Jump to content

Search the Community

Showing results for tags 'PROXY'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Please help me.On 27 virus enable a proxy server "127.0.0.1:8118" i reseted the settings of google chrome and but yesterday proxy enabled again when i started a maware bytes scan i saw maware "PUM.bad.proxy" i searched in wikipedia and I understanded it's a virus which changes my proxy server maware bytes "cleaned it" but today i didn't was donwload nothing,but when i started chrome again the proxy was changed.at 9:00 i started search and it again shonw a maware named "PUM.bad.proxy
  2. Hi could you please assist. My PC (Win 7) IE 11 keeps resetting back to proxy 127.0.0.1. I have attached the farbar generated files herewith. Hope this this the first step is right. Thanks and regards Addition.txt FRST.txt Shortcut.txt
  3. I had accidentally installed some unwanted programs while downloading a torrent software. I am stuck with this proxy server which i cannot remove. I have already tried resetting my browser settings to default, manually turning off proxy servers in my network settings and removed my utorrent. I am using Windows 8.1 as my operating system. Looking forward to support and a solution.. Thank you so much!
  4. Hi there, newbie here. I borrowed my mother-in-laws Dell laptop and told her I'd try and clean it up a bit. While trying to get rid of some bad stuff, I must have done something wrong, because now whenever I open up IE or Chrome i get the message "Proxy Server Not Responding." I have tried unchecking it from LAN settings in IE, tried resetting IE, ran malwarebytes and got a clean scan... I am truly stumped. I have no idea what to do. Note: I also ran sfc in CommandPrompt, everything came back ok. Please help?!
  5. I have probably a Trojan or some sort on my laptop right now. It doesn't allow me to change the browser proxy settings, it's configured to loopback on 127.0.0.1:8080 and can only get rid of the configurations when I start a browser through administrative rights, but when I restart the computer of close the program it changes the configurations back to the same. When I visit Google, I noticed that the search page does not look the same. I have previously run many threat searches and removed a few things, but the issue is not resolved. Here is my log Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015Ran by OMGHA (administrator) on SHERRY-LAP on 06-01-2015 12:32:07Running from C:\Users\OMGHA\Downloads\ProgramsLoaded Profile: OMGHA (Available profiles: Sherry & OMGHA)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe(InstallShield) C:\Program Files (x86)\avast! Updater\Updater.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(AMD) C:\Windows\System32\atieclxx.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(resolution Reichert Network Solutions GmbH) C:\Program Files (x86)\Your Freedom\freedom.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11831400 2011-04-22] (Realtek Semiconductor)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-02-18] (Lenovo)HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2012-02-18] (Lenovo (Beijing) Limited)HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-02-18] (Lenovo(beijing) Limited)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM\...\Run: [softEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4374072 2014-12-20] (SoftEther VPN Project at University of Tsukuba, Japan.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-27] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-27] (Oracle Corporation)HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-16] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-12-09] (AVAST Software)HKU\S-1-5-21-1992856194-2626363674-791745257-1004\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [7063832 2014-11-22] (Piriform Ltd)HKU\S-1-5-21-1992856194-2626363674-791745257-1004\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2014-12-21] (Tonec Inc.)HKU\S-1-5-21-1992856194-2626363674-791745257-1004\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)HKU\S-1-5-21-1992856194-2626363674-791745257-1004\...\Run: [Lantern] => [X]HKU\S-1-5-21-1992856194-2626363674-791745257-1004\...\Run: [Viber] => C:\Users\OMGHA\AppData\Local\Viber\Viber.exe [936656 2014-10-20] ()HKU\S-1-5-21-1992856194-2626363674-791745257-1004\...\RunOnce: [Adobe Speed Launcher] => 1420526160Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnkShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No FileShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No FileShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No FileShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)ShellIconOverlayIdentifiers: [iDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1992856194-2626363674-791745257-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONProxyEnable: [HKLM] => ProxyEnable is set.ProxyEnable: [HKLM-x32] => ProxyEnable is set.ProxyServer: [HKLM] => http=127.0.0.1:8001;https=127.0.0.1:8001ProxyServer: [HKLM-x32] => http=127.0.0.1:8001;https=127.0.0.1:8001ProxyEnable: [s-1-5-21-1992856194-2626363674-791745257-1004] => Internet Explorer proxy is enabled.ProxyServer: [s-1-5-21-1992856194-2626363674-791745257-1004] => ftp=localhost:8080;gopher=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:1080HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\S-1-5-21-1992856194-2626363674-791745257-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENNHKU\S-1-5-21-1992856194-2626363674-791745257-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1992856194-2626363674-791745257-1004 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENNSearchScopes: HKU\S-1-5-21-1992856194-2626363674-791745257-1004 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENNBHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)DPF: HKLM-x32 {22A6822D-F690-11D3-8B46-002078E01DE4} https://secure.freightliner.com/partspro/Setup/PartsPro_en-usv5_1_31.cabDPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cabHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{689530A0-DBE6-4303-83A1-7ED4630AECEC}: [NameServer] 8.8.4.4,8.8.8.8Tcpip\..\Interfaces\{AC0DBB39-A12F-4619-9A82-1D5FC4818D9D}: [NameServer] 10.11.0.2 65.19.175.2Tcpip\..\Interfaces\{B550D01C-ACEF-4B51-A6A7-5F5CE9528720}: [NameServer] 107.20.150.147,8.8.8.8,8.8.4.4 FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No FileFF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)FF Extension: Lantern Proxy Configurator - C:\Users\OMGHA\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\lantern@getlantern.org [2014-12-24]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-09]FF HKU\S-1-5-21-1992856194-2626363674-791745257-1004\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\OMGHA\AppData\Roaming\IDM\idmmzcc5FF Extension: IDM CC - C:\Users\OMGHA\AppData\Roaming\IDM\idmmzcc5 [2014-12-21] Chrome: =======CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Drive) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-11]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-10]CHR Extension: (YouTube) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-11]CHR Extension: (Adblock Plus) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-10]CHR Extension: (Google Search) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-11]CHR Extension: (Tampermonkey) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-21]CHR Extension: (Avast Online Security) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-10]CHR Extension: (Pin It Button) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-12-23]CHR Extension: (LastPass: Free Password Manager) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-12-10]CHR Extension: (IDM Integration Module) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-12-19]CHR Extension: (FVD Downloader) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-12-24]CHR Extension: (Google Wallet) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-10]CHR Extension: (Gmail) - C:\Users\OMGHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-11]CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-16]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-16] (Advanced Micro Devices, Inc.) [File not signed]R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)S3 OliveService; C:\Program Files (x86)\Olive\Service\svc\oliveservice.exe [80896 2013-03-28] (Apache Software Foundation) [File not signed]S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4374072 2014-12-20] (SoftEther VPN Project at University of Tsukuba, Japan.)R2 Updater.exe; C:\Program Files (x86)\avast! Updater\Updater.exe [35328 2014-11-14] (InstallShield) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-09] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-12-09] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-12-09] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-12-09] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-12-09] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-12-09] ()S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [15160 2010-06-03] (Windows ® Codename Longhorn DDK provider)R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-06] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0057.sys [28768 2014-12-20] (SoftEther VPN Project at University of Tsukuba, Japan.)R3 SEE; C:\Windows\System32\drivers\see.sys [38240 2014-12-20] (SoftEther VPN Project at University of Tsukuba, Japan.)S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)U3 BcmSqlStartupSvc; No ImagePathS3 catchme; \??\C:\ComboFix\catchme.sys [X]U2 CLKMSVC10_3A60B698; No ImagePathU2 CLKMSVC10_C3B3B687; No ImagePathS3 clwvd; system32\DRIVERS\clwvd.sys [X]U2 DriverService; No ImagePathS3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]U2 IAStorDataMgrSvc; No ImagePathU2 iATAgentService; No ImagePathU2 idealife Update Service; No ImagePathU3 IGRS; No ImagePathU2 IviRegMgr; No ImagePathU2 nvUpdatusService; No ImagePathU2 Oasis2Service; No ImagePathU2 PCCarerService; No ImagePathU2 ReadyComm.DirectRouter; No ImagePathU2 RichVideo; No ImagePathU2 RtLedService; No ImagePathU2 SeaPort; No ImagePathU2 SoftwareService; No ImagePathU3 SQLWriter; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-06 09:58 - 2015-01-06 09:58 - 00000606 _____ () C:\windows\PFRO.log2015-01-05 16:27 - 2015-01-05 16:28 - 00000000 ____D () C:\Users\OMGHA\Desktop\video2015-01-05 15:16 - 2015-01-05 17:26 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\avidemux2015-01-05 15:16 - 2015-01-05 15:16 - 00000907 _____ () C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk2015-01-05 15:16 - 2015-01-05 15:16 - 00000000 ____D () C:\Program Files\Avidemux 2.6 - 64bits2015-01-05 15:01 - 2015-01-05 15:08 - 245583695 _____ () C:\Users\OMGHA\Desktop\My Movie.mp42015-01-05 14:58 - 2015-01-05 15:01 - 00000000 ____D () C:\Users\OMGHA\Documents\Freemake2015-01-05 14:58 - 2015-01-05 15:01 - 00000000 ____D () C:\ProgramData\Freemake2015-01-05 14:58 - 2015-01-05 14:58 - 00001280 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk2015-01-05 14:58 - 2015-01-05 14:58 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake2015-01-05 14:58 - 2015-01-05 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake2015-01-05 14:57 - 2015-01-05 14:58 - 00000000 ____D () C:\Program Files (x86)\Freemake2015-01-04 17:05 - 2015-01-04 17:05 - 00006344 _____ () C:\Users\OMGHA\Documents\My Movie.wlmp2015-01-04 10:32 - 2015-01-05 16:41 - 00000000 ____D () C:\Users\OMGHA\Desktop\Iraj phone2015-01-04 07:25 - 2015-01-04 02:23 - 1010057169 ____N () C:\Users\OMGHA\Desktop\Film Kamel Farsh Ghermez _ فیلم کامل فرش قرمز _ Red Carpet Full Iranian Movie __HD.mp42015-01-03 18:47 - 2015-01-03 22:46 - 00000000 ____D () C:\Users\OMGHA\Desktop\Toronto2015-01-03 14:59 - 2015-01-03 14:59 - 00000000 ____D () C:\Noor2015-01-03 14:58 - 2015-01-03 14:58 - 00001822 _____ () C:\Users\OMGHA\Desktop\The Shahnameh of Ferdowsi.lnk2015-01-03 14:58 - 2015-01-03 14:58 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Noor2015-01-03 14:47 - 2015-01-03 15:33 - 00002981 _____ () C:\windows\Er00275.INI2015-01-03 14:47 - 2015-01-03 14:56 - 00000000 ____D () C:\Program Files (x86)\Noor2015-01-03 14:47 - 2015-01-03 14:47 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Noor2014-12-29 18:08 - 2014-12-29 18:08 - 00000000 ____D () C:\Users\OMGHA\Downloads\Foxcatcher (2014) 720p HDRip x264 AC3-CPG2014-12-29 12:57 - 2015-01-06 09:58 - 00004110 _____ () C:\windows\setupact.log2014-12-29 12:57 - 2014-12-29 12:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-12-29 12:57 - 2014-12-29 12:57 - 00000000 _____ () C:\windows\setuperr.log2014-12-27 20:26 - 2014-12-27 20:26 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Apple Computer2014-12-27 15:20 - 2015-01-06 10:06 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\ViberPC2014-12-27 15:20 - 2014-12-27 15:20 - 00001066 _____ () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk2014-12-27 15:20 - 2014-12-27 15:20 - 00001058 _____ () C:\Users\OMGHA\Desktop\Viber.lnk2014-12-27 15:14 - 2015-01-06 10:06 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Viber2014-12-27 13:39 - 2014-12-27 13:39 - 00278554 _____ () C:\Users\OMGHA\Documents\cc_20141227_133933.reg2014-12-27 12:52 - 2014-12-27 12:52 - 00000000 ____D () C:\Program Files (x86)\EaseUS2014-12-27 12:49 - 2014-12-27 12:52 - 00000000 ____D () C:\Users\OMGHA\Downloads\EaseUS.Partition.Master.v10.2.Multilingual.Incl.Keygen-TSZ2014-12-27 12:48 - 2014-12-27 12:48 - 00002022 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk2014-12-27 12:48 - 2014-12-27 12:48 - 00001962 _____ () C:\Users\Public\Desktop\Avast Pro Antivirus.lnk2014-12-27 12:46 - 2014-12-09 17:44 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe2014-12-27 12:35 - 2014-12-27 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software2014-12-27 12:09 - 2014-12-27 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung2014-12-27 11:41 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\windows\SysWOW64\secman.dll2014-12-27 11:20 - 2014-12-27 12:40 - 00000000 ____D () C:\Program Files\SAMSUNG2014-12-26 07:37 - 2015-01-03 09:09 - 00000000 ____D () C:\Users\OMGHA\Desktop\Temp2014-12-25 15:32 - 2014-12-27 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer2014-12-25 15:32 - 2014-12-27 12:40 - 00000000 ____D () C:\Program Files (x86)\Fotosizer2014-12-25 15:32 - 2014-12-25 15:32 - 00000979 _____ () C:\Users\Public\Desktop\Fotosizer.lnk2014-12-25 15:04 - 2014-12-25 15:28 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\IrfanView2014-12-25 14:52 - 2014-12-27 12:39 - 00000000 ____D () C:\Users\OMGHA\Documents\High Motion Software2014-12-25 07:25 - 2014-12-25 08:27 - 882795069 _____ () C:\Users\OMGHA\Downloads\The.Interview.2014.HDRIP.x264-TOPKEK.mp42014-12-24 12:20 - 2014-12-24 12:20 - 00012001 _____ () C:\Users\OMGHA\Downloads\download.htm2014-12-24 10:22 - 2014-12-27 12:41 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Your Freedom2014-12-24 10:06 - 2014-12-27 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Freedom2014-12-24 10:06 - 2014-12-27 12:40 - 00000000 ____D () C:\Program Files (x86)\Your Freedom2014-12-24 08:22 - 2015-01-03 15:35 - 00000000 ____D () C:\Users\OMGHA\Downloads\Homeland.S04E11.HDTV.x264-KILLERS2014-12-24 06:42 - 2014-12-27 16:34 - 00000000 ____D () C:\Users\OMGHA\.lantern2014-12-24 06:42 - 2014-12-27 12:41 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\byteexec2014-12-24 06:42 - 2014-12-27 12:40 - 00000000 ____D () C:\Users\OMGHA\.littleshoot2014-12-24 06:42 - 2014-12-27 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lantern2014-12-24 06:42 - 2014-12-27 12:39 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Mozilla2014-12-24 06:41 - 2014-12-27 12:41 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Lantern2014-12-23 06:32 - 2014-12-27 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 52014-12-23 06:32 - 2014-12-27 12:40 - 00000000 ____D () C:\Program Files\CyberGhost 52014-12-23 06:32 - 2014-12-23 06:54 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\CyberGhost2014-12-22 18:25 - 2015-01-06 12:32 - 00000000 ____D () C:\FRST2014-12-22 18:15 - 2014-12-22 18:15 - 00033668 _____ () C:\ComboFix.txt2014-12-22 17:57 - 2014-12-22 18:15 - 00000000 ____D () C:\Qoobox2014-12-22 17:57 - 2011-06-26 10:15 - 00256000 _____ () C:\windows\PEV.exe2014-12-22 17:57 - 2010-11-07 20:50 - 00208896 _____ () C:\windows\MBR.exe2014-12-22 17:57 - 2009-04-20 08:26 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe2014-12-22 17:57 - 2000-08-31 03:30 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe2014-12-22 17:57 - 2000-08-31 03:30 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe2014-12-22 17:57 - 2000-08-31 03:30 - 00098816 _____ () C:\windows\sed.exe2014-12-22 17:57 - 2000-08-31 03:30 - 00080412 _____ () C:\windows\grep.exe2014-12-22 17:57 - 2000-08-31 03:30 - 00068096 _____ () C:\windows\zip.exe2014-12-22 17:56 - 2014-12-22 18:13 - 00000000 ____D () C:\windows\erdnt2014-12-22 14:33 - 2014-12-22 14:33 - 00000000 ____D () C:\Program Files (x86)\ESET2014-12-22 12:07 - 2014-12-22 12:07 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf2014-12-21 15:47 - 2014-12-21 15:47 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\FastStone2014-12-21 15:47 - 2014-12-21 15:47 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\FastStone2014-12-21 15:44 - 2014-12-21 15:46 - 00001077 _____ () C:\Users\Public\Desktop\FastStone Photo Resizer.lnk2014-12-21 15:44 - 2014-12-21 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer2014-12-21 15:44 - 2014-12-21 15:44 - 00000000 ____D () C:\Program Files (x86)\FastStone Photo Resizer2014-12-21 14:08 - 2014-12-21 14:08 - 00001801 _____ () C:\Users\OMGHA\Desktop\Anti-Filter - Shortcut.lnk2014-12-21 10:43 - 2014-12-21 10:43 - 00003170 _____ () C:\windows\System32\Tasks\{3D5E9428-B464-428C-8F91-4C66CB6CA0DF}2014-12-21 10:19 - 2014-12-21 10:19 - 00235302 _____ () C:\Users\OMGHA\AppData\Local\census.cache2014-12-21 10:19 - 2014-12-21 10:19 - 00195823 _____ () C:\Users\OMGHA\AppData\Local\ars.cache2014-12-21 10:16 - 2014-12-21 10:16 - 00000010 _____ () C:\Users\OMGHA\AppData\Local\sponge.last.runtime.cache2014-12-21 09:35 - 2013-09-28 06:26 - 00285208 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys2014-12-21 09:33 - 2014-12-21 09:33 - 00000036 _____ () C:\Users\OMGHA\AppData\Local\housecall.guid.cache2014-12-21 08:40 - 2014-12-27 13:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-12-21 08:40 - 2014-12-21 08:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy2014-12-21 08:40 - 2014-12-21 08:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy2014-12-21 06:07 - 2014-12-21 12:08 - 00000969 _____ () C:\Users\OMGHA\Desktop\Internet Download Manager.lnk2014-12-21 06:07 - 2014-12-21 06:07 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager2014-12-21 06:07 - 2014-12-21 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager2014-12-21 05:57 - 2014-12-21 05:58 - 00000000 ____D () C:\Users\OMGHA\Downloads\Internet Download Manager IDM 6.21 Build 17 Final Incl. Crack [ATOM]2014-12-20 21:29 - 2014-12-20 21:29 - 00000000 ____D () C:\Program Files (x86)\Olive2014-12-20 20:55 - 2014-12-20 20:55 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\Drivers\Neo_0057.sys2014-12-20 20:12 - 2014-12-20 20:12 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk2014-12-20 20:12 - 2014-12-20 20:12 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk2014-12-20 20:12 - 2014-12-20 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client2014-12-20 18:11 - 2014-11-27 05:13 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2014-12-20 18:11 - 2014-11-27 04:40 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2014-12-20 18:11 - 2014-11-22 06:43 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-12-20 18:11 - 2014-11-22 06:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-12-20 18:11 - 2014-11-22 06:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2014-12-20 18:11 - 2014-11-22 06:20 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2014-12-20 18:11 - 2014-11-22 06:20 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-12-20 18:11 - 2014-11-22 06:19 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-12-20 18:11 - 2014-11-22 06:19 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2014-12-20 18:11 - 2014-11-22 06:18 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2014-12-20 18:11 - 2014-11-22 06:11 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-12-20 18:11 - 2014-11-22 06:10 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-12-20 18:11 - 2014-11-22 06:07 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2014-12-20 18:11 - 2014-11-22 06:05 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2014-12-20 18:11 - 2014-11-22 06:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2014-12-20 18:11 - 2014-11-22 05:56 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2014-12-20 18:11 - 2014-11-22 05:52 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-12-20 18:11 - 2014-11-22 05:52 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-12-20 18:11 - 2014-11-22 05:50 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-12-20 18:11 - 2014-11-22 05:44 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2014-12-20 18:11 - 2014-11-22 05:39 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-12-20 18:11 - 2014-11-22 05:38 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2014-12-20 18:11 - 2014-11-22 05:37 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2014-12-20 18:11 - 2014-11-22 05:37 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-12-20 18:11 - 2014-11-22 05:36 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2014-12-20 18:11 - 2014-11-22 05:35 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-12-20 18:11 - 2014-11-22 05:35 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2014-12-20 18:11 - 2014-11-22 05:31 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-12-20 18:11 - 2014-11-22 05:29 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-12-20 18:11 - 2014-11-22 05:28 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-12-20 18:11 - 2014-11-22 05:26 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2014-12-20 18:11 - 2014-11-22 05:24 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2014-12-20 18:11 - 2014-11-22 05:19 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-12-20 18:11 - 2014-11-22 05:19 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-12-20 18:11 - 2014-11-22 05:17 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2014-12-20 18:11 - 2014-11-22 05:16 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-12-20 18:11 - 2014-11-22 05:15 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-12-20 18:11 - 2014-11-22 05:13 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-12-20 18:11 - 2014-11-22 05:10 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2014-12-20 18:11 - 2014-11-22 05:06 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-12-20 18:11 - 2014-11-22 05:05 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2014-12-20 18:11 - 2014-11-22 05:03 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-12-20 18:11 - 2014-11-22 04:59 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-12-20 18:11 - 2014-11-22 04:58 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-12-20 18:11 - 2014-11-22 04:53 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-12-20 18:11 - 2014-11-22 04:52 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-12-20 18:11 - 2014-11-22 04:51 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2014-12-20 18:11 - 2014-11-22 04:45 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-12-20 18:11 - 2014-11-22 04:43 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-12-20 18:11 - 2014-11-22 04:33 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2014-12-20 18:11 - 2014-11-22 04:30 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-12-20 18:11 - 2014-11-22 04:26 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-12-20 18:11 - 2014-11-22 04:24 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2014-12-19 22:50 - 2015-01-04 20:09 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\HandBrake2014-12-19 21:05 - 2014-12-24 06:45 - 00000511 _____ () C:\Users\OMGHA\Downloads\Backup-codes-ogharipour.txt2014-12-19 19:39 - 2014-12-04 06:20 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll2014-12-19 19:39 - 2014-12-04 06:20 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll2014-12-19 19:39 - 2014-12-04 06:20 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll2014-12-19 19:39 - 2014-12-04 06:14 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll2014-12-19 19:39 - 2014-12-02 02:58 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe2014-12-19 19:38 - 2014-12-04 06:20 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll2014-12-19 19:38 - 2014-12-04 06:20 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll2014-12-19 19:38 - 2014-12-04 06:20 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll2014-12-19 19:20 - 2014-12-20 20:51 - 00000600 _____ () C:\Users\OMGHA\AppData\Local\PUTTY.RND2014-12-19 18:31 - 2014-11-11 06:39 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll2014-12-19 18:31 - 2014-11-11 06:14 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll2014-12-19 18:31 - 2014-11-11 05:16 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys2014-12-19 18:26 - 2014-10-30 05:33 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe2014-12-19 18:26 - 2014-10-30 05:15 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe2014-12-19 18:26 - 2014-10-03 05:42 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll2014-12-19 18:26 - 2014-10-03 05:42 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll2014-12-19 18:26 - 2014-10-03 05:42 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll2014-12-19 18:26 - 2014-10-03 05:41 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe2014-12-19 18:26 - 2014-10-03 05:15 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll2014-12-19 18:26 - 2014-10-03 05:15 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll2014-12-19 18:26 - 2014-10-03 05:15 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll2014-12-19 18:26 - 2014-10-03 05:14 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe2014-12-19 18:20 - 2014-11-08 06:46 