hirochihachi
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by hirochihachi
-
-
Addition.txtApologies, forgot about the log, but I did run the scan. No new symptoms, computer seems to be behaving itself nicely.
# AdwCleaner v4.201 - Logfile created 18/04/2015 at 08:57:03# Updated 08/04/2015 by Xplode# Database : 2015-04-18.3 [server]# Operating system : Windows 7 Ultimate Service Pack 1 (x64)# Username : Mel - MEL-PC# Running from : C:\Users\Mel\Desktop\adwcleaner_4.201.exe# Option : Cleaning***** [ Services ] ********** [ Files / Folders ] ********** [ Scheduled tasks ] ********** [ Shortcuts ] ********** [ Registry ] *****Key Deleted : HKLM\SOFTWARE\c8449833-e575-8169-d9af-50797cee3ae3Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6040a42c}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20B9C05C-99C9-4BAB-B596-FB0C0E1C9F55}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}***** [ Web browsers ] *****-\\ Internet Explorer v11.0.9600.17728-\\ Mozilla Firefox v37.0.1 (x86 en-US)[8dbm1mur.default-1421694296002\prefs.js] - Line Deleted : user_pref("extensions.4u5PDhFhM2JvZUOp.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjw4rTn6rTrHrHC6qHg4rTU9pdU\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\[...]-\\ Google Chrome v42.0.2311.90*************************AdwCleaner[R0].txt - [2251 bytes] - [18/04/2015 08:54:58]AdwCleaner[s0].txt - [2209 bytes] - [18/04/2015 08:57:03]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2268 bytes] ##########Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01Ran by Mel (administrator) on MEL-PC on 18-04-2015 14:58:17Running from C:\Users\Mel\DesktopLoaded Profiles: Mel (Available profiles: Mel)Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Telstra Corporation Ltd.) C:\Program Files\Windstream Support Center\9.0.0.209\ma\bin\pcTrayApp.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe() C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe(Curse) C:\Users\Mel\AppData\Local\Apps\2.0\AE2VXK7Y.JT9\VBT3C43B.BQY\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE(Dropbox, Inc.) C:\Users\Mel\AppData\Roaming\Dropbox\bin\Dropbox.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(LULU SOFTWARE LIMITED) C:\Program Files (x86)\Soda PDF 3D Reader\creator-ws.exe(Alcatel-Lucent) C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\MAHostService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Joyent, Inc) C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\node.exe(Microsoft Corporation) C:\Windows\splwow64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [Windstream_McciTrayApp] => C:\Program Files\Windstream Support Center\9.0.0.209\ma\bin\pcTrayApp.exe [2905088 2014-09-11] (Telstra Corporation Ltd.)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()HKLM-x32\...\Run: [steelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition] => C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe [1945600 2011-10-03] ()HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (CANON INC.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\Run: [battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2861104 2015-04-07] (Blizzard Entertainment)HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\MountPoints2: {2fcb64f1-7b01-11e4-97b0-806e6f6e6963} - D:\AUTORUN.EXEHKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\MountPoints2: {b14562e9-0077-11e4-8149-806e6f6e6963} - D:\Gw2Setup.exeHKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Mel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)BootExecute: autocheck autochk * sdnclean64.exe==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKU\S-1-5-21-2667224228-1020230360-1385556155-1000 -> {94586F80-A0BB-43C0-A448-910A55301690} URL = https://www.google.com/search?q={searchTerms}BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Mel\AppData\Roaming\Mozilla\Firefox\Profiles\8dbm1mur.default-1421694296002FF DefaultSearchEngine: GoogleFF DefaultSearchEngine.US: GoogleFF Homepage: hxxp://gmail.com/FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\npMotive.dll [2014-09-11] (Windstream)FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2014-09-11] (Windstream)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll No FileFF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll No FileFF Plugin-x32: Soda PDF 3D Reader -> C:\Program Files (x86)\Soda PDF 3D Reader\np-previewer.dll [2015-01-16] (LULU SOFTWARE LIMITED)FF Plugin HKU\S-1-5-21-2667224228-1020230360-1385556155-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No FileFF Plugin HKU\S-1-5-21-2667224228-1020230360-1385556155-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-01-21] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-01-21] (Apple Inc.)FF Extension: Windstream Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\mcciwbch@motive.com.xpi [2015-04-08]FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-08]FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_3d_reader@sodapdf.com] - C:\Program Files (x86)\Soda PDF 3D Reader\resources\soda3dreaderfirefoxextensionFF Extension: Soda PDF 3D Reader Creator - C:\Program Files (x86)\Soda PDF 3D Reader\resources\soda3dreaderfirefoxextension [2015-03-29]Chrome:=======CHR HomePage: Default ->CHR StartupUrls: Default -> "hxxp://www.google.com/"CHR Profile: C:\Users\Mel\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]CHR Extension: (Google Docs) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]CHR Extension: (Google Drive) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]CHR Extension: (YouTube) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]CHR Extension: (Adblock Plus) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-15]CHR Extension: (Google Search) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]CHR Extension: (Windstream Extension) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2015-04-15]CHR Extension: (Video Downloader professional) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-04-15]CHR Extension: (Google Sheets) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]CHR Extension: (Bookmark Manager) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]CHR Extension: (Voice Recognition) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2015-04-15]CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-04-15]CHR Extension: (The Great Suspender) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-04-15]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]CHR Extension: (Google Wallet) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]CHR Extension: (Gmail) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2015-01-14]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)S3 LULU Software CrashHandler; C:\Program Files (x86)\Soda PDF 3D Reader\crash-handler-ws.exe [786232 2015-01-16] (LULU SOFTWARE LIMITED)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-10-22] (Alcatel-Lucent) [File not signed]R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2013-10-22] (Alcatel-Lucent) [File not signed]S2 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [868688 2015-01-29] (LULU Software Limited)S3 Soda PDF 3D Reader; C:\Program Files (x86)\Soda PDF 3D Reader\ws.exe [1862456 2015-01-16] (LULU SOFTWARE LIMITED)R2 Soda PDF 3D Reader Creator; C:\Program Files (x86)\Soda PDF 3D Reader\creator-ws.exe [623416 2015-01-16] (LULU SOFTWARE LIMITED)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)R2 Windstream MAHostService; C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\MAHostService.exe [321024 2014-09-11] (Alcatel-Lucent) [File not signed]==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-18] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)R3 SSMO4Filter; C:\Windows\System32\drivers\MO4Driver.sys [21504 2011-07-26] (Sagatek Co. Ltd.)