11:15 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys2015-03-29 13:02 - 2014-06-30 10:10 - 00000000 ____D () C:\Users\Mel2015-03-28 16:26 - 2015-01-08 18:19 - 00002025 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk2015-03-28 16:26 - 2015-01-08 18:19 - 00000000 ____D () C:\ProgramData\CanonIJWSpt2015-03-28 16:26 - 2015-01-08 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities2015-03-28 16:23 - 2015-01-08 18:14 - 00002358 _____ () C:\Users\Public\Desktop\Canon MX470 series On-screen Manual.lnk2015-03-20 12:21 - 2014-10-16 03:40 - 00000000 ___RD () C:\Program Files (x86)\Skype2015-03-20 12:21 - 2014-07-01 19:35 - 00000000 ____D () C:\ProgramData\Skype ==================== Files in the root of some directories ======= 2015-04-11 13:14 - 2015-04-14 15:15 - 0000020 _____ () C:\Users\Mel\AppData\Roaming\appdataFr3.bin2014-08-26 20:49 - 2014-08-26 20:49 - 0000008 _____ () C:\Users\Mel\AppData\Roaming\Lucid_player_highscore.dat2014-08-26 20:49 - 2014-08-26 20:49 - 0000212 _____ () C:\Users\Mel\AppData\Roaming\Lucid_player_profiles_data.dat2014-07-03 10:34 - 2014-09-03 11:16 - 0010752 _____ () C:\Users\Mel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some content of TEMP:====================C:\Users\Mel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7a4qmw.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-14 16:09 ==================== End Of Log ============================
  3. When I attempted to uninstall LighterSystem, I received a popup error that read, "There was a problem starting C:\PROGRA~2\INDEPT~1\INDEPT~1.DLL". Can I reinstall Spybot when we're all finished? Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-04-2015 01Ran by Mel at 2015-04-18 08:52:30 Run:1Running from C:\Users\Mel\DesktopLoaded Profiles: Mel (Available profiles: Mel)Boot Mode: Normal============================================== Content of fixlist:*****************CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONProxyServer: [s-1-5-21-2667224228-1020230360-1385556155-1000] => localhost:21320 ***************** "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. ==== End of Fixlog 08:52:30 ==== # DelFix v10.9 - Logfile created 18/04/2015 at 08:46:32# Updated 27/02/2015 by Xplode# Username : Mel - MEL-PC# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) ~ Creating registry backup ... OK ########## - EOF - ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.5.8 (04.17.2015:1)OS: Windows 7 Ultimate x64Ran by Mel on Sat 04/18/2015 at 9:17:28.69~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 04/18/2015 at 9:19:55.39End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thanks for your help!
  4. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 4/17/2015Scan Time: 9:44:08 PMLogfile: log.txtAdministrator: Yes Version: 2.01.4.1018Malware Database: v2015.04.18.01Rootkit Database: v2015.03.31.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Mel Scan Type: Threat ScanResult: CompletedObjects Scanned: 357994Time Elapsed: 15 min, 29 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) RogueKiller V10.5.10.0 (x64) [Apr 14 2015] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Mel [Administrator]Started from : C:\Users\Mel\Downloads\RogueKillerX64.exeMode : Scan -- Date : 04/17/2015 22:26:54 ¤¤¤ Processes : 2 ¤¤¤[suspicious.Path] CurseClient.exe(1784) -- C:\Users\Mel\AppData\Local\Apps\2.0\AE2VXK7Y.JT9\VBT3C43B.BQY\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe[-] -> Killed [TermProc][suspicious.Path] Soda Manager.exe(3168) -- C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe[7] -> Killed [TermProc] ¤¤¤ Registry : 9 ¤¤¤[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SODA Manager ("C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe") -> Found[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SODA Manager ("C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe") -> Found[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SODA Manager ("C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe") -> Found[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:21320 -> Found[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:21320 -> Found[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 1 ¤¤¤[PUM.HomePage][FIREFX:Config] 8dbm1mur.default-1421694296002 : user_pref("browser.startup.homepage", "http://gmail.com/");-> Found ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: Hitachi HDS721010KLA330 ATA Device +++++--- User ---[MBR] 80da951f16e46c7358ababe4467c4e97[bSP] d74fb021b6d94ef1c36e7da6f84c9bd9 : Windows Vista/7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]User = LL1 ... OKUser = LL2 ... OK --- Thank you again, MrC. Gorgeous pups, there.
  5. Thanks, Mister Charlie. Say, I thought I'd gotten rid of all p2p software, could you please point out trouble you find? MS Office is mine legally, required by my school. Other than that I can't think of any remnants from my rebel days that should be remaining on the computer. Scanning with MBAM now.
  6. The only symptoms are described in the title. Began about a week ago, I'd been streaming video with Chrome and suddenly the advertisements started ignoring my ABP. Did not have Firefox open at the time, but Firefox was also affected with similar symptoms, random adware extensions downloading and running. I found the two random-character folders in ProgramData while following instructions for removal of one of the extensions, trying to figure out where they might be coming from. I couldn't delete them at first, they were a regular pain in the rear end until I took ownership of the folders and toyed with permissions for a while. I don't know if they're related to the adware issue, but I did want to make them known just in case. Reinstalled Chrome clean just a few days ago when the browser refused to let me download an extension I actually wanted to download. That fixed the problem. Ran MBAM the same night and found a PUP (can't remember what kind or the full name) as well as IndepthEdit issues, all removed. Today's MBAM quick scan resulted in no threats. Uninstalled uTorrent. I think all torrent files are gone. Thank you in advance! FRST Log: When I tried to post the topic with Addition.txt, the post editor said I had to shorten the post 'a little'. Very unhelpful. Can we get a max character counter please? Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.