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll2014-12-19 18:20 - 2014-11-08 06:15 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll2014-12-19 13:19 - 2014-12-19 14:34 - 00000000 ____D () C:\Users\OMGHA\Documents\Adobe2014-12-19 11:35 - 2014-10-18 05:35 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll2014-12-19 11:35 - 2014-10-18 05:03 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll2014-12-18 17:22 - 2014-12-13 08:39 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2014-12-18 17:22 - 2014-12-13 07:03 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2014-12-18 09:57 - 2014-12-18 09:57 - 00000000 ____D () C:\Users\Public\Documents\CrashDump2014-12-18 09:14 - 2014-12-18 09:14 - 00000000 ____D () C:\Users\OMGHA\Documents\SelfMV2014-12-18 07:37 - 2014-12-27 11:58 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Samsung2014-12-18 07:37 - 2014-12-18 09:43 - 00000000 ____D () C:\Users\OMGHA\Documents\samsung2014-12-18 07:37 - 2014-12-18 07:37 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log2014-12-18 07:30 - 2014-12-27 12:37 - 00000000 ____D () C:\Program Files (x86)\Samsung2014-12-18 07:30 - 2014-12-18 09:41 - 00000000 ____D () C:\ProgramData\Samsung2014-12-18 07:10 - 2014-12-19 10:14 - 00000000 ____D () C:\Users\OMGHA\.android2014-12-18 07:09 - 2014-12-18 07:09 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Kingosoft2014-12-17 22:41 - 2014-12-17 22:41 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\CompleteFCE2014-12-16 16:11 - 2014-11-29 04:07 - 00180648 _____ (Tonec Inc.) C:\windows\system32\Drivers\idmwfp.sys2014-12-11 23:21 - 2014-12-19 10:16 - 00000000 ____D () C:\EEK2014-12-11 22:17 - 2014-12-19 10:14 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Apps\2.02014-12-11 22:17 - 2014-12-11 22:17 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Deployment2014-12-11 22:13 - 2014-12-11 22:13 - 01123665 _____ () C:\Users\OMGHA\Documents\bookmarks_12_11_14.html2014-12-11 21:33 - 2014-12-21 09:33 - 00000000 ____D () C:\Users\OMGHA\Desktop\Malware Detection Software2014-12-11 20:53 - 2014-12-11 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-12-11 09:33 - 2014-12-11 09:33 - 00000000 __SHD () C:\Users\OMGHA\AppData\Local\EmieUserList2014-12-11 09:33 - 2014-12-11 09:33 - 00000000 __SHD () C:\Users\OMGHA\AppData\Local\EmieSiteList2014-12-11 09:33 - 2014-12-11 09:33 - 00000000 __SHD () C:\Users\OMGHA\AppData\Local\EmieBrowserModeList2014-12-11 07:34 - 2014-12-20 11:50 - 00000000 ____D () C:\windows\system32\appraiser2014-12-11 06:26 - 2014-12-11 06:26 - 00000000 ____D () C:\ProgramData\ATI2014-12-11 06:23 - 2014-12-11 06:23 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\library_dir2014-12-11 06:22 - 2014-12-19 10:14 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Raptr2014-12-11 05:52 - 2014-12-11 05:52 - 00001145 _____ () C:\Users\Sherry\Desktop\Music.lnk2014-12-11 05:51 - 2014-12-11 05:51 - 00001214 _____ () C:\Users\Sherry\Desktop\Movies.lnk2014-12-10 18:26 - 2014-12-19 13:19 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Adobe2014-12-10 18:23 - 2014-12-19 10:17 - 00000000 ____D () C:\Users\OMGHA\.ebookreader2014-12-10 17:20 - 2014-12-19 10:17 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Winamp2014-12-10 15:34 - 2014-11-22 06:04 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-12-10 15:34 - 2014-10-03 05:42 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll2014-12-10 15:34 - 2014-10-03 05:15 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll2014-12-10 09:19 - 2014-12-10 09:19 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Macromedia2014-12-10 09:14 - 2014-12-10 09:15 - 00000000 ____D () C:\Users\OMGHA\.rssowl22014-12-10 09:13 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSSOwl2014-12-10 09:13 - 2014-12-10 09:15 - 00000000 ____D () C:\Program Files (x86)\RSSOwl2014-12-10 09:13 - 2014-12-10 09:13 - 00001809 _____ () C:\Users\OMGHA\Desktop\RSSOwl.lnk2014-12-10 09:13 - 2014-12-10 09:13 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RSSOwl2014-12-10 08:37 - 2014-12-10 08:37 - 00001989 _____ () C:\Users\OMGHA\Desktop\Movies.lnk2014-12-10 08:36 - 2014-12-10 08:37 - 00001860 _____ () C:\Users\OMGHA\Desktop\Music.lnk2014-12-10 08:29 - 2014-12-11 04:46 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Mp3tag2014-12-10 08:24 - 2014-12-10 08:24 - 00001749 _____ () C:\Users\OMGHA\Desktop\uTorrent.lnk2014-12-10 08:22 - 2014-12-10 08:22 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\uTorrent2014-12-10 07:56 - 2014-12-10 17:45 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Skype2014-12-10 07:56 - 2014-12-10 07:56 - 00002097 _____ () C:\Users\OMGHA\Desktop\Skype.lnk2014-12-10 07:56 - 2014-12-10 07:56 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Skype2014-12-10 07:49 - 2014-12-10 07:49 - 00000693 _____ () C:\Users\OMGHA\Desktop\Spelunky.lnk2014-12-10 07:45 - 2014-12-10 07:45 - 00001533 _____ () C:\Users\OMGHA\Desktop\Bastion.lnk2014-12-10 07:44 - 2014-12-10 07:44 - 00001350 _____ () C:\Users\OMGHA\Desktop\Mp3tag.lnk2014-12-10 07:43 - 2014-12-10 07:43 - 00001632 _____ () C:\Users\OMGHA\Desktop\CompleteFCE.lnk2014-12-10 07:42 - 2014-12-10 07:42 - 00002101 _____ () C:\Users\OMGHA\Desktop\Counter-Strike_Global_Offensive.lnk2014-12-10 07:01 - 2014-12-10 07:01 - 00002145 _____ () C:\Users\OMGHA\Desktop\Fifa14.lnk2014-12-10 06:59 - 2015-01-06 12:30 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\DMCache2014-12-10 06:59 - 2015-01-05 15:45 - 00000000 ____D () C:\Users\OMGHA\Downloads\Compressed2014-12-10 06:59 - 2014-12-27 15:14 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\IDM2014-12-10 06:59 - 2014-12-24 12:35 - 00000000 ____D () C:\Users\OMGHA\Downloads\Video2014-12-10 06:57 - 2014-12-10 06:57 - 00000000 ____D () C:\Users\OMGHA\Downloads\Games2014-12-10 06:55 - 2015-01-05 16:29 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\vlc2014-12-10 06:26 - 2014-12-10 06:26 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\AVAST Software2014-12-10 05:12 - 2014-12-10 05:45 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Mp3tag2014-12-10 05:09 - 2014-12-10 05:09 - 00000000 ____D () C:\Program Files (x86)\Mp3tag2014-12-09 21:22 - 2014-12-19 10:17 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\vlc2014-12-09 21:11 - 2014-12-09 21:21 - 00000000 ____D () C:\Users\Sherry\Documents\FIFA 142014-12-09 21:11 - 2014-12-09 21:11 - 00000000 ____D () C:\ProgramData\Electronic Arts2014-12-09 21:10 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN2014-12-09 21:10 - 2014-12-09 21:10 - 00000000 ____D () C:\ProgramData\Origin2014-12-09 18:37 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoVPN2014-12-09 18:37 - 2014-12-09 19:53 - 00000000 ____D () C:\Program Files (x86)\GoVPN2014-12-09 18:07 - 2014-12-09 18:10 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager2014-12-09 17:49 - 2014-12-09 17:49 - 01180529 _____ () C:\windows\unins000.exe2014-12-09 17:49 - 2014-12-09 17:49 - 00001239 _____ () C:\windows\unins000.dat2014-12-09 17:45 - 2015-01-06 09:23 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update2014-12-09 17:45 - 2014-12-09 17:45 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\AVAST Software2014-12-09 17:44 - 2014-12-09 17:45 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys2014-12-09 17:44 - 2014-12-09 17:45 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys2014-12-09 17:44 - 2014-12-09 17:45 - 00085328 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys2014-12-09 17:44 - 2014-12-09 17:44 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.14181345056842014-12-09 17:44 - 2014-12-09 17:44 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys.14181345056842014-12-09 17:44 - 2014-12-09 17:44 - 00208416 _____ () C:\windows\system32\Drivers\aswVmm.sys2014-12-09 17:44 - 2014-12-09 17:44 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys2014-12-09 17:44 - 2014-12-09 17:44 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys2014-12-09 17:44 - 2014-12-09 17:44 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys2014-12-09 17:44 - 2014-12-09 17:44 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr2014-12-09 17:44 - 2014-12-09 17:44 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys2014-12-09 17:44 - 2014-12-09 17:43 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys2014-12-09 17:43 - 2014-12-09 17:43 - 00000000 ____D () C:\Program Files\AVAST Software2014-12-09 17:42 - 2014-12-09 17:42 - 00000000 ____D () C:\ProgramData\AVAST Software2014-12-09 17:41 - 2015-01-06 12:00 - 00000488 _____ () C:\windows\Tasks\avast! Updater.job2014-12-09 17:41 - 2014-12-09 17:41 - 00003232 _____ () C:\windows\System32\Tasks\avast! Updater2014-12-09 17:41 - 2014-12-09 17:41 - 00000000 ____D () C:\Program Files (x86)\avast! Updater2014-12-09 17:36 - 2014-12-19 13:15 - 00002784 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC2014-12-09 17:17 - 2014-12-09 17:17 - 00000420 _____ () C:\Users\Sherry\Documents\cc_20141209_084711.reg2014-12-09 17:15 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-12-09 17:15 - 2014-12-09 17:15 - 00000000 ____D () C:\Program Files (x86)\CCleaner2014-12-09 11:56 - 2014-12-09 11:56 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help2014-12-09 11:56 - 2014-12-09 11:56 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help2014-12-09 11:50 - 2014-12-09 11:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-12-09 06:02 - 2014-12-09 06:02 - 00002021 _____ () C:\Users\OMGHA\Desktop\Sherlock.lnk2014-12-09 06:02 - 2014-12-09 06:02 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\WinRAR2014-12-09 05:59 - 2014-12-29 12:57 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Apple Computer2014-12-09 05:59 - 2014-12-09 05:59 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\ATI2014-12-09 05:59 - 2014-12-09 05:59 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\ATI2014-12-09 05:59 - 2014-12-09 05:59 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\AMD2014-12-09 05:58 - 2015-01-03 14:59 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\VirtualStore2014-12-09 05:58 - 2014-12-27 12:42 - 00000000 ____D () C:\Users\OMGHA2014-12-09 05:58 - 2014-12-27 12:41 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo2014-12-09 05:58 - 2014-12-19 18:58 - 00000000 ____D () C:\Users\OMGHA\AppData\Roaming\Adobe2014-12-09 05:58 - 2014-12-19 10:09 - 00000000 ____D () C:\Users\OMGHA\AppData\Local\Google2014-12-09 05:58 - 2014-12-09 17:10 - 00112072 _____ () C:\Users\OMGHA\AppData\Local\GDIPFONTCACHEV1.DAT2014-12-09 05:58 - 2014-12-09 05:58 - 00001413 _____ () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-12-09 05:58 - 2014-12-09 05:58 - 00000020 ___SH () C:\Users\OMGHA\ntuser.ini2014-12-09 05:58 - 2014-09-15 19:55 - 00002060 _____ () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk2014-12-09 05:58 - 2009-07-14 08:24 - 00000000 ___RD () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-12-09 05:58 - 2009-07-14 08:19 - 00000000 ___RD () C:\Users\OMGHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-12-09 04:49 - 2009-09-05 02:14 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll2014-12-09 04:49 - 2009-09-05 02:14 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll2014-12-09 04:49 - 2009-09-05 01:59 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll2014-12-09 04:49 - 2009-09-05 01:59 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll2014-12-09 04:49 - 2008-10-15 14:52 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll2014-12-09 04:49 - 2008-10-15 14:52 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll2014-12-09 04:49 - 2008-10-15 14:52 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll2014-12-09 04:49 - 2008-10-15 14:52 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll2014-12-09 04:49 - 2008-10-15 14:52 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll2014-12-09 04:49 - 2008-10-15 14:52 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll2014-12-09 04:48 - 2006-11-29 21:36 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll2014-12-09 04:48 - 2006-11-29 21:36 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll2014-12-09 04:45 - 2014-12-09 04:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal2014-12-09 04:30 - 2014-12-09 04:30 - 00000000 ____D () C:\Program Files\Strogino CS Portal2014-12-09 04:14 - 2014-12-09 04:14 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bastion2014-12-09 04:14 - 2014-12-09 04:14 - 00000000 ____D () C:\Program Files (x86)\Bastion2014-12-09 04:12 - 2014-12-09 04:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA2014-12-09 04:04 - 2014-12-09 04:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games2014-12-09 04:03 - 2014-12-09 04:03 - 00000000 ____D () C:\Program Files (x86)\WB Games2014-12-09 03:45 - 2014-12-09 03:45 - 00000000 ____D () C:\Users\Sherry\Documents\My Games2014-12-09 03:44 - 2014-12-19 10:17 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center2014-12-09 03:44 - 2014-12-09 03:44 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Steam2014-12-09 03:43 - 2014-12-19 10:06 - 00000000 ____D () C:\Program Files (x86)\AMD AVT2014-12-09 03:43 - 2014-12-09 03:43 - 00061880 _____ () C:\windows\SysWOW64\CCCInstall_201412081913051244.log2014-12-09 