==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2015-04-18 09:21 - 2015-04-18 09:21 - 00448512 _____ (OldTimer Tools) C:\Users\Mel\Desktop\TFC.exe2015-04-18 09:19 - 2015-04-18 09:19 - 00000602 _____ () C:\Users\Mel\Desktop\JRT.txt2015-04-18 09:04 - 2015-04-18 09:04 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MEL-PC-Windows-7-Ultimate-(64-bit).dat2015-04-18 09:04 - 2015-04-18 09:04 - 00000000 ____D () C:\RegBackup2015-04-18 09:03 - 2015-04-18 09:04 - 02686254 _____ (Thisisu) C:\Users\Mel\Desktop\JRT.exe2015-04-18 08:54 - 2015-04-18 08:57 - 00000000 ____D () C:\AdwCleaner2015-04-18 08:53 - 2015-04-18 08:54 - 00781312 _____ () C:\Users\Mel\Desktop\delfix_10.9 (1).exe2015-04-18 08:53 - 2015-04-18 08:53 - 02217984 _____ () C:\Users\Mel\Desktop\adwcleaner_4.201.exe2015-04-18 08:52 - 2015-04-18 08:52 - 00000000 ____D () C:\Users\Mel\Desktop\FRST-OlderVersion2015-04-18 08:46 - 2015-04-18 08:49 - 00000318 _____ () C:\DelFix.txt2015-04-18 08:46 - 2015-04-18 08:46 - 00000000 ____D () C:\Windows\ERUNT2015-04-18 08:45 - 2015-04-18 08:46 - 00781312 _____ () C:\Users\Mel\Desktop\delfix_10.9.exe2015-04-17 22:49 - 2015-04-17 22:50 - 00000000 ____D () C:\Users\Mel\AppData\Local\CrashDumps2015-04-17 22:38 - 2015-04-17 22:38 - 00045993 _____ () C:\Users\Mel\Downloads\Addition.txt2015-04-17 22:37 - 2015-04-17 22:37 - 00072041 _____ () C:\Users\Mel\Downloads\FRST.txt2015-04-17 22:21 - 2015-04-17 23:52 - 00000000 ____D () C:\ProgramData\RogueKiller2015-04-17 22:21 - 2015-04-17 22:21 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys2015-04-17 22:01 - 2015-04-17 22:20 - 20589656 _____ () C:\Users\Mel\Downloads\RogueKillerX64.exe2015-04-17 14:29 - 2015-04-17 14:29 - 00000000 ____D () C:\SUPPORT2015-04-17 14:29 - 2015-04-17 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revenue Management2015-04-17 14:28 - 2015-04-17 14:28 - 00000821 _____ () C:\Users\Public\Desktop\Office Hours Professional Demo.lnk2015-04-17 14:28 - 2015-04-17 14:28 - 00000810 _____ () C:\Users\Public\Desktop\Medisoft Advanced Demo.lnk2015-04-17 14:28 - 2015-04-17 14:28 - 00000779 _____ () C:\Users\Public\Desktop\Work Administrator.lnk2015-04-17 14:28 - 2015-04-17 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medisoft2015-04-17 14:27 - 2015-04-17 14:28 - 00000000 ____D () C:\Medisoft DEMO2015-04-17 14:25 - 2015-04-17 14:25 - 00000000 ____D () C:\MediData2015-04-17 14:24 - 2015-04-17 14:25 - 06163480 _____ () C:\Users\Mel\Downloads\CIMO8e.exe2015-04-17 11:15 - 2015-04-17 11:15 - 05820916 _____ () C:\Users\Mel\Downloads\CIMO8e.zip2015-04-16 21:51 - 2015-04-16 21:51 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_24FC2015-04-16 12:25 - 2015-04-16 12:33 - 00039871 _____ () C:\Users\Mel\Desktop\Addition.txt2015-04-16 12:24 - 2015-04-18 14:58 - 00026127 _____ () C:\Users\Mel\Desktop\FRST.txt2015-04-16 12:23 - 2015-04-18 14:58 - 00000000 ____D () C:\FRST2015-04-16 12:19 - 2015-04-18 08:52 - 02098176 _____ (Farbar) C:\Users\Mel\Desktop\FRST64.exe2015-04-16 10:55 - 2015-04-16 10:55 - 00000000 ____D () C:\Users\Mel\AppData\Local\Macromedia2015-04-15 13:35 - 2015-04-18 14:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-04-15 13:35 - 2015-04-15 13:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-04-15 13:35 - 2015-04-15 13:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-04-15 13:35 - 2015-04-15 13:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-04-15 13:35 - 2015-04-15 13:35 - 00000000 ____D () C:\Windows\system32\Macromed2015-04-15 01:15 - 2015-04-15 01:15 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-04-15 01:15 - 2015-04-15 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-04-15 01:08 - 2015-04-18 14:13 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-04-15 01:08 - 2015-04-18 12:48 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-04-15 01:08 - 2015-04-15 01:08 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-04-15 01:08 - 2015-04-15 01:08 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-04-15 01:04 - 2015-04-15 01:04 - 00002308 _____ () C:\Users\Mel\Downloads\software_removal_tool.log2015-04-15 00:52 - 2015-04-15 01:18 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2015-04-15 00:47 - 2015-04-15 01:18 - 00000000 ____D () C:\Users\Mel\Desktop\mbar2015-04-15 00:16 - 2015-04-18 12:48 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-04-15 00:16 - 2015-04-15 00:20 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Mel\Downloads\mbar-1.09.1.1004.exe2015-04-15 00:16 - 2015-04-15 00:16 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-04-15 00:16 - 2015-04-15 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-04-15 00:15 - 2015-04-15 00:47 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-04-15 00:15 - 2015-04-15 00:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-04-15 00:15 - 2015-04-15 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-04-15 00:15 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-04-15 00:15 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-04-15 00:09 - 2015-04-15 00:12 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Mel\Downloads\mbam-setup-2.1.4.1018.exe2015-04-14 22:58 - 2015-04-14 22:58 - 00334720 _____ (Sysinternals - www.sysinternals.com) C:\Users\Mel\Downloads\RootkitRevealer.exe2015-04-14 22:54 - 2015-04-14 22:54 - 00588816 _____ () C:\Users\Mel\Downloads\Autoruns.zip2015-04-14 22:44 - 2015-04-14 22:55 - 00000000 ____D () C:\Users\Mel\Desktop\rootkit revealer2015-04-14 22:44 - 2015-04-14 22:44 - 00231390 _____ () C:\Users\Mel\Downloads\RootkitRevealer.zip2015-04-14 21:32 - 2015-04-01 20:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-04-14 21:32 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-04-14 21:32 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-04-14 21:32 - 2015-03-13 00:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-04-14 21:32 - 2015-03-13 00:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-04-14 21:32 - 2015-03-13 00:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-04-14 21:32 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-04-14 21:32 - 2015-03-13 00:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-04-14 21:32 - 2015-03-13 00:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-04-14 21:32 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-04-14 21:32 - 2015-03-13 00:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-04-14 21:32 - 2015-03-13 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-04-14 21:32 - 2015-03-12 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-04-14 21:32 - 2015-03-12 23:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-04-14 21:32 - 2015-03-12 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-04-14 21:32 - 2015-03-12 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-04-14 21:32 - 2015-03-12 23:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-04-14 21:32 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-04-14 21:32 - 2015-03-12 23:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-04-14 21:32 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-04-14 21:32 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-04-14 21:32 - 2015-03-12 23:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-04-14 21:32 - 2015-03-12 23:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-04-14 21:32 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-04-14 21:32 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-04-14 21:32 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-04-14 21:32 - 2015-03-12 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-04-14 21:32 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-04-14 21:32 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-04-14 21:32 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-04-14 21:32 - 2015-03-12 23:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-04-14 21:32 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-04-14 21:32 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-04-14 21:32 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-04-14 21:32 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-04-14 21:32 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-04-14 21:32 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-04-14 21:32 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-04-14 21:32 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-04-14 21:32 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-04-14 21:32 - 2015-03-12 23:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-04-14 21:32 - 2015-03-12 23:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-04-14 21:32 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-04-14 21:32 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-04-14 21:32 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-04-14 21:32 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-04-14 21:32 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-04-14 21:32 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-04-14 21:32 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-04-14 21:32 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-04-14 21:32 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-04-14 21:32 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-04-14 21:32 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-04-14 21:32 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-04-14 21:32 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-04-14 21:32 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-04-14 21:32 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-04-14 21:31 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-04-14 18:05 - 2015-04-14 18:05 - 00000355 _____ () C:\Users\Mel\Desktop\Computer - Shortcut (2).lnk2015-04-14 17:02 - 2015-04-14 18:39 - 00000000 ____D () C:\Users\Mel\Desktop\backups2015-04-14 17:02 - 2015-04-14 17:02 - 00012748 _____ () C:\Users\Mel\Desktop\hijackthis.log2015-04-14 16:59 - 2015-03-24 23:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-04-14 16:59 - 2015-03-24 23:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-04-14 16:59 - 2015-03-24 23:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-04-14 16:59 - 2015-03-24 23:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-04-14 16:59 - 2015-03-24 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-04-14 16:59 - 2015-03-24 23:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-04-14 16:59 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-04-14 16:59 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-04-14 16:57 - 2015-03-22 23:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-04-14 16:57 - 2015-03-22 23:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-04-14 16:57 - 2015-03-22 23:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2015-04-14 16:57 - 2015-03-22 23:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-04-14 16:56 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2015-04-14 16:56 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2015-04-14 16:51 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2015-04-14 16:51 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2015-04-14 16:51 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2015-04-14 16:51 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2015-04-14 16:46 - 2015-03-17 01:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-04-14 16:46 - 2015-03-17 01:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-04-14 16:46 - 2015-03-17 01:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-04-14 16:46 - 2015-03-17 01:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2015-04-14 16:46 - 2015-03-17 01:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2015-04-14 16:46 - 2015-03-17 01:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2015-04-14 16:46 - 2015-03-17 01:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2015-04-14 16:46 - 2015-03-17 01:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-04-14 16:46 - 2015-03-17 01:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2015-04-14 16:46 - 2015-03-17 01:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-04-14 16:46 - 2015-03-17 01:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2015-04-14 16:46 - 2015-03-17 01:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2015-04-14 16:46 - 2015-03-17 01:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-04-14 16:46 - 2015-03-17 01:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-04-14 16:46 - 2015-03-17 01:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-04-14 16:46 - 2015-03-17 01:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-04-14 16:46 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-04-14 16:46 - 2015-03-17 00:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-04-14 16:46 - 2015-03-17 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2015-04-14 16:46 - 2015-03-17 00:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-04-14 16:46 - 2015-03-17 00:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2015-04-14 16:46 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-04-14 16:46 - 2015-03-17 00:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2015-04-14 16:46 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-04-14 16:46 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2015-04-14 16:46 - 2015-03-16 23:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2015-04-14 16:46 - 2015-03-16 23:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2015-04-14 16:46 - 2015-03-16 23:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2015-04-14 16:41 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys2015-04-14 16:12 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys2015-04-14 16:12 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll2015-04-14 16:12 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll2015-04-13 16:43 - 2015-04-17 14:30 - 00005928 _____ () C:\ads_err.adt2015-04-13 16:43 - 2015-04-17 14:30 - 00003072 _____ () C:\ads_err.adi2015-04-13 16:43 - 2015-04-13 16:43 - 00004136 _____ () C:\ads_err.adm2015-04-13 16:37 - 2015-04-17 14:27 - 00001563 _____ () C:\Windows\KB893803v2.log2015-04-13 16:37 - 2015-04-17 14:27 - 00000000 ____D () C:\Medisoft DEMO DEMO2015-04-13 16:37 - 2015-04-13 16:37 - 00000000 ____D () C:\ProgramData\Medisoft2015-04-13 16:36 - 2015-04-13 16:36 - 00000000 ____D () C:\Program Files (x86)\Medisoft2015-04-11 22:08 - 2015-04-11 22:08 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_38CF2015-04-11 14:32 - 2015-04-18 08:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22015-04-11 14:32 - 2015-04-18 08:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2015-04-11 14:32 - 2015-04-11 14:32 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2015-04-11 13:55 - 2015-04-11 14:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mel\Downloads\spybot-2.4.exe2015-04-11 13:41 - 2015-04-11 13:41 - 00000000 ____D () C:\Users\Mel\Downloads\backups2015-04-11 13:33 - 2015-04-11 13:33 - 00012778 _____ () C:\Users\Mel\Downloads\hijackthis.log2015-04-11 13:31 - 2015-04-11 13:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mel\Desktop\HijackThis.exe2015-04-11 13:17 - 2015-04-15 00:36 - 00000000 ____D () C:\Program Files (x86)\IndepthEdit2015-04-11 13:14 - 2015-04-14 15:15 - 00000020 _____ () C:\Users\Mel\AppData\Roaming\appdataFr3.bin2015-04-08 22:34 - 2015-04-09 23:05 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\.minecraft2015-04-08 22:34 - 2015-04-08 22:34 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\java2015-04-08 22:15 - 2015-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\Minecraft2015-04-08 22:15 - 2015-04-08 22:15 - 00000961 _____ () C:\Users\Public\Desktop\Minecraft.lnk2015-04-08 22:15 - 2015-04-08 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft2015-04-08 22:11 - 2015-04-08 22:12 - 02314240 _____ () C:\Users\Mel\Downloads\MinecraftInstaller.msi2015-04-08 12:05 - 2015-04-11 13:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-04-05 21:15 - 2015-04-05 21:15 - 00000000 ___SD () C:\Windows\SysWOW64\GWX2015-04-05 21:15 - 2015-04-05 21:15 - 00000000 ___SD () C:\Windows\system32\GWX2015-04-05 19:11 - 2015-04-05 19:15 - 00000000 ____D () C:\Users\Mel\Desktop\Camera phone 04-062015-03-31 08:42 - 2015-03-31 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi2015-03-31 08:42 - 2015-03-31 08:42 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi2015-03-29 23:33 - 2015-03-29 23:33 - 00001022 _____ () C:\Users\Public\Desktop\Soda PDF 3D Reader.lnk2015-03-29 23:32 - 2015-03-29 23:37 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Soda