03:42 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center2014-12-09 03:41 - 2014-12-19 10:06 - 00000000 ____D () C:\Program Files\ATI Technologies2014-12-09 03:31 - 2014-12-20 21:28 - 00000000 ____D () C:\ProgramData\Package Cache2014-12-09 03:30 - 2014-12-11 06:01 - 00000772 _____ () C:\SetupCD.txt2014-12-09 03:29 - 2014-12-11 06:00 - 00000000 ____D () C:\AMD2014-12-09 03:26 - 2010-06-02 13:25 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll2014-12-09 03:26 - 2010-06-02 13:25 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll2014-12-09 03:26 - 2010-05-26 20:11 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll2014-12-09 03:26 - 2010-05-26 20:11 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll2014-12-09 03:26 - 2010-02-04 18:31 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll2014-12-09 03:26 - 2009-09-05 02:14 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll2014-12-09 03:26 - 2009-09-05 02:14 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll2014-12-09 03:26 - 2009-09-05 02:14 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll2014-12-09 03:26 - 2009-09-05 02:14 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll2014-12-09 03:26 - 2009-09-05 01:59 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll2014-12-09 03:26 - 2009-09-05 01:59 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll2014-12-09 03:26 - 2009-09-05 01:59 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll2014-12-09 03:26 - 2009-09-05 01:59 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll2014-12-09 03:26 - 2009-09-05 01:59 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll2014-12-09 03:26 - 2009-09-05 01:59 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll2014-12-09 03:26 - 2009-09-05 01:59 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll2014-12-09 03:26 - 2009-09-05 01:59 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll2014-12-09 03:26 - 2009-03-16 22:48 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll2014-12-09 03:26 - 2009-03-16 22:48 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll2014-12-09 03:26 - 2009-03-16 22:48 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll2014-12-09 03:26 - 2009-03-16 22:48 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll2014-12-09 03:26 - 2009-03-16 22:48 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll2014-12-09 03:26 - 2009-03-16 22:48 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll2014-12-09 03:26 - 2009-03-09 23:57 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll2014-12-09 03:26 - 2009-03-09 23:57 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll2014-12-09 03:26 - 2009-03-09 23:57 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll2014-12-09 03:26 - 2009-03-09 23:57 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll2014-12-09 03:26 - 2008-10-27 18:34 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll2014-12-09 03:26 - 2008-10-27 18:34 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll2014-12-09 03:26 - 2008-10-27 18:34 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll2014-12-09 03:26 - 2008-10-27 18:34 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll2014-12-09 03:25 - 2008-10-27 18:34 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll2014-12-09 03:25 - 2008-10-27 18:34 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll2014-12-09 03:25 - 2008-10-27 18:34 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll2014-12-09 03:25 - 2008-10-27 18:34 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll2014-12-09 03:25 - 2008-07-31 19:11 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll2014-12-09 03:25 - 2008-07-31 19:11 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll2014-12-09 03:25 - 2008-07-31 19:11 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll2014-12-09 03:25 - 2008-07-31 19:11 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll2014-12-09 03:25 - 2008-07-31 19:10 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll2014-12-09 03:25 - 2008-07-31 19:10 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll2014-12-09 03:25 - 2008-07-10 19:31 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll2014-12-09 03:25 - 2008-07-10 19:30 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll2014-12-09 03:25 - 2008-07-10 19:30 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll2014-12-09 03:25 - 2008-07-10 19:30 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll2014-12-09 03:25 - 2008-07-10 19:30 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll2014-12-09 03:25 - 2008-07-10 19:30 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll2014-12-09 03:25 - 2008-05-30 22:49 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll2014-12-09 03:25 - 2008-05-30 22:49 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll2014-12-09 03:25 - 2008-05-30 22:48 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll2014-12-09 03:25 - 2008-05-30 22:48 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll2014-12-09 03:25 - 2008-05-30 22:47 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll2014-12-09 03:25 - 2008-05-30 22:47 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll2014-12-09 03:25 - 2008-05-30 22:47 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll2014-12-09 03:25 - 2008-05-30 22:46 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll2014-12-09 03:25 - 2008-05-30 22:41 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll2014-12-09 03:25 - 2008-05-30 22:41 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll2014-12-09 03:25 - 2008-05-30 22:41 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll2014-12-09 03:25 - 2008-05-30 22:41 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll2014-12-09 03:25 - 2008-05-30 22:41 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll2014-12-09 03:25 - 2008-05-30 22:41 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll2014-12-09 03:25 - 2008-03-06 00:34 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll2014-12-09 03:25 - 2008-03-06 00:33 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll2014-12-09 03:25 - 2008-03-06 00:33 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll2014-12-09 03:25 - 2008-03-06 00:33 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll2014-12-09 03:25 - 2008-03-06 00:30 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll2014-12-09 03:25 - 2008-03-06 00:30 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll2014-12-09 03:25 - 2008-03-06 00:26 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll2014-12-09 03:25 - 2008-03-06 00:26 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll2014-12-09 03:25 - 2008-03-06 00:26 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll2014-12-09 03:25 - 2008-03-06 00:26 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll2014-12-09 03:25 - 2008-02-06 07:37 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll2014-12-09 03:25 - 2008-02-06 07:37 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll2014-12-09 03:25 - 2007-10-22 12:10 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll2014-12-09 03:25 - 2007-10-22 12:09 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll2014-12-09 03:25 - 2007-10-22 12:07 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll2014-12-09 03:25 - 2007-10-22 12:07 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll2014-12-09 03:25 - 2007-10-12 23:44 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll2014-12-09 03:25 - 2007-10-12 23:44 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll2014-12-09 03:25 - 2007-10-12 23:44 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll2014-12-09 03:25 - 2007-10-12 23:44 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll2014-12-09 03:25 - 2007-10-02 18:26 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll2014-12-09 03:25 - 2007-10-02 18:26 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll2014-12-09 03:25 - 2007-07-20 09:27 - 00411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll2014-12-09 03:25 - 2007-07-20 09:27 - 00267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll2014-12-09 03:25 - 2007-07-20 02:44 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll2014-12-09 03:25 - 2007-07-20 02:44 - 01985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll2014-12-09 03:25 - 2007-07-20 02:44 - 01358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll2014-12-09 03:25 - 2007-07-20 02:44 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll2014-12-09 03:25 - 2007-07-20 02:44 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll2014-12-09 03:25 - 2007-06-21 05:19 - 00409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll2014-12-09 03:25 - 2007-06-21 05:16 - 00266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll2014-12-09 03:25 - 2007-05-17 01:15 - 04496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll2014-12-09 03:25 - 2007-05-17 01:15 - 03497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll2014-12-09 03:25 - 2007-05-17 01:15 - 01401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll2014-12-09 03:25 - 2007-05-17 01:15 - 01124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll2014-12-09 03:25 - 2007-05-17 01:15 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll2014-12-09 03:25 - 2007-05-17 01:15 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll2014-12-09 03:25 - 2007-04-05 03:25 - 00403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll2014-12-09 03:25 - 2007-04-05 03:25 - 00261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll2014-12-09 03:25 - 2007-03-16 01:27 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll2014-12-09 03:25 - 2007-03-16 01:27 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll2014-12-09 03:25 - 2007-03-13 01:12 - 04494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll2014-12-09 03:25 - 2007-03-13 01:12 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll2014-12-09 03:25 - 2007-03-13 01:12 - 01400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll2014-12-09 03:25 - 2007-03-13 01:12 - 01123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll2014-12-09 03:25 - 2007-03-05 21:12 - 00017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll2014-12-09 03:25 - 2007-03-05 21:12 - 00015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll2014-12-09 03:25 - 2007-01-24 23:57 - 00393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll2014-12-09 03:25 - 2007-01-24 23:57 - 00255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll2014-12-09 03:25 - 2006-12-08 20:32 - 00251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll2014-12-09 03:25 - 2006-12-08 20:30 - 00390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll2014-12-09 03:25 - 2006-11-29 21:36 - 00469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll2014-12-09 03:25 - 2006-11-29 21:36 - 00440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll2014-12-09 03:25 - 2006-09-29 00:35 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll2014-12-09 03:25 - 2006-09-29 00:35 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll2014-12-09 03:25 - 2006-09-29 00:35 - 00237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll2014-12-09 03:25 - 2006-09-29 00:34 - 00364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll2014-12-09 03:25 - 2006-07-28 18:01 - 00083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll2014-12-09 03:25 - 2006-07-28 18:00 - 00363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll2014-12-09 03:25 - 2006-07-28 18:00 - 00236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll2014-12-09 03:25 - 2006-07-28 18:00 - 00062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll2014-12-09 03:25 - 2006-05-31 15:54 - 00230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll2014-12-09 03:25 - 2006-05-31 15:52 - 00354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll2014-12-09 03:25 - 2006-03-31 21:11 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll2014-12-09 03:25 - 2006-03-31 21:10 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll2014-12-09 03:25 - 2006-03-31 21:10 - 00352464 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll2014-12-09 03:25 - 2006-03-31 21:09 - 00229584 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_1.dll2014-12-09 03:25 - 2006-03-31 21:09 - 00083664 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll2014-12-09 03:25 - 2006-03-31 21:09 - 00062672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_1.dll2014-12-09 03:25 - 2006-02-03 17:13 - 03830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll2014-12-09 03:25 - 2006-02-03 17:13 - 02332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll2014-12-09 03:25 - 2006-02-03 17:12 - 00355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll2014-12-09 03:25 - 2006-02-03 17:12 - 00230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll2014-12-09 03:25 - 2006-02-03 17:11 - 00016592 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll2014-12-09 03:25 - 2006-02-03 17:11 - 00014032 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_0.dll2014-12-09 03:25 - 2005-12-06 02:39 - 03815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll2014-12-09 03:25 - 2005-12-06 02:39 - 02323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll2014-12-09 03:25 - 2005-07-23 04:29 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll2014-12-09 03:25 - 2005-07-23 04:29 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll2014-12-09 03:25 - 2005-05-27 00:04 - 03767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll2014-12-09 03:25 - 2005-05-27 00:04 - 02297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll2014-12-09 03:25 - 2005-03-19 01:49 - 03823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll2014-12-09 03:25 - 2005-03-19 01:49 - 02337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll2014-12-09 03:25 - 2005-02-06 04:15 - 03544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll2014-12-09 03:25 - 2005-02-06 04:15 - 02222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll2014-12-09 03:18 - 2014-12-09 03:26 - 00000000 ____D () C:\windows\SysWOW64\directx2014-12-09 02:52 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes Crimes and Punishments2014-12-09 02:42 - 2014-12-09 02:43 - 00000000 ____D () C:\Program Files (x86)\Sherlock Holmes Crimes and Punishments2014-12-09 01:54 - 2014-12-11 06:33 - 00000000 ____D () C:\Users\Sherry\Downloads\Video2014-12-09 01:54 - 2014-12-10 07:48 - 00000000 ____D () C:\Users\Sherry\Downloads\Compressed Files2014-12-09 01:42 - 2015-01-06 09:42 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\DMCache2014-12-09 01:42 - 2014-12-21 12:41 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager2014-12-09 00:35 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN2014-12-09 00:35 - 2014-12-09 00:37 - 00000000 ____D () C:\Program Files\TAP-Windows2014-12-09 00:35 - 2014-12-09 00:37 - 00000000 ____D () C:\Program Files\OpenVPN2014-12-09 00:35 - 2014-12-09 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows2014-12-09 00:03 - 2013-10-30 03:05 - 00000000 ____D () C:\Users\OMGHA\Desktop\Wilmaa2014-12-08 23:54 - 2014-12-08 23:54 - 00000000 ____D () C:\Users\Sherry\.ebookreader2014-12-08 23:53 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Ebook Reader2014-12-08 23:53 - 2014-12-08 23:53 - 00000000 ____D () C:\Program Files (x86)\Icecream Ebook Reader2014-12-08 23:28 - 2014-12-27 12:41 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform2014-12-08 23:27 - 2014-12-19 11:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132014-12-08 23:26 - 2014-12-08 23:26 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2014-12-08 23:25 - 2014-12-08 23:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server2014-12-08 23:24 - 2014-12-08 23:25 - 00000000 ____D () C:\Program Files\Microsoft SQL Server2014-12-08 23:21 - 2014-12-08 23:21 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services2014-12-08 23:21 - 2014-12-08 23:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services2014-12-08 23:20 - 2014-12-20 11:33 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-12-08 23:20 - 2014-12-19 10:07 - 00000000 ____D () C:\Program Files\Microsoft Office2014-12-08 23:20 - 2014-12-08 23:20 - 00000000 ____D () C:\Users\Sherry\AppData\Local\Microsoft Help2014-12-08 23:20 - 2014-12-08 23:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office2014-12-08 23:18 - 2014-12-08 23:18 - 00000000 ___RD () C:\MSOCache2014-12-08 20:37 - 2014-12-08 20:37 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spelunky HD 1.02014-12-08 20:36 - 2014-12-08 20:36 - 00000000 ____D () C:\Games2014-12-08 20:11 - 2014-12-09 08:44 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\CompleteFCE2014-12-08 20:10 - 2014-12-08 20:10 - 00002657 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompleteFCE.lnk2014-12-08 20:10 - 2014-12-08 20:10 - 00000000 ____D () C:\Program Files (x86)\Cambridge2014-12-08 19:55 - 2014-12-19 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO2014-12-08 19:55 - 2014-12-08 19:55 - 00000000 ____D () C:\Program Files\PowerISO2014-12-08 19:55 - 2014-10-08 16:43 - 00127760 _____ (Power Software Ltd) C:\windows\system32\Drivers\scdemu.sys2014-12-08 17:58 - 2014-12-08 17:58 - 00000000 ____D () C:\ProgramData\Steam2014-12-08 17:36 - 2014-12-08 17:36 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer2014-12-08 08:13 - 2014-12-08 08:13 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab2014-12-08 08:13 - 2014-12-08 08:13 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab2014-12-08 07:21 - 2010-06-02 13:25 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll2014-12-08 07:21 - 2010-06-02 13:25 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll2014-12-08 07:21 - 2010-06-02 13:25 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll2014-12-08 07:21 - 2010-06-02 13:25 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll2014-12-08 07:21 - 2010-05-26 20:11 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll2014-12-08 07:21 - 2010-05-26 20:11 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll2014-12-08 07:21 - 2010-05-26 20:11 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll2014-12-08 07:21 - 2010-05-26 20:11 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll2014-12-08 07:21 - 2010-05-26 20:11 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll2014-12-08 07:21 - 2010-05-26 20:11 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll2014-12-08 07:21 - 2010-05-26 20:11 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll2014-12-08 07:21 - 2010-05-26 20:11 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll2014-12-08 07:21 - 2007-04-05 03:24 - 00107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll2014-12-08 07:21 - 2007-04-05 03:23 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-06 12:30 - 2013-11-24 15:44 - 00000000 ____D () C:\Program Files\SoftEther VPN Client2015-01-06 11:54 - 2013-08-28 23:59 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-01-06 11:53 - 2014-10-13 20:02 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-01-06 10:06 - 2009-07-14 08:15 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-01-06 10:06 - 2009-07-14 08:15 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-01-06 10:05 - 2013-08-28 23:59 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-01-06 10:05 - 2012-02-18 18:04 - 00590724 _____ () C:\windows\system32\fastboot.set2015-01-06 10:04 - 2009-07-14 08:43 - 00757336 _____ () C:\windows\system32\PerfStringBackup.INI2015-01-06 10:03 - 2012-02-18 17:28 - 01825157 _____ () C:\windows\WindowsUpdate.log2015-01-06 09:58 - 2009-07-14 08:38 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-01-06 09:41 - 2012-11-25 19:01 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Skype2015-01-04 10:29 - 2013-05-24 17:12 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\uTorrent2015-01-03 15:33 - 2012-02-18 17:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-12-27 13:42 - 2013-11-29 11:49 - 03845120 ___SH () C:\Users\Sherry\Desktop\Thumbs.db2014-12-27 12:41 - 2014-05-20 23:37 - 00000000 ____D () C:\windows\ERUNT2014-12-27 12:41 - 2013-11-17 19:48 - 00000000 ____D () C:\Users\OMGHA\Documents\Anti-Filter2014-12-27 12:41 - 2012-11-22 01:13 - 00000000 ____D () C:\Users\Sherry2014-12-27 12:41 - 2009-07-14 06:50 - 00000000 ____D () C:\windows\AppCompat2014-12-27 12:39 - 2009-07-14 06:50 - 00000000 ____D () C:\windows\registration2014-12-27 12:15 - 2014-10-20 06:51 - 00000000 ____D () C:\ProgramData\IDM2014-12-26 07:52 - 2013-11-17 09:18 - 00000000 ____D () C:\temp2014-12-22 18:15 - 2009-07-14 06:50 - 00000000 __RHD () C:\Users\Default2014-12-22 18:11 - 2009-07-14 06:04 - 00000215 _____ () C:\windows\system.ini2014-12-21 16:40 - 2009-07-14 06:50 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared2014-12-21 12:39 - 2009-07-14 06:50 - 00000000 __RSD () C:\windows\Media2014-12-21 10:42 - 2014-05-20 23:50 - 00000000 ____D () C:\AdwCleaner2014-12-21 06:58 - 2009-07-14 06:50 - 00000000 ____D () C:\windows\rescache2014-12-21 03:17 - 2009-07-14 06:50 - 00000000 ____D () C:\windows\PolicyDefinitions2014-12-20 20:12 - 2013-11-24 15:46 - 00038240 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\Drivers\see.sys2014-12-20 20:12 - 2013-11-24 15:45 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\windows\system32\vpncmd.exe2014-12-20 11:50 - 2014-05-07 12:55 - 00000000 ___SD () C:\windows\system32\CompatTel2014-12-19 21:34 - 2012-12-04 15:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-12-19 11:45 - 2013-07-20 15:54 - 00000000 ____D () C:\windows\system32\MRT2014-12-19 11:41 - 2012-11-23 01:54 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2014-12-19 10:18 - 2009-07-14 06:50 - 00000000 __RHD () C:\Users\Public\Libraries2014-12-19 10:18 - 2009-07-14 06:50 - 00000000 ____D () C:\windows\servicing2014-12-19 10:17 - 2014-08-04 03:12 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Zona2014-12-19 10:17 - 2013-12-08 18:08 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Winamp2014-12-19 10:17 - 2013-08-29 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-12-19 10:17 - 2012-11-22 01:13 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo2014-12-19 10:16 - 2013-08-15 19:33 - 00000000 ____D () C:\Program Files (x86)\GC2014-12-19 10:16 - 2012-02-18 17:39 - 00000000 ____D () C:\Program Files\AMD2014-12-19 10:16 - 2012-02-18 17:37 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies2014-12-19 10:06 - 2012-02-18 18:15 - 00000000 ____D () C:\Program Files (x86)\Google2014-12-19 10:06 - 2012-02-18 17:37 - 00000000 ____D () C:\Program Files\ATI2014-12-18 20:54 - 2012-11-22 01:11 - 00000000 ____D () C:\Recovery2014-12-11 06:22 - 2012-02-18 17:40 - 00000000 ____D () C:\ProgramData\AMD2014-12-10 17:03 - 2009-07-14 09:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-12-10 17:03 - 2009-07-14 09:02 - 00000000 ____D () C:\Program Files\Windows Sidebar2014-12-10 17:03 - 2009-07-14 09:02 - 00000000 ____D () C:\Program Files\DVD Maker2014-12-10 17:03 - 2009-07-14 06:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories2014-12-10 17:02 - 2011-09-29 07:07 - 00000000 ____D () C:\windows\ShellNew2014-12-10 17:02 - 2009-07-14 06:50 - 00000000 ____D () C:\windows\system32\spool2014-12-10 06:06 - 2014-03-12 23:31 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\HandBrake2014-12-10 05:57 - 2014-10-22 03:25 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-12-10 05:57 - 2012-11-25 19:01 - 00000000 ____D () C:\ProgramData\Skype2014-12-09 23:33 - 2014-03-18 03:02 - 00000000 ____D () C:\Users\Sherry\AppData\Local\Popcorn-Time2014-12-09 21:09 - 2012-11-23 01:47 - 00000000 ____D () C:\Program Files\VideoLAN2014-12-09 18:12 - 2014-10-20 06:51 - 00000000 ____D () C:\Users\Sherry\AppData\Roaming\IDM2014-12-09 18:02 - 2014-05-22 05:20 - 00000000 ____D () C:\Program Files (x86)\VideoLAN2014-12-09 18:02 - 2013-07-21 20:31 - 00000000 ____D () C:\windows\Minidump2014-12-09 18:02 - 2011-02-22 14:49 - 00000000 ____D () C:\windows\Panther2014-12-09 17:39 - 2012-11-30 00:47 - 00001945 _____ () C:\windows\epplauncher.mif2014-12-09 16:54 - 2012-11-22 01:27 - 00000000 ____D () C:\Users\Sherry\AppData\Local\Google2014-12-09 16:43 - 2012-11-22 01:17 - 00112072 _____ () C:\Users\Sherry\AppData\Local\GDIPFONTCACHEV1.DAT2014-12-09 16:42 - 2009-07-14 08:15 - 00436424 _____ () C:\windows\system32\FNTCACHE.DAT2014-12-09 12:16 - 2009-07-14 06:50 - 00000000 ____D () C:\Program Files\Common Files\System2014-12-09 12:16 - 2009-07-14 06:04 - 00000502 _____ () C:\windows\win.ini2014-12-09 02:04 - 2013-01-29 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc2014-12-09 01:17 - 2014-03-18 19:23 - 00000000 ___HD () C:\Users\Sherry\Desktop\.picasaoriginals2014-12-09 00:23 - 2013-11-17 19:24 - 00000600 _____ () C:\Users\Sherry\PUTTY.RND2014-12-08 19:53 - 2012-02-18 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo2014-12-08 19:53 - 2012-02-18 18:01 - 00000000 ____D () C:\Program Files (x86)\Lenovo Some content of TEMP:====================C:\Users\OMGHA\AppData\Local\Temp\FreemakeVideoConverterFull.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 21:57 ==================== End Of Log ============================