PDF 3D Reader2015-03-29 23:32 - 2015-03-29 23:32 - 00000000 ____D () C:\ProgramData\LULU Software2015-03-29 23:31 - 2015-03-30 00:10 - 00000000 ____D () C:\Users\Mel\Documents\Soda PDF Files2015-03-29 23:31 - 2015-03-29 23:32 - 00000000 ____D () C:\Program Files (x86)\Soda PDF 3D Reader2015-03-29 23:31 - 2015-03-29 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF 3D Reader2015-03-29 23:29 - 2015-03-29 23:29 - 00000000 ____D () C:\ProgramData\Soda PDF 3D Reader2015-03-29 23:28 - 2015-03-29 23:59 - 00000000 ____D () C:\Users\Mel\Downloads\The Walking Dead Comics 1-134 + Specials2015-03-29 23:28 - 2015-03-29 23:28 - 05971544 _____ (LULU Software Limited) C:\Users\Mel\Downloads\Soda_3D_7_Installer.exe2015-03-28 16:38 - 2015-03-28 16:38 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu2015-03-28 16:26 - 2015-03-28 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX470 series User Registration2015-03-28 16:23 - 2015-03-28 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX470 series Manual2015-03-28 16:09 - 2015-04-09 15:29 - 00000000 ____D () C:\ProgramData\CanonIJPLM2015-03-28 16:09 - 2015-03-28 16:09 - 00000000 ___HD () C:\ProgramData\CanonIJETV2015-03-28 16:07 - 2015-03-28 16:08 - 50908760 _____ () C:\Users\Mel\Downloads\win-mx470-1_0-ucd.exe2015-03-20 22:54 - 2015-03-20 22:54 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_3C58==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2015-04-18 14:49 - 2014-06-30 10:20 - 00000000 ____D () C:\Users\Mel\AppData\Local\Deployment2015-04-18 14:49 - 2014-06-30 10:19 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB52D448-0961-4830-9779-72FC4E3589E8}2015-04-18 14:40 - 2014-06-30 13:00 - 01574161 _____ () C:\Windows\WindowsUpdate.log2015-04-18 13:52 - 2014-08-17 14:29 - 00000000 ____D () C:\Users\Mel\AppData\Local\LogMeIn Hamachi2015-04-18 13:49 - 2015-01-12 18:12 - 00000000 ____D () C:\Users\Mel\AppData\Local\Battle.net2015-04-18 12:56 - 2009-07-14 00:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-04-18 12:56 - 2009-07-14 00:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-04-18 12:49 - 2014-07-15 08:48 - 00000000 ___RD () C:\Users\Mel\Dropbox2015-04-18 12:49 - 2014-07-15 08:45 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Dropbox2015-04-18 12:48 - 2015-01-14 18:49 - 00000000 ____D () C:\Program Files (x86)\Windstream Support Center2015-04-18 12:48 - 2009-07-14 00:51 - 00146824 _____ () C:\Windows\setupact.log2015-04-18 12:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-04-18 12:46 - 2014-06-30 10:55 - 00000000 ____D () C:\ProgramData\NVIDIA2015-04-18 08:58 - 2010-11-20 23:47 - 00171084 _____ () C:\Windows\PFRO.log2015-04-18 08:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing2015-04-18 08:27 - 2014-06-30 10:20 - 00118016 _____ () C:\Users\Mel\AppData\Local\GDIPFONTCACHEV1.DAT2015-04-18 08:26 - 2009-07-14 00:45 - 05076568 _____ () C:\Windows\system32\FNTCACHE.DAT2015-04-18 00:37 - 2014-08-31 22:54 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Mumble2015-04-17 21:48 - 2015-01-08 18:37 - 00000000 ____D () C:\ProgramData\Adobe2015-04-17 21:48 - 2014-07-01 15:58 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Adobe2015-04-17 21:47 - 2015-01-08 18:37 - 00000000 ____D () C:\Program Files (x86)\Adobe2015-04-17 11:25 - 2012-10-24 16:26 - 06163608 _____ () C:\Users\Mel\Desktop\CIMO8e.exe2015-04-17 11:05 - 2014-06-30 10:10 - 00000000 ____D () C:\Users\Mel\AppData\Local\VirtualStore2015-04-17 08:36 - 2015-01-08 18:37 - 00000000 ____D () C:\Users\Mel\AppData\Local\Adobe2015-04-17 01:10 - 2015-01-18 23:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132015-04-17 01:10 - 2015-01-18 23:24 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-04-17 01:10 - 2015-01-18 23:24 - 00000000 ____D () C:\Program Files (x86)\Office152015-04-16 13:04 - 2014-08-05 01:33 - 00111526 _____ () C:\Users\Mel\Desktop\New Text Document (2).txt2015-04-16 12:49 - 2014-07-27 09:15 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\uTorrent2015-04-15 03:04 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini2015-04-15 01:15 - 2014-06-30 10:20 - 00000000 ____D () C:\Users\Mel\AppData\Local\Google2015-04-15 01:15 - 2014-06-30 10:20 - 00000000 ____D () C:\Program Files (x86)\Google2015-04-15 00:36 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew2015-04-15 00:36 - 2009-07-14 01:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2015-04-14 23:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat2015-04-14 23:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2015-04-14 19:15 - 2014-12-19 14:36 - 00000000 ____D () C:\Windows\system32\appraiser2015-04-14 19:15 - 2014-06-30 12:00 - 00000000 ___SD () C:\Windows\system32\CompatTel2015-04-14 19:00 - 2014-06-30 10:48 - 00773912 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2015-04-14 19:00 - 2009-07-14 01:13 - 00773912 _____ () C:\Windows\system32\PerfStringBackup.INI2015-04-14 18:58 - 2014-06-30 11:56 - 00000000 ____D () C:\Windows\system32\MRT2015-04-14 18:52 - 2014-06-30 11:56 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-04-14 15:28 - 2014-07-01 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS2015-04-14 15:28 - 2014-07-01 14:38 - 00000000 ____D () C:\Program Files (x86)\ASUS2015-04-14 15:28 - 2014-06-30 10:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-04-12 13:40 - 2015-01-08 18:14 - 00000000 ____D () C:\Program Files\Canon2015-04-12 13:40 - 2015-01-08 18:11 - 00000000 ____D () C:\Program Files (x86)\Canon2015-04-12 02:01 - 2014-12-29 01:17 - 00000000 ____D () C:\Users\Mel\AppData\Local\Plex Media Server2015-04-11 20:22 - 2015-02-11 14:09 - 00000000 ____D () C:\Users\Mel\AppData\Local\AddLive_v32015-04-11 13:43 - 2014-07-01 19:35 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Skype2015-04-09 22:12 - 2014-07-15 08:48 - 00001009 _____ () C:\Users\Mel\Desktop\Dropbox.lnk2015-04-09 22:12 - 2014-07-15 08:46 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-04-09 21:13 - 2014-11-07 15:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-04-07 18:23 - 2015-01-12 18:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net2015-04-07 16:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF2015-04-06 22:32 - 2014-07-02 08:13 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\vlc2015-04-06 20:44 - 2014-12-29 00:19 - 00000000 ____D () C:\Users\Mel\Desktop\School2015-04-06 20:14 - 2015-01-12 18:16 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft2015-03-31 08:42 - 2014-08-17 14:28 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk2015-03-30 15:25 - 2014-09-04 11:15 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys2015-03-29 13:02 - 2014-06-30 10:10 - 00000000 ____D () C:\Users\Mel2015-03-28 16:26 - 2015-01-08 18:19 - 00002025 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk2015-03-28 16:26 - 2015-01-08 18:19 - 00000000 ____D () C:\ProgramData\CanonIJWSpt2015-03-28 16:26 - 2015-01-08 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities2015-03-28 16:23 - 2015-01-08 18:14 - 00002358 _____ () C:\Users\Public\Desktop\Canon MX470 series On-screen Manual.lnk2015-03-20 12:21 - 2014-10-16 03:40 - 00000000 ___RD () C:\Program Files (x86)\Skype2015-03-20 12:21 - 2014-07-01 19:35 - 00000000 ____D () C:\ProgramData\Skype==================== Files in the root of some directories =======2015-04-11 13:14 - 2015-04-14 15:15 - 0000020 _____ () C:\Users\Mel\AppData\Roaming\appdataFr3.bin2014-08-26 20:49 - 2014-08-26 20:49 - 0000008 _____ () C:\Users\Mel\AppData\Roaming\Lucid_player_highscore.dat2014-08-26 20:49 - 2014-08-26 20:49 - 0000212 _____ () C:\Users\Mel\AppData\Roaming\Lucid_player_profiles_data.dat2014-07-03 10:34 - 2014-09-03 11:16 - 0010752 _____ () C:\Users\Mel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.iniSome content of TEMP:====================C:\Users\Mel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7a4qmw.dll==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2015-04-14 16:09==================== End Of Log ============================ -
When I attempted to uninstall LighterSystem, I received a popup error that read, "There was a problem starting C:\PROGRA~2\INDEPT~1\INDEPT~1.DLL".