  6. So about two months ago I accidentally downloaded some malware. I recognized it as soon as it started downloading and deleted it before it could install completely, but it did manage to change some of my settings. The most noticeable change was that it forced me to use a proxy (127.0.0.1;8800) and did not allow me to change it. The sliders and check boxes that normally would help me disable the proxy are just grayed out. It says some settings are managed by my administrator. I managed to get Chrome working again after digging through regedit, but I still notice a few of my programs (Internet Explorer, Steam, etc.) can not connect to the internet. Any advice? Here is what FRST had to say: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014Ran by AJ (administrator) on JAGWA on 18-12-2014 15:33:21Running from C:\Users\AJ\DownloadsLoaded Profile: AJ (Available profiles: AJ)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: "https://www.youtube.com/feed/subscriptions" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\AJ\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-20]CHR Extension: (Adblock Plus) - C:\Users\AJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-22]CHR Extension: (Bing) - C:\Users\AJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2014-12-11]CHR Extension: (Google Wallet) - C:\Users\AJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-08]CHR HKU\S-1-5-21-1042700968-1541978006-1148080477-1001\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)R3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [394512 2013-12-16] (Hauppauge Computer Works, Inc.)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]S2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]S2 Hamachi2Svc; C:\hamachi-2.exe -s [X]S2 YouTubeDownload_P2; C:\Program Files (x86)\YouTube Downloader Services\P2\youtubeserv.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)R3 hcwE5bda; C:\Windows\system32\drivers\hcwE5bda.sys [968792 2013-11-04] (Hauppauge Computer Work, Inc.)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-18] (Malwarebytes Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-18 15:33 - 2014-12-18 15:33 - 00020249 _____ () C:\Users\AJ\Downloads\FRST.txt2014-12-18 15:09 - 2014-12-18 15:09 - 02121216 _____ (Farbar) C:\Users\AJ\Downloads\FRST64.exe2014-12-18 14:53 - 2014-12-18 14:53 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\AJ\Downloads\rkill.com2014-12-18 14:28 - 2014-12-18 15:33 - 00000000 ___DC () C:\FRST2014-12-18 14:28 - 2014-12-18 14:28 - 18315864 _____ () C:\Users\AJ\Downloads\RogueKillerX64.exe2014-12-18 14:28 - 2014-12-18 14:28 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys2014-12-18 14:28 - 2014-12-18 14:28 - 00000000 ____D () C:\ProgramData\RogueKiller2014-12-18 14:10 - 2014-12-18 14:10 - 01142392 _____ () C:\Users\AJ\Downloads\SteamSetup (1).exe2014-12-18 14:01 - 2014-12-18 14:04 - 00000000 ___DC () C:\AdwCleaner2014-12-18 14:00 - 2014-12-18 14:01 - 02166272 _____ () C:\Users\AJ\Downloads\AdwCleaner.exe2014-12-18 13:21 - 2014-12-18 14:55 - 00000000 ____D () C:\Program Files (x86)\Steam2014-12-18 13:21 - 2014-12-18 14:10 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk2014-12-18 13:21 - 2014-12-18 13:21 - 01142392 _____ () C:\Users\AJ\Downloads\SteamSetup.exe2014-12-18 13:21 - 2014-12-18 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam2014-12-15 18:51 - 2014-12-15 18:51 - 00004630 _____ () C:\Users\AJ\AppData\Local\recently-used.xbel2014-12-15 16:48 - 2014-12-15 16:48 - 08941140 _____ () C:\Users\AJ\Downloads\audacity-win-2.0.6 (1).zip2014-12-15 16:48 - 2014-12-15 16:48 - 00000000 ____D () C:\Users\AJ\Downloads\audacity-win-2.0.6 (1)2014-12-15 16:43 - 2014-12-15 16:44 - 20546786 _____ () C:\Users\AJ\Downloads\Future City Science Fiction 3D Visual Effects.mp42014-12-11 21:39 - 2014-12-11 21:42 - 483929486 _____ () C:\Users\AJ\Downloads\nohomebrew.zip2014-12-11 17:50 - 2014-12-11 17:55 - 01252032 _____ () C:\Users\AJ\Downloads\Logitech G930 Driver (1).exe2014-12-11 17:34 - 2014-12-11 17:34 - 01242304 _____ () C:\Users\AJ\Downloads\Logitech G930 Driver.exe2014-12-11 17:11 - 2014-12-11 17:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-12-11 17:10 - 2014-12-11 17:11 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-12-11 17:10 - 2014-12-11 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2014-12-11 17:09 - 2014-12-11 17:09 - 01548384 _____ (Skype Technologies S.A.) C:\Users\AJ\Downloads\SkypeSetup.exe2014-12-10 21:03 - 2014-12-10 21:03 - 00000951 _____ () C:\Users\AJ\Desktop\Open Broadcaster Software.lnk2014-12-10 21:03 - 2014-12-10 21:03 - 00000000 ____D () C:\Program Files (x86)\OBS2014-12-10 20:57 - 2014-12-10 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software2014-12-10 20:56 - 2014-12-10 20:56 - 04030370 _____ ( ) C:\Users\AJ\Downloads\OBS_0452a_Installer.exe2014-12-10 20:52 - 2014-12-10 20:52 - 08952729 _____ () C:\Users\AJ\Downloads\OBS_0452a_Source.zip2014-12-10 19:02 - 2014-12-10 19:03 - 00000000 ____D () C:\Program Files\Virtual Audio Cable2014-12-10 19:02 - 2014-12-10 19:02 - 00110368 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys2014-12-10 19:02 - 2014-12-10 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable2014-12-10 19:01 - 2014-12-10 19:01 - 00549492 _____ () C:\Users\AJ\Downloads\vac414.zip2014-12-10 19:01 - 2014-12-10 19:01 - 00230768 _____ () C:\Users\AJ\Downloads\vac414.exe2014-12-10 18:04 - 2014-12-14 16:53 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\OBS2014-12-10 18:02 - 2014-12-10 18:02 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software2014-12-10 18:02 - 2014-12-10 18:02 - 00000000 ____D () C:\Program Files\OBS2014-12-10 18:01 - 2014-12-10 18:01 - 07518634 _____ () C:\Users\AJ\Downloads\OBS_0_638b_Installer.exe2014-12-10 16:39 - 2014-12-10 16:39 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin2014-12-10 16:39 - 2014-12-10 16:39 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\SplitmediaLabs2014-12-10 16:39 - 2014-12-10 16:39 - 00000000 ____D () C:\ProgramData\SplitMediaLabs2014-12-10 16:39 - 2014-12-10 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit2014-12-10 16:39 - 2014-12-10 16:39 - 00000000 ____D () C:\Program Files (x86)\SplitmediaLabs2014-12-10 16:38 - 2014-12-10 16:38 - 63146232 _____ (SplitmediaLabs) C:\Users\AJ\Downloads\xsplit_gc_installer.exe2014-12-10 01:59 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll2014-12-10 01:59 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll2014-12-10 01:59 - 2014-10-30 16:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2014-12-10 01:59 - 2014-10-30 16:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2014-12-10 01:47 - 2014-11-21 20:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-12-10 01:47 - 2014-11-21 19:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-12-10 01:47 - 2014-11-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-12-10 01:47 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2014-12-10 01:47 - 2014-11-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-12-10 01:47 - 2014-11-21 19:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-12-10 01:47 - 2014-11-21 19:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-12-10 01:47 - 2014-11-21 19:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-12-10 01:47 - 2014-11-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-12-10 01:47 - 2014-11-21 19:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-12-10 01:47 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2014-12-10 01:47 - 2014-11-21 19:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2014-12-10 01:47 - 2014-11-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-12-10 01:47 - 2014-11-21 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-12-10 01:47 - 2014-11-21 19:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-12-10 01:47 - 2014-11-21 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll2014-12-10 01:47 - 2014-11-21 18:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2014-12-10 01:47 - 2014-11-21 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2014-12-10 01:47 - 2014-11-21 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-12-10 01:47 - 2014-11-21 18:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-12-10 01:47 - 2014-11-21 18:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-12-10 01:47 - 2014-11-21 18:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-12-10 01:47 - 2014-11-21 18:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-12-10 01:47 - 2014-11-21 18:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-12-10 01:47 - 2014-11-21 18:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2014-12-10 01:47 - 2014-11-21 18:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-12-10 01:47 - 2014-11-21 18:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-12-10 01:47 - 2014-11-21 18:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll2014-12-10 01:47 - 2014-11-21 18:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-12-10 01:47 - 2014-11-21 18:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2014-12-10 01:47 - 2014-11-21 18:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-12-10 01:47 - 2014-11-21 18:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-12-10 01:47 - 2014-11-21 18:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-12-10 01:47 - 2014-11-21 18:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-12-10 01:47 - 2014-11-21 18:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-12-10 01:47 - 2014-11-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-12-10 01:47 - 2014-11-21 18:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-12-10 01:47 - 2014-11-21 17:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-12-10 01:47 - 2014-11-21 17:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-12-10 01:47 - 2014-11-06 21:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2014-12-10 01:47 - 2014-11-06 20:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2014-12-10 01:47 - 2014-10-31 16:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll2014-12-10 01:47 - 2014-10-31 16:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll2014-12-10 01:47 - 2014-10-12 19:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys2014-12-10 01:47 - 2014-10-12 19:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys2014-12-10 01:47 - 2014-10-12 19:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys2014-12-10 01:47 - 2014-10-12 19:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys2014-11-30 22:25 - 2014-11-30 22:27 - 54882588 _____ () C:\Users\AJ\Downloads\The Legend of Zelda Wii U Gameplay Trailer E3 2014 Nintendo Digital Event.mp42014-11-30 22:04 - 2014-11-30 22:04 - 00000000 ____D () C:\Users\AJ\Downloads\audacity-win-2.0.62014-11-30 22:02 - 2014-11-30 22:03 - 08941140 _____ () C:\Users\AJ\Downloads\audacity-win-2.0.6.zip2014-11-30 16:06 - 2014-11-30 16:06 - 00625685 _____ () C:\Users\AJ\Downloads\cardboard_design_v1.0.zip2014-11-30 13:27 - 2014-11-30 13:29 - 81612822 _____ () C:\Users\AJ\Downloads\Mario Kart 8 - Luigi -Death Stare- Compilation.mp42014-11-30 13:24 - 2014-11-30 13:26 - 55231577 _____ () C:\Users\AJ\Downloads\videoplayback2014-11-24 22:38 - 2014-11-24 22:38 - 00002140 _____ () C:\Users\Public\Desktop\ArcSoft ShowBiz (Video Editor).lnk2014-11-24 22:38 - 2014-11-24 22:38 - 00000393 _____ () C:\Windows\SysWOW64\deleteme.log2014-11-24 22:37 - 2014-11-24 22:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-11-24 22:37 - 2007-04-19 09:39 - 00256768 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLURT.dll2014-11-24 22:37 - 2005-07-16 02:35 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll2014-11-24 22:37 - 2005-05-28 06:58 - 00393216 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLUP60.dll2014-11-24 22:36 - 2014-12-15 21:45 - 00000000 ____D () C:\Users\Public\Hauppauge Capture2014-11-24 22:36 - 2014-11-24 22:38 - 00000000 ____D () C:\ProgramData\Hauppauge2014-11-24 22:36 - 2014-11-24 22:36 - 00002108 _____ () C:\Users\Public\Desktop\Hauppauge Capture.lnk2014-11-24 22:36 - 2008-06-30 09:02 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll2014-11-24 22:31 - 2014-11-24 22:35 - 279021056 _____ () C:\Users\AJ\Downloads\hauppaugecapture_1_0_31351_full (1).exe2014-11-24 21:23 - 2014-11-24 21:23 - 05890416 _____ () C:\Users\AJ\Downloads\hdpvr2_driver_1_5_32118.exe2014-11-23 22:40 - 2014-12-18 14:44 - 01134307 _____ () C:\Windows\WindowsUpdate.log2014-11-23 18:44 - 2014-12-15 20:11 - 00338432 ___SH () C:\Users\AJ\Desktop\Thumbs.db2014-11-23 18:36 - 2014-11-23 18:36 - 02395584 _____ () C:\Users\AJ\Downloads\Punch-Out!! (Wii) Debut Trailer (2).mp42014-11-23 18:36 - 2014-11-23 18:36 - 02395584 _____ () C:\Users\AJ\Downloads\Punch-Out!! (Wii) Debut Trailer (1).mp42014-11-23 18:26 - 2014-11-23 18:27 - 121823676 _____ () C:\Users\AJ\Downloads\Legend of Zelda- Skyward Sword - The Triforce and the Ancient Seal [HD].mp42014-11-23 18:25 - 2014-11-23 18:25 - 01722610 _____ () C:\Users\AJ\Downloads\Punch-Out!! (Wii) Debut Trailer.flv2014-11-23 15:27 - 2014-11-23 16:43 - 1162385682 _____ () C:\Users\AJ\Downloads\The Legend of Zelda - The Wind Waker.rar2014-11-23 15:15 - 2012-10-08 21:30 - 00000000 ____D () C:\Users\AJ\Documents\The_Legend_Of_Zelda_The_Wind_Waker_USA_NGC-STARCUBE2014-11-22 12:18 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll2014-11-21 17:11 - 2007-06-27 21:11 - 00192512 _____ () C:\Users\AJ\Desktop\TakeControl.exe2014-11-21 17:10 - 2014-11-21 17:10 - 00171479 _____ () C:\Users\AJ\Downloads\TakeControlb2 (2).zip2014-11-21 16:15 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-11-21 16:15 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-11-21 16:15 - 2014-11-09 16:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll2014-11-21 16:15 - 2014-11-09 16:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll2014-11-19 16:56 - 2014-11-19 16:56 - 00000000 ____D () C:\aa3641d017bdac51bd30d9 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-18 15:32 - 2014-10-19 21:21 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-12-18 15:29 - 2013-12-24 10:37 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1042700968-1541978006-1148080477-10012014-12-18 15:26 - 2014-07-06 14:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-12-18 15:10 - 2013-12-24 12:32 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\Skype2014-12-18 