Can I reinstall Spybot when we're all finished?
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-04-2015 01Ran by Mel at 2015-04-18 08:52:30 Run:1Running from C:\Users\Mel\DesktopLoaded Profiles: Mel (Available profiles: Mel)Boot Mode: Normal==============================================Content of fixlist:*****************CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONProxyServer: [s-1-5-21-2667224228-1020230360-1385556155-1000] => localhost:21320*****************"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.==== End of Fixlog 08:52:30 ====# DelFix v10.9 - Logfile created 18/04/2015 at 08:46:32# Updated 27/02/2015 by Xplode# Username : Mel - MEL-PC# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)~ Creating registry backup ... OK########## - EOF - ##########~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.5.8 (04.17.2015:1)OS: Windows 7 Ultimate x64Ran by Mel on Sat 04/18/2015 at 9:17:28.69~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Tasks~~~ Registry Values~~~ Registry Keys~~~ Files~~~ Folders~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 04/18/2015 at 9:19:55.39End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks for your help!
-
Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 4/17/2015Scan Time: 9:44:08 PMLogfile: log.txtAdministrator: YesVersion: 2.01.4.1018Malware Database: v2015.04.18.01Rootkit Database: v2015.03.31.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: MelScan Type: Threat ScanResult: CompletedObjects Scanned: 357994Time Elapsed: 15 min, 29 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 0(No malicious items detected)Physical Sectors: 0(No malicious items detected)(end)
RogueKiller V10.5.10.0 (x64) [Apr 14 2015] by Adlice SoftwareFeedback : http://forum.adlice.comBlog : http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Mel [Administrator]Started from : C:\Users\Mel\Downloads\RogueKillerX64.exeMode : Scan -- Date : 04/17/2015 22:26:54¤¤¤ Processes : 2 ¤¤¤[suspicious.Path] CurseClient.exe(1784) -- C:\Users\Mel\AppData\Local\Apps\2.0\AE2VXK7Y.JT9\VBT3C43B.BQY\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe[-] -> Killed [TermProc][suspicious.Path] Soda Manager.exe(3168) -- C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe[7] -> Killed [TermProc]¤¤¤ Registry : 9 ¤¤¤[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SODA Manager ("C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe") -> Found[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SODA Manager ("C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe") -> Found[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SODA Manager ("C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe") -> Found[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:21320 -> Found[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:21320 -> Found[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found¤¤¤ Tasks : 0 ¤¤¤¤¤¤ Files : 0 ¤¤¤¤¤¤ Hosts File : 0 ¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤ Web browsers : 1 ¤¤¤[PUM.HomePage][FIREFX:Config] 8dbm1mur.default-1421694296002 : user_pref("browser.startup.homepage", "http://gmail.com/");-> Found¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: Hitachi HDS721010KLA330 ATA Device +++++--- User ---[MBR] 80da951f16e46c7358ababe4467c4e97[bSP] d74fb021b6d94ef1c36e7da6f84c9bd9 : Windows Vista/7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]User = LL1 ... OKUser = LL2 ... OK
---
Thank you again, MrC. Gorgeous pups, there. -
Photoshop uninstalled, sorry about that.
-
Thanks, Mister Charlie. Say, I thought I'd gotten rid of all p2p software, could you please point out trouble you find? MS Office is mine legally, required by my school. Other than that I can't think of any remnants from my rebel days that should be remaining on the computer.
Scanning with MBAM now. -
The only symptoms are described in the title. Began about a week ago, I'd been streaming video with Chrome and suddenly the advertisements started ignoring my ABP. Did not have Firefox open at the time, but Firefox was also affected with similar symptoms, random adware extensions downloading and running.
I found the two random-character folders in ProgramData while following instructions for removal of one of the extensions, trying to figure out where they might be coming from. I couldn't delete them at first, they were a regular pain in the rear end until I took ownership of the folders and toyed with permissions for a while. I don't know if they're related to the adware issue, but I did want to make them known just in case.
Reinstalled Chrome clean just a few days ago when the browser refused to let me download an extension I actually wanted to download. That fixed the problem. Ran MBAM the same night and found a PUP (can't remember what kind or the full name) as well as IndepthEdit issues, all removed. Today's MBAM quick scan resulted in no threats.
Uninstalled uTorrent. I think all torrent files are gone.
Thank you in advance!FRST Log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by Mel (administrator) on MEL-PC on 16-04-2015 12:24:09
Running from C:\Users\Mel\Desktop
Loaded Profiles: Mel (Available profiles: Mel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Telstra Corporation Ltd.) C:\Program Files\Windstream Support Center\9.0.0.209\ma\bin\pcTrayApp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Curse) C:\Users\Mel\AppData\Local\Apps\2.0\AE2VXK7Y.JT9\VBT3C43B.BQY\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
() C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Dropbox, Inc.) C:\Users\Mel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(LULU Software Limited) C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe
(LULU SOFTWARE LIMITED) C:\Program Files (x86)\Soda PDF 3D Reader\creator-ws.exe
(Alcatel-Lucent) C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\MAHostService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Joyent, Inc) C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\node.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Office15\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Office15\POWERPNT.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Windstream_McciTrayApp] => C:\Program Files\Windstream Support Center\9.0.0.209\ma\bin\pcTrayApp.exe [2905088 2014-09-11] (Telstra Corporation Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [steelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition] => C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe [1945600
2011-10-03] ()
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\Run: [battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2861104 2015-04-07] (Blizzard Entertainment)
HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\MountPoints2: {2fcb64f1-7b01-11e4-97b0-806e6f6e6963} - D:\AUTORUN.EXE
HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\...\MountPoints2: {b14562e9-0077-11e4-8149-806e6f6e6963} - D:\Gw2Setup.exe
HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [s-1-5-21-2667224228-1020230360-1385556155-1000] => localhost:21320
HKU\S-1-5-21-2667224228-1020230360-1385556155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKU\S-1-5-21-2667224228-1020230360-1385556155-1000 -> DefaultScope {94586F80-A0BB-43C0-A448-910A55301690} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2667224228-1020230360-1385556155-1000 -> {94586F80-A0BB-43C0-A448-910A55301690} URL = https://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mel\AppData\Roaming\Mozilla\Firefox\Profiles\8dbm1mur.default-1421694296002
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://gmail.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\npMotive.dll [2014-09-11] (Windstream)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2014-09-11] (Windstream)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll No File
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll No File
FF Plugin-x32: Soda PDF 3D Reader -> C:\Program Files (x86)\Soda PDF 3D Reader\np-previewer.dll [2015-01-16] (LULU SOFTWARE LIMITED)
FF Plugin HKU\S-1-5-21-2667224228-1020230360-1385556155-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-2667224228-1020230360-1385556155-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies
ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-01-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-01-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-01-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-01-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-01-21] (Apple Inc.)
FF Extension: Windstream Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\mcciwbch@motive.com.xpi [2015-04-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-08]
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_3d_reader@sodapdf.com] - C:\Program Files (x86)\Soda PDF 3D Reader\resources\soda3dreaderfirefoxextension
FF Extension: Soda PDF 3D Reader Creator - C:\Program Files (x86)\Soda PDF 3D Reader\resources\soda3dreaderfirefoxextension [2015-03-29]
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]
CHR Extension: (Google Docs) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]
CHR Extension: (Google Drive) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]
CHR Extension: (YouTube) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-15]
CHR Extension: (Google Search) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]
CHR Extension: (Windstream Extension) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2015-04-15]
CHR Extension: (Video Downloader professional) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]
CHR Extension: (Bookmark Manager) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Voice Recognition) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2015-04-15]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-04-15]
CHR Extension: (The Great Suspender) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Skype Click to Call) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]
CHR Extension: (Gmail) - C:\Users\Mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2015-01-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S3 LULU Software CrashHandler; C:\Program Files (x86)\Soda PDF 3D Reader\crash-handler-ws.exe [786232 2015-01-16] (LULU SOFTWARE LIMITED)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-10-22] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2013-10-22] (Alcatel-Lucent) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [868688 2015-01-29] (LULU Software Limited)
S3 Soda PDF 3D Reader; C:\Program Files (x86)\Soda PDF 3D Reader\ws.exe [1862456 2015-01-16] (LULU SOFTWARE LIMITED)
R2 Soda PDF 3D Reader Creator; C:\Program Files (x86)\Soda PDF 3D Reader\creator-ws.exe [623416 2015-01-16] (LULU SOFTWARE LIMITED)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 Windstream MAHostService; C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\MAHostService.exe [321024 2014-09-11] (Alcatel-Lucent) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SSMO4Filter; C:\Windows\System32\drivers\MO4Driver.sys [21504 2011-07-26] (Sagatek Co. Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-16 12:24 - 2015-04-16 12:24 - 00027474 _____ () C:\Users\Mel\Desktop\FRST.txt
2015-04-16 12:23 - 2015-04-16 12:24 - 00000000 ____D () C:\FRST
2015-04-16 12:19 - 2015-04-16 12:23 - 02097664 _____ (Farbar) C:\Users\Mel\Desktop\FRST64.exe
2015-04-16 12:00 - 2015-04-16 12:00 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_205F
2015-04-16 10:55 - 2015-04-16 10:55 - 00000000 ____D () C:\Users\Mel\AppData\Local\Macromedia
2015-04-15 13:35 - 2015-04-16 11:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-15 13:35 - 2015-04-15 13:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 13:35 - 2015-04-15 13:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 13:35 - 2015-04-15 13:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 13:35 - 2015-04-15 13:35 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-15 01:15 - 2015-04-15 01:15 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-15 01:15 - 2015-04-15 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-15 01:08 - 2015-04-16 12:13 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-15 01:08 - 2015-04-16 09:48 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-15 01:08 - 2015-04-15 01:08 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-15 01:08 - 2015-04-15 01:08 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-15 01:04 - 2015-04-15 01:04 - 00002308 _____ () C:\Users\Mel\Downloads\software_removal_tool.log
2015-04-15 00:52 - 2015-04-15 01:18 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-15 00:47 - 2015-04-15 01:18 - 00000000 ____D () C:\Users\Mel\Desktop\mbar
2015-04-15 00:16 - 2015-04-16 12:02 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 00:16 - 2015-04-15 00:20 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Mel\Downloads\mbar-1.09.1.1004.exe
2015-04-15 00:16 - 2015-04-15 00:16 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-15 00:16 - 2015-04-15 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-15 00:15 - 2015-04-15 00:47 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-15 00:15 - 2015-04-15 00:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-15 00:15 - 2015-04-15 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-15 00:15 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-15 00:15 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-15 00:09 - 2015-04-15 00:12 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Mel\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-14 22:58 - 2015-04-14 22:58 - 00334720 _____ (Sysinternals - www.sysinternals.com) C:\Users\Mel\Downloads\RootkitRevealer.exe
2015-04-14 22:54 - 2015-04-14 22:54 - 00588816 _____ () C:\Users\Mel\Downloads\Autoruns.zip
2015-04-14 22:44 - 2015-04-14 22:55 - 00000000 ____D () C:\Users\Mel\Desktop\rootkit revealer
2015-04-14 22:44 - 2015-04-14 22:44 - 00231390 _____ () C:\Users\Mel\Downloads\RootkitRevealer.zip
2015-04-14 21:32 - 2015-04-01 20:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 21:32 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 21:32 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 21:32 - 2015-03-13 00:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 21:32 - 2015-03-13 00:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 21:32 - 2015-03-13 00:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 21:32 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 21:32 - 2015-03-13 00:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 21:32 - 2015-03-13 00:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 21:32 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 21:32 - 2015-03-13 00:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 21:32 - 2015-03-13 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 21:32 - 2015-03-12 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 21:32 - 2015-03-12 23:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 21:32 - 2015-03-12 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 21:32 - 2015-03-12 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 21:32 - 2015-03-12 23:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 21:32 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 21:32 - 2015-03-12 23:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 21:32 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 21:32 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 21:32 - 2015-03-12 23:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 21:32 - 2015-03-12 23:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 21:32 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 21:32 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 21:32 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 21:32 - 2015-03-12 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 21:32 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 21:32 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 21:32 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 21:32 - 2015-03-12 23:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 21:32 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 21:32 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 21:32 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 21:32 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 21:32 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 21:32 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 21:32 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 21:32 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 21:32 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 21:32 - 2015-03-12 23:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 21:32 - 2015-03-12 23:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 21:32 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 21:32 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 21:32 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 21:32 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 21:32 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 21:32 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 21:32 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 21:32 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 21:32 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 21:32 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 21:32 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 21:32 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 21:32 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 21:32 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 21:32 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 21:31 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 18:05 - 2015-04-14 18:05 - 00000355 _____ () C:\Users\Mel\Desktop\Computer - Shortcut (2).lnk
2015-04-14 17:02 - 2015-04-14 18:39 - 00000000 ____D () C:\Users\Mel\Desktop\backups
2015-04-14 17:02 - 2015-04-14 17:02 - 00012748 _____ () C:\Users\Mel\Desktop\hijackthis.log
2015-04-14 16:59 - 2015-03-24 23:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 16:59 - 2015-03-24 23:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 16:59 - 2015-03-24 23:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 16:59 - 2015-03-24 23:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 16:59 - 2015-03-24 23:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 16:59 - 2015-03-24 23:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 16:59 - 2015-03-24 23:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 16:59 - 2015-03-24 23:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 16:59 - 2015-03-24 23:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 16:59 - 2015-03-24 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 16:59 - 2015-03-24 23:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 16:59 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 16:59 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 16:59 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 16:59 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 16:59 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 16:57 - 2015-03-22 23:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 16:57 - 2015-03-22 23:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 16:57 - 2015-03-22 23:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 16:57 - 2015-03-22 23:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 16:57 - 2015-03-22 23:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 16:57 - 2015-03-22 23:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 16:57 - 2015-03-22 23:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 16:57 - 2015-03-22 23:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 16:56 - 2015-03-05 01:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 16:56 - 2015-03-05 00:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 16:51 - 2015-03-09 23:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 16:51 - 2015-03-09 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 16:51 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 16:51 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 16:46 - 2015-03-17 01:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 16:46 - 2015-03-17 01:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 16:46 - 2015-03-17 01:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 16:46 - 2015-03-17 01:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 16:46 - 2015-03-17 01:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 16:46 - 2015-03-17 01:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 16:46 - 2015-03-17 01:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 16:46 - 2015-03-17 01:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 16:46 - 2015-03-17 01:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 16:46 - 2015-03-17 01:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 16:46 - 2015-03-17 01:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 16:46 - 2015-03-17 01:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 16:46 - 2015-03-17 01:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 16:46 - 2015-03-17 01:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 16:46 - 2015-03-17 01:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 16:46 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 16:46 - 2015-03-17 00:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 16:46 - 2015-03-17 00:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 16:46 - 2015-03-17 00:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 16:46 - 2015-03-17 00:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 16:46 - 2015-03-17 00:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 16:46 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 16:46 - 2015-03-17 00:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 16:46 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 16:46 - 2015-03-17 00:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 16:46 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 16:46 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 16:46 - 2015-03-17 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 16:46 - 2015-03-16 23:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 16:46 - 2015-03-16 23:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 16:46 - 2015-03-16 23:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 16:46 - 2015-03-16 23:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 16:46 - 2015-03-16 23:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 16:46 - 2015-03-16 23:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 16:41 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 16:12 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 16:12 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 16:12 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-13 16:43 - 2015-04-13 17:30 - 00005637 _____ () C:\ads_err.adt
2015-04-13 16:43 - 2015-04-13 16:44 - 00003072 _____ () C:\ads_err.adi
2015-04-13 16:43 - 2015-04-13 16:43 - 00004136 _____ () C:\ads_err.adm
2015-04-13 16:40 - 2015-04-13 16:40 - 00000000 ____D () C:\SUPPORT
2015-04-13 16:40 - 2015-04-13 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revenue Management
2015-04-13 16:39 - 2015-04-13 16:39 - 00000856 _____ () C:\Users\Public\Desktop\Office Hours Professional Demo.lnk
2015-04-13 16:39 - 2015-04-13 16:39 - 00000845 _____ () C:\Users\Public\Desktop\Medisoft Advanced Demo.lnk
2015-04-13 16:39 - 2015-04-13 16:39 - 00000814 _____ () C:\Users\Public\Desktop\Work Administrator.lnk
2015-04-13 16:39 - 2015-04-13 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medisoft
2015-04-13 16:38 - 2015-04-13 17:09 - 00000000 ____D () C:\MediData
2015-04-13 16:37 - 2015-04-13 16:38 - 00000000 ____D () C:\Medisoft DEMO DEMO
2015-04-13 16:37 - 2015-04-13 16:37 - 00000533 _____ () C:\Windows\KB893803v2.log
2015-04-13 16:37 - 2015-04-13 16:37 - 00000000 ____D () C:\ProgramData\Medisoft
2015-04-13 16:36 - 2015-04-13 16:36 - 00000000 ____D () C:\Program Files (x86)\Medisoft
2015-04-11 22:08 - 2015-04-11 22:08 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_38CF
2015-04-11 14:32 - 2015-04-11 19:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-11 14:32 - 2015-04-11 14:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-11 14:32 - 2015-04-11 14:32 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-04-11 14:32 - 2015-04-11 14:32 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-04-11 14:32 - 2015-04-11 14:32 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-11 14:32 - 2015-04-11 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-04-11 14:32 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-04-11 13:55 - 2015-04-11 14:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mel\Downloads\spybot-2.4.exe
2015-04-11 13:41 - 2015-04-11 13:41 - 00000000 ____D () C:\Users\Mel\Downloads\backups
2015-04-11 13:33 - 2015-04-11 13:33 - 00012778 _____ () C:\Users\Mel\Downloads\hijackthis.log
2015-04-11 13:31 - 2015-04-11 13:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mel\Desktop\HijackThis.exe
2015-04-11 13:17 - 2015-04-15 00:36 - 00000000 ____D () C:\Program Files (x86)\IndepthEdit
2015-04-11 13:14 - 2015-04-14 15:15 - 00000020 _____ () C:\Users\Mel\AppData\Roaming\appdataFr3.bin
2015-04-08 22:34 - 2015-04-09 23:05 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\.minecraft
2015-04-08 22:34 - 2015-04-08 22:34 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\java
2015-04-08 22:15 - 2015-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-04-08 22:15 - 2015-04-08 22:15 - 00000961 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2015-04-08 22:15 - 2015-04-08 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-04-08 22:11 - 2015-04-08 22:12 - 02314240 _____ () C:\Users\Mel\Downloads\MinecraftInstaller.msi
2015-04-08 12:05 - 2015-04-11 13:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-05 21:15 - 2015-04-05 21:15 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 21:15 - 2015-04-05 21:15 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 19:11 - 2015-04-05 19:15 - 00000000 ____D () C:\Users\Mel\Desktop\Camera phone 04-06
2015-03-31 08:42 - 2015-03-31 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-31 08:42 - 2015-03-31 08:42 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-03-29 23:33 - 2015-03-29 23:33 - 00001022 _____ () C:\Users\Public\Desktop\Soda PDF 3D Reader.lnk
2015-03-29 23:32 - 2015-03-29 23:37 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Soda PDF 3D Reader
2015-03-29 23:32 - 2015-03-29 23:32 - 00000000 ____D () C:\ProgramData\LULU Software
2015-03-29 23:31 - 2015-03-30 00:10 - 00000000 ____D () C:\Users\Mel\Documents\Soda PDF Files
2015-03-29 23:31 - 2015-03-29 23:32 - 00000000 ____D () C:\Program Files (x86)\Soda PDF 3D Reader
2015-03-29 23:31 - 2015-03-29 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF 3D Reader
2015-03-29 23:29 - 2015-03-29 23:29 - 00000000 ____D () C:\ProgramData\Soda PDF 3D Reader
2015-03-29 23:28 - 2015-03-29 23:59 - 00000000 ____D () C:\Users\Mel\Downloads\The Walking Dead Comics 1-134 + Specials
2015-03-29 23:28 - 2015-03-29 23:28 - 05971544 _____ (LULU Software Limited) C:\Users\Mel\Downloads\Soda_3D_7_Installer.exe
2015-03-28 16:38 - 2015-03-28 16:38 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2015-03-28 16:26 - 2015-03-28 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX470 series User Registration
2015-03-28 16:23 - 2015-03-28 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX470 series Manual
2015-03-28 16:09 - 2015-04-09 15:29 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-03-28 16:09 - 2015-03-28 16:09 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2015-03-28 16:07 - 2015-03-28 16:08 - 50908760 _____ () C:\Users\Mel\Downloads\win-mx470-1_0-ucd.exe
2015-03-24 19:01 - 2015-03-24 19:01 - 00000022 _____ () C:\Users\Mel\Downloads\Index Php Calico Jack Spiced R Downloader.zip
2015-03-20 22:54 - 2015-03-20 22:54 - 00000000 ____D () C:\Users\Mel\AppData\OICE_15_974FA576_32C1D314_3C58
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-16 11:49 - 2014-06-30 10:20 - 00000000 ____D () C:\Users\Mel\AppData\Local\Deployment
2015-04-16 11:43 - 2014-08-17 14:29 - 00000000 ____D () C:\Users\Mel\AppData\Local\LogMeIn Hamachi
2015-04-16 11:09 - 2014-06-30 13:00 - 01300344 _____ () C:\Windows\WindowsUpdate.log
2015-04-16 10:50 - 2015-01-12 18:12 - 00000000 ____D () C:\Users\Mel\AppData\Local\Battle.net
2015-04-16 10:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2015-04-16 09:57 - 2015-01-08 18:37 - 00000000 ____D () C:\Users\Mel\AppData\Local\Adobe
2015-04-16 09:56 - 2009-07-14 00:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-16 09:56 - 2009-07-14 00:45 - 00027344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-16 09:50 - 2014-06-30 10:19 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB52D448-0961-4830-9779-72FC4E3589E8}
2015-04-16 09:49 - 2015-01-14 18:49 - 00000000 ____D () C:\Program Files (x86)\Windstream Support Center
2015-04-16 09:49 - 2014-07-15 08:48 - 00000000 ___RD () C:\Users\Mel\Dropbox
2015-04-16 09:49 - 2014-07-15 08:45 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Dropbox
2015-04-16 09:48 - 2009-07-14 00:51 - 00145704 _____ () C:\Windows\setupact.log
2015-04-16 09:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-16 09:46 - 2014-06-30 10:55 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-15 23:36 - 2014-08-31 22:54 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Mumble
2015-04-15 03:25 - 2010-11-20 23:47 - 00167988 _____ () C:\Windows\PFRO.log
2015-04-15 03:09 - 2015-01-18 23:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-15 03:09 - 2015-01-18 23:24 - 00000000 ____D () C:\Program Files (x86)\Office15
2015-04-15 03:08 - 2015-01-18 23:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 03:04 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2015-04-15 01:15 - 2014-06-30 10:20 - 00000000 ____D () C:\Users\Mel\AppData\Local\Google
2015-04-15 01:15 - 2014-06-30 10:20 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-15 00:36 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2015-04-15 00:36 - 2009-07-14 01:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-14 23:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-14 23:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-04-14 19:15 - 2014-12-19 14:36 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-14 19:15 - 2014-06-30 12:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-14 19:00 - 2014-06-30 10:48 - 00773912 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-14 19:00 - 2009-07-14 01:13 - 00773912 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 18:58 - 2014-06-30 11:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 18:52 - 2014-06-30 11:56 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 15:28 - 2014-07-01 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-04-14 15:28 - 2014-07-01 14:38 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-04-14 15:28 - 2014-06-30 10:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-13 19:25 - 2009-07-14 00:45 - 05076568 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-13 19:20 - 2014-06-30 10:20 - 00118072 _____ () C:\Users\Mel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-12 13:40 - 2015-01-08 18:14 - 00000000 ____D () C:\Program Files\Canon
2015-04-12 13:40 - 2015-01-08 18:11 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-04-12 02:01 - 2014-12-29 01:17 - 00000000 ____D () C:\Users\Mel\AppData\Local\Plex Media Server
2015-04-11 20:22 - 2015-02-11 14:09 - 00000000 ____D () C:\Users\Mel\AppData\Local\AddLive_v3
2015-04-11 13:43 - 2014-07-01 19:35 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Skype
2015-04-11 13:31 - 2014-06-30 10:10 - 00000000 ____D () C:\Users\Mel\AppData\Local\VirtualStore
2015-04-09 22:12 - 2014-07-15 08:48 - 00001009 _____ () C:\Users\Mel\Desktop\Dropbox.lnk
2015-04-09 22:12 - 2014-07-15 08:46 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 21:13 - 2014-11-07 15:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 18:23 - 2015-01-12 18:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-07 16:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-06 22:32 - 2014-07-02 08:13 - 00000000 ____D () C:\Users\Mel\AppData\Roaming\vlc
2015-04-06 20:44 - 2014-12-29 00:19 - 00000000 ____D () C:\Users\Mel\Desktop\School
2015-04-06 20:14 - 2015-01-12 18:16 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-03-31 08:42 - 2014-08-17 14:28 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-03-30 15:25 - 2014-09-04 11:15 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-29 13:02 - 2014-06-30 10:10 - 00000000 ____D () C:\Users\Mel
2015-03-28 16:26 - 2015-01-08 18:19 - 00002025 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2015-03-28 16:26 - 2015-01-08 18:19 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2015-03-28 16:26 - 2015-01-08 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-03-28 16:23 - 2015-01-08 18:14 - 00002358 _____ () C:\Users\Public\Desktop\Canon MX470 series On-screen Manual.lnk
2015-03-20 12:21 - 2014-10-16 03:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-20 12:21 - 2014-07-01 19:35 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-04-11 13:14 - 2015-04-14 15:15 - 0000020 _____ () C:\Users\Mel\AppData\Roaming\appdataFr3.bin
2014-08-26 20:49 - 2014-08-26 20:49 - 0000008 _____ () C:\Users\Mel\AppData\Roaming\Lucid_player_highscore.dat
2014-08-26 20:49 - 2014-08-26 20:49 - 0000212 _____ () C:\Users\Mel\AppData\Roaming\Lucid_player_profiles_data.dat
2014-07-03 10:34 - 2014-09-03 11:16 - 0010752 _____ () C:\Users\Mel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\Mel\AppData\Local\Temp\ChangeMSIProductCode.exe
C:\Users\Mel\AppData\Local\Temp\ChkClientInst.exe
C:\Users\Mel\AppData\Local\Temp\CTreeInstallValidation.exe
C:\Users\Mel\AppData\Local\Temp\CTreeServ.exe
C:\Users\Mel\AppData\Local\Temp\DeleteFolder.exe
C:\Users\Mel\AppData\Local\Temp\DeleteShortCut.exe
C:\Users\Mel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphv147g.dll
C:\Users\Mel\AppData\Local\Temp\FHXPFVWCFDT.exe
C:\Users\Mel\AppData\Local\Temp\GEEATVQG.exe
C:\Users\Mel\AppData\Local\Temp\ini2cmd.exe
C:\Users\Mel\AppData\Local\Temp\ini2msi.exe
C:\Users\Mel\AppData\Local\Temp\JJ.exe
C:\Users\Mel\AppData\Local\Temp\KillProcess.dll
C:\Users\Mel\AppData\Local\Temp\KillProcess.exe
C:\Users\Mel\AppData\Local\Temp\ModifyMSIProductCode.exe
C:\Users\Mel\AppData\Local\Temp\QBZ.exe
C:\Users\Mel\AppData\Local\Temp\SwapText.exe
C:\Users\Mel\AppData\Local\Temp\VLHTI.exe
C:\Users\Mel\AppData\Local\Temp\VPBZQUFHRR.exe
C:\Users\Mel\AppData\Local\Temp\WUSKOHQMU.exe
C:\Users\Mel\AppData\Local\Temp\Y.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 16:09
==================== End Of Log ============================
When I tried to post the topic with Addition.txt, the post editor said I had to shorten the post 'a little'. Very unhelpful. Can we get a max character counter please?
Addition.txt
Browser extensions self-installing, folders with random characters appearing in ProgramData
in Resolved Malware Removal Logs
Posted
All clear. Created the fixlog.txt and everything looked fine, but then Delfix removed it. =) Also removed my Hijack This, that's irritating but I can redownload it.
Thanks a bunch and I appreciate the help!