15:00 - 2014-02-21 23:59 - 00565248 ___SH () C:\Users\AJ\Downloads\Thumbs.db2014-12-18 15:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru2014-12-18 14:11 - 2013-12-24 10:28 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI2014-12-18 14:08 - 2014-11-06 12:05 - 00000000 ___HD () C:\a2014-12-18 14:08 - 2014-10-19 21:21 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-12-18 14:08 - 2014-01-30 20:13 - 00000000 ____D () C:\Users\AJ\AppData\Local\Adobe2014-12-18 14:07 - 2014-05-10 13:07 - 00000000 __RDO () C:\Users\AJ\SkyDrive2014-12-18 14:05 - 2014-06-25 15:43 - 00000000 ____D () C:\ProgramData\NVIDIA2014-12-18 14:05 - 2013-12-24 10:22 - 00056024 _____ () C:\Windows\PFRO.log2014-12-18 14:05 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-12-18 14:04 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI2014-12-18 13:15 - 2014-11-15 20:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-12-18 05:07 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp2014-12-18 03:35 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness2014-12-15 21:34 - 2014-01-11 11:03 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\Audacity2014-12-15 21:33 - 2014-01-11 19:14 - 00000000 ____D () C:\Users\AJ\.gimp-2.82014-12-15 18:51 - 2014-02-24 19:49 - 00000000 ____D () C:\Users\AJ\AppData\Local\gtk-2.02014-12-14 12:20 - 2014-11-14 19:33 - 00001133 _____ () C:\Windows\setupact.log2014-12-13 13:51 - 2014-02-21 23:56 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\vlc2014-12-12 03:57 - 2013-12-24 10:49 - 00000000 ____D () C:\Windows\system32\MRT2014-12-12 03:50 - 2013-12-24 10:49 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-12-11 17:59 - 2014-01-19 02:20 - 00000000 ____D () C:\Users\AJ\Desktop\Wonders Await Within2014-12-11 17:42 - 2013-12-24 10:31 - 00000000 ____D () C:\Users\AJ2014-12-11 17:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS2014-12-11 17:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS2014-12-11 17:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-12-11 17:10 - 2014-01-25 13:16 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk2014-12-11 17:10 - 2013-12-24 11:18 - 00000000 ____D () C:\ProgramData\Skype2014-12-11 16:17 - 2014-01-25 13:17 - 00000000 ____D () C:\Users\AJ\AppData\Local\Paint.NET2014-12-09 11:26 - 2014-07-06 14:22 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-11-26 14:10 - 2014-10-18 19:16 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-11-26 14:10 - 2014-10-18 19:16 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-11-24 22:38 - 2014-01-12 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge2014-11-24 22:37 - 2014-01-12 16:52 - 00000000 ____D () C:\Program Files (x86)\ArcSoft2014-11-24 22:36 - 2014-01-12 16:48 - 00004671 _____ () C:\Windows\HCWPNP.INI2014-11-24 22:36 - 2014-01-12 16:00 - 00004521 ____C () C:\hcwDriverInstall.txt2014-11-24 22:36 - 2014-01-12 15:40 - 00000000 ____D () C:\Program Files (x86)\Hauppauge2014-11-24 22:34 - 2014-01-12 16:00 - 00002127 _____ () C:\Users\Public\Desktop\Hauppauge Personal Logo inserter.lnk2014-11-23 20:45 - 2014-01-25 12:32 - 00000000 ____D () C:\Program Files (x86)\QuickTime2014-11-23 19:55 - 2014-02-06 23:15 - 00000000 ____D () C:\Windows\Minidump2014-11-22 12:18 - 2013-12-25 09:24 - 00281156 _____ () C:\Windows\DirectX.log2014-11-19 16:55 - 2014-11-16 17:19 - 00002312 _____ () C:\Users\AJ\Desktop\Google Chrome.lnk Some content of TEMP:====================C:\Users\AJ\AppData\Local\Temp\32E6C7e1.exeC:\Users\AJ\AppData\Local\Temp\46f3DcFbB4.exeC:\Users\AJ\AppData\Local\Temp\dllnt_dump.dllC:\Users\AJ\AppData\Local\Temp\hcwclear.exeC:\Users\AJ\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exeC:\Users\AJ\AppData\Local\Temp\Quarantine.exeC:\Users\AJ\AppData\Local\Temp\SearchProtectionSetup.exeC:\Users\AJ\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-13 03:06 ==================== End Of Log ============================ And here is the addition:Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014Ran by AJ at 2014-12-18 15:33:51Running from C:\Users\AJ\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated)Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)ArcSoft ShowBiz (HKLM-x32\...\{4653DA78-3DB2-4F38-A35D-675CA0AF49CA}) (Version: - ArcSoft)Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Chrome Launcher (HKLM-x32\...\{8B5E8E15-7229-4C46-887A-27E1F62AC7FC}) (Version: 1.0.0 - TopTab)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)Divekick (HKLM-x32\...\Steam App 244730) (Version: - Iron Galaxy Studios)Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)Elite Unzip (HKLM-x32\...\Elite Unzip) (Version: 1.1.7640.260 - Mindspark Interactive Network) <==== ATTENTIONEPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )Free Sound Recorder v10.0.4 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2014 FreeSoundRecorder Technologies, Inc.)GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenHauppauge Capture (HKLM-x32\...\Hauppauge Capture) (Version: 1.0.31351 - Hauppauge Computer Works)Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.3.31349 - Hauppauge Computer Works, Inc.)Hauppauge StreamEez (HKLM-x32\...\Hauppauge StreamEez) (Version: 1.0.31029 - Hauppauge Computer Works, Inc.)Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)iSkysoft Video Converter Ultimate(Build 5.4.1.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 5.4.1.0 - iSkysoft Software)iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) HiddenMalwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4667.1002 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Localization Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) HiddenOpen Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )Open Broadcaster Software version 0.452a (HKLM-x32\...\{F017778C-11C7-4E57-8124-F10C5AD74B1E}_is1) (Version: 0.452a - )Open Downloader Manager (HKLM-x32\...\OpenDownloaderManager) (Version: - Installer Technology Co)OpenAL (HKLM-x32\...\OpenAL) (Version: - )Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner)resident evil 4 / biohazard 4 (HKLM-x32\...\Steam App 254700) (Version: - Capcom)Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.100 - Skype Technologies S.A.)Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)Unity (HKLM-x32\...\Unity) (Version: 4.5.4f1 - Unity Technologies ApS)Unity Web Player (HKU\S-1-5-21-1042700968-1541978006-1148080477-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)Virtual Audio Cable 4.14 (HKLM\...\Virtual Audio Cable 4.14) (Version: - )VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)WinRAR 5.10 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)XSplit Gamecaster (HKLM-x32\...\{8780DFA8-7E56-43B1-93DB-FE001F8290D7}) (Version: 2.0.1411.2413 - SplitmediaLabs) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 23-11-2014 20:37:42 Removed ShowBiz24-11-2014 22:36:52 Installed ShowBiz10-12-2014 03:29:47 Windows Update18-12-2014 14:35:22 BEFORE ROUGEKILLER ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03185193-1CA8-4062-AF70-3659B87FD01F} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exeTask: {1B12C085-26A6-49B5-B656-9FBE2B3AE0EB} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exeTask: {1EE7E4C7-C334-452C-B2F3-FFF524C6AFF0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Jagwa36@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)Task: {2EB01A71-07F3-43BC-9C52-58C59956F7EB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)Task: {37A44558-E85F-4F91-A825-ACB6169E5306} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\updater.exeTask: {39ECB8AA-B4C9-458A-9193-E9BD813FBD0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)Task: {3F3335A5-ECDD-4C36-B5C0-294796DA6D60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)Task: {49DE5AB9-C326-496A-A672-BDAE5B521276} - \PastaQuotes No Task File <==== ATTENTIONTask: {5829697A-514E-48DD-82CD-CF8E0ACE7026} - System32\Tasks\{0E2DFA2A-9B75-4388-BFD3-A5AC7A07E981} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect\runme.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect"Task: {6450311F-29A3-40E4-A9C0-EA3DD63298DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)Task: {7E1003B7-7A16-4D45-9A34-AC5BA53C5258} - System32\Tasks\boosterpop => C:\Program Files (x86)\Portable Booster\WarningPopUp.exeTask: {87802EB2-D08B-4655-8582-E969D1D064C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)Task: {AD6C8032-5CBE-424A-9E39-5B13D3D12C7A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-12] (Microsoft Corporation)Task: {E906F88E-B2DF-4635-929A-2EB86EE5CC4C} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exeTask: {ECF37F86-2F18-4C8D-B7AF-29365A9A30BF} - System32\Tasks\{2C4821E6-7933-454D-9DA1-62EF2B301F04} => pcalua.exe -a "C:\Users\AJ\Downloads\Xbox360_64Eng (1).exe" -d C:\Users\AJ\DownloadsTask: {F4A49CCB-069F-4104-ABBC-4A5D2C61F02D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {FBB12DCD-1FE2-4D7A-9367-C606041D9146} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-25 15:43 - 2014-03-04 06:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2014-07-10 16:03 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll2014-03-15 01:00 - 2014-03-15 01:00 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll2014-11-15 09:51 - 2014-09-23 06:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll2014-10-01 22:06 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll2014-11-06 12:05 - 2014-10-27 01:06 - 00007168 _____ () C:\a\internetport3.exe2014-02-18 17:03 - 2014-02-18 17:03 - 04697968 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll2014-10-01 22:06 - 2014-08-05 10:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll2014-10-01 22:06 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll2014-12-11 22:33 - 2014-12-05 18:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll2014-12-11 22:33 - 2014-12-05 18:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll2014-12-11 22:33 - 2014-12-05 18:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll2014-11-16 16:17 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\AJ\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll2014-11-16 16:17 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\AJ\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\AJ\SkyDrive:ms-propertiesAlternateDataStreams: C:\Users\AJ\SkyDrive (2).old:ms-propertiesAlternateDataStreams: C:\Users\AJ\SkyDrive (3).old:ms-propertiesAlternateDataStreams: C:\Users\AJ\SkyDrive.old:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\36644605.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\36644605.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "NvBackend"HKLM\...\StartupApproved\Run: => "Nvtmru"HKLM\...\StartupApproved\Run: => "XboxStat"HKLM\...\StartupApproved\Run32: => "dnsshield"HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"HKLM\...\StartupApproved\Run32: => "QuickTime Task" ========================= Accounts: ========================== Administrator (S-1-5-21-1042700968-1541978006-1148080477-500 - Administrator - Disabled)AJ (S-1-5-21-1042700968-1541978006-1148080477-1001 - Administrator - Enabled) => C:\Users\AJGuest (S-1-5-21-1042700968-1541978006-1148080477-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-1042700968-1541978006-1148080477-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: G:\Description: MS/MS-PRO Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}Manufacturer: Generic-Service: WUDFWpdFsProblem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: H:\Description: xD-Picture Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}Manufacturer: Generic-Service: WUDFWpdFsProblem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: E:\Description: Compact Flash Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}Manufacturer: Generic-Service: WUDFWpdFsProblem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: F:\Description: SD/MMC Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}Manufacturer: Generic-Service: WUDFWpdFsProblem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors:==================Error: (12/18/2014 02:10:27 PM) (Source: Steam Client Service) (EventID: 1) (User: )Description: Error: Failed to poke open firewall Error: (12/18/2014 01:21:34 PM) (Source: Steam Client Service) (EventID: 1) (User: )Description: Error: Failed to poke open firewall Error: (12/18/2014 03:41:28 AM) (Source: SideBySide) (EventID: 35) (User: )Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.Component identity found in manifest does not match the identity of the component requested.Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".Please use sxstrace.exe for detailed diagnosis. Error: (12/18/2014 03:35:47 AM) (Source: SideBySide) (EventID: 35) (User: )Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.Component identity found in manifest does not match the identity of the component requested.Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".Please use sxstrace.exe for detailed diagnosis. Error: (12/16/2014 04:49:03 AM) (Source: SideBySide) (EventID: 35) (User: )Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.Component identity found in manifest does not match the identity of the component requested.Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".Please use sxstrace.exe for detailed diagnosis. Error: (12/15/2014 09:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: HauppaugeCapture.exe, version: 1.0.0.0, time stamp: 0x52af907dFaulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460Exception code: 0x0eedfadeFault offset: 0x00012f71Faulting process id: 0x320Faulting application start time: 0xHauppaugeCapture.exe0Faulting application path: HauppaugeCapture.exe1Faulting module path: HauppaugeCapture.exe2Report Id: HauppaugeCapture.exe3Faulting package full name: HauppaugeCapture.exe4Faulting package-relative application ID: HauppaugeCapture.exe5 Error: (12/15/2014 09:45:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: HauppaugeCapture.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: exception code eedfade, exception address 77462F71 Error: (12/15/2014 06:33:29 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: PhotosApp.exe, version: 6.3.9600.17122, time stamp: 0x537192feFaulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69Exception code: 0xc000027bFault offset: 0x00000000000547acFaulting process id: 0x8ecFaulting application start time: 0xPhotosApp.exe0Faulting application path: PhotosApp.exe1Faulting module path: PhotosApp.exe2Report Id: PhotosApp.exe3Faulting package full name: PhotosApp.exe4Faulting package-relative application ID: PhotosApp.exe5 Error: (12/15/2014 05:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: PhotosApp.exe, version: 6.3.9600.17122, time stamp: 0x537192feFaulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17238, time stamp: 0x53d0d45cException code: 0xc000027bFault offset: 0x000000000084a6f2Faulting process id: 0xeb4Faulting application start time: 0xPhotosApp.exe0Faulting application path: PhotosApp.exe1Faulting module path: PhotosApp.exe2Report Id: PhotosApp.exe3Faulting package full name: PhotosApp.exe4Faulting package-relative application ID: PhotosApp.exe5 Error: (12/15/2014 05:24:49 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: PhotosApp.exe, version: 6.3.9600.17122, time stamp: 0x537192feFaulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17238, time stamp: 0x53d0d45cException code: 0xc000027bFault offset: 0x000000000084a6f2Faulting process id: 0xb00Faulting application start time: 0xPhotosApp.exe0Faulting application path: PhotosApp.exe1Faulting module path: PhotosApp.exe2Report Id: PhotosApp.exe3Faulting package full name: PhotosApp.exe4Faulting package-relative application ID: PhotosApp.exe5 System errors:=============Error: (12/18/2014 02:05:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: %%2 Error: (12/18/2014 02:05:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The YouTube Downloader Services (P2) service failed to start due to the following error: %%2 Error: (12/18/2014 02:05:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Apple Mobile Device service failed to start due to the following error: %%2 Error: (12/18/2014 02:04:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: %%1069 Error: (12/18/2014 02:04:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1069 Error: (12/18/2014 02:04:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (12/18/2014 02:04:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1069 Error: (12/18/2014 02:04:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (12/18/2014 02:04:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Windows Virtual Network (WVN3) service terminated unexpectedly. It has done this 1 time(s). Error: (12/18/2014 02:04:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The Virtual Disk service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Microsoft Office Sessions:=========================Error: (12/18/2014 02:10:27 PM) (Source: Steam Client Service) (EventID: 1) (User: )Description: Failed to poke open firewall Error: (12/18/2014 01:21:34 PM) (Source: Steam Client Service) (EventID: 1) (User: )Description: Failed to poke open firewall Error: (12/18/2014 03:41:28 AM) (Source: SideBySide) (EventID: 35) (User: )Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1 Error: (12/18/2014 03:35:47 AM) (Source: SideBySide) (EventID: 35) (User: )Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1 Error: (12/16/2014 04:49:03 AM) (Source: SideBySide) (EventID: 35) (User: )Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1 Error: (12/15/2014 09:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )Description: HauppaugeCapture.exe1.0.0.052af907dKERNELBASE.dll6.3.9600.1727853eeb4600eedfade00012f7132001d017dd6bd5447bC:\Program Files (x86)\Hauppauge\Capture\HauppaugeCapture.exeC:\Windows\SYSTEM32\KERNELBASE.dll63b724a5-84de-11e4-82bd-60a44cec143f Error: (12/15/2014 09:45:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: HauppaugeCapture.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: exception code eedfade, exception address 77462F71 Error: (12/15/2014 06:33:29 PM) (Source: Application Error) (EventID: 1000) (User: )Description: PhotosApp.exe6.3.9600.17122537192fetwinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac8ec01d018c711882f0aC:\Windows\FileManager\PhotosApp.exeC:\Windows\System32\twinapi.appcore.dll8936d9e0-84c3-11e4-82bd-60a44cec143fFileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager Error: (12/15/2014 05:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )Description: PhotosApp.exe6.3.9600.17122537192feWindows.UI.Xaml.dll6.3.9600.1723853d0d45cc000027b000000000084a6f2eb401d018c6b8b5d1bfC:\Windows\FileManager\PhotosApp.exeC:\Windows\System32\Windows.UI.Xaml.dll06de6c88-84ba-11e4-82bd-60a44cec143fFileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager Error: (12/15/2014 05:24:49 PM) (Source: Application Error) (EventID: 1000) (User: )Description: PhotosApp.exe6.3.9600.17122537192feWindows.UI.Xaml.dll6.3.9600.1723853d0d45cc000027b000000000084a6f2b0001d018c6ab8b1bb3C:\Windows\FileManager\PhotosApp.exeC:\Windows\System32\Windows.UI.Xaml.dllf199c327-84b9-11e4-82bd-60a44cec143fFileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager CodeIntegrity Errors:=================================== Date: 2014-11-22 04:24:17.342 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:17.280 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:17.201 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:17.108 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:17.045 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:16.967 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:16.764 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:16.701 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:16.623 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-22 04:24:11.995 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i5-3570K CPU @ 3.40GHzPercentage of memory in use: 40%Total physical RAM: 8144.13 MBAvailable physical RAM: 4874.21 MBTotal Pagefile: 15824.13 MBAvailable Pagefile: 13172.22 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.17 GB) (Free:339.73 GB) NTFSDrive d: (CD-HDPVR2-V1.6-A) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CF1EC154)Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  7. please help me proxy keep changing to manual with 127.0.0.1:8080 i go to safe mode and change registry values and its gone but after i restart windows it change back to manual with 127.0.0.1:8080 i have done a full scan with malwarebytes and nothing found scan with anti-Virus nothing found tried to fix windows no fix please help meeeeee !
  8. Hi there. Occasionally MBAE will throw a false positive when starting the JAP/JonDo proxy. As said, I'm using MBAE 1.05.1.1014, and I'm using JAP/JonDo 00.19.001. This is the URL for the JAP/JonDo project. http://anon.inf.tu-dresden.de/index_en.html I'm using Java Version 7, update 71, (build 1.7.0_71-b14), on Windows 7 64 bit professoinal. This was happening occasionally with MBAE 1.04, but it's still happening with the newest version. Not every time, maybe 15% of the time I start JAP.
  9. I've been searching the internet for a solution to my proxy settings issue to no avail. I know it's not an uncommon issue, and the support for this topic is not lacking, but everything I've done hasn't fixed it. Looking for some help here, thanks.
  10. Hello, Recently I downloaded an incorrect file by mistake and now I am receiving a proxy server error for all my web browsers. I have tried resets of the browsers, run virus scans, run malwarebytes (which detected some bad files) however now I am out of ideas. I know there are no issues with the Internet as other devices are connecting with no issues. I believe it is a similar issue to this: https://forums.malwarebytes.org/index.php?/topic/157663-proxy-server-error-due-virus/ Please help! Many thanks, Tim
  11. Hi, I got a virus on my company. It is so far effecting internet browsers. Whenever I go onto IE or Chrome when I click on something it will open in another window full of junk adv- serve.bannersdontwork.com and others. I have check if any programs been installed and nothing as far as i can see. Used Malwarebytes(premium) , hitmanpro 3, ads cleaner, Ccleaner and others and each time it comes back with Proxy server 127.0.0.1:9880 Tried to let the programmes fix it and it will just keep changing back to Use Proxy Server for LAN in the internet settings. Also tried to reset the browsers settings and even going into deleting the Proxy server 127.0.0.1:9880 manually in reg. (HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings) etcetc but it will just refresh and come straight back... I really don't know what to do.. anyone can help would really be appreciated.
  12. (Preface: I am not, in any way, shape, or form, 'computer literate'. Do keep this in mind, for I might say some things that don't make much sense. My sincere apologies in advance!) Hello all, I've been having some severe issues these last two weeks, and I've decided to attempt seeking some help. For some time, I've run Malwarebytes and have been trying to get rid of a threat it calls "PUP.Optional.Spigot". Whenever I quarantined it, I thought it would go away, but it would just come right back. It says it has spotted the PUP on a variety of random programs and paths. I don't know what these do, but they are worrisome to me and I want to get rid of them. In addition, there's also a secondary problem, but I don't know if it's appropriate for me to seek help here on this forum on this matter (but, if someone's willing to lend me a hand on it, then I'd be most appreciative). As of late, this being within the window of a few days, I've been trying to get on my browser to surf the web (primarily Firefox). However, it kept saying something of being "unable to connect to the proxy server". I thought this weird, so I turned off proxy servers and then it worked fine. However, the proxy server setting then suddenly turned back on moments later. I tried running the proxy server window as an Admin, and it still did nothing. I then decided to use Chrome, and it worked for a while. But, now, it also causes issues from time to time. Moreover, my internet has slowed down noticeably, and I cannot install or update games on Steam (the error on Steam reads: "content servers unreachable"). I looked up this issue regarding Steam, and they also pointed to deactiviting my proxy settings. Again, same result: I deactivated the proxy server setting, it turned back on, no downloads. What's most worrisome above all this is that in perfect unison in this last month (starting in late October), my internet data usage has spiked tremendously. I have Comcast, and their data usage gauge reads that I've gone from an average 170 - 190 Gigabytes of data usage to roughly 250 to 300 Gigabytes (300 being my cap). This is unforseen, for my practices have not changed since we got Comcast as our internet provider. I've turned off our wireless and chaged the passwords, to see if someone was using up our data. As you can see, I have a variety of issues, and some might not pertain to this forum. I apologize for that, but I am desperate in seeking help over this issue. It's affecting me and my family on a monetary level at this point, and I can no longer truly enjoy using my computer for both school (univerisity student) and pleasure (gaming, web surfing, etc.). If I have been to vague, then please ask whatever you must in order to help clarify the issue. Beyond that, I appreciate any and all assistance. I may be mistaken, but some of these issues may be interconnected, so I thought it best to mention them all. Malwarescan.txt Detailedlog.txt
  13. Hi I found your site by this thread https://forums.malwarebytes.org/index.php?/topic/134869-redirects-and-proxy-server-not-found/ I am trying to repair a friends computer and they had many problems and this one is the biggest so far that haven't be able to conquer. the proxy error is 127.0.0.1:49169 I have cleaned up all of the spyware, junk, removed files, hopefully successfully removed the driver performer threat that was downloaded. but now i am not able to conquer this one and need your help. I downloaded and scanned the roguekiller 32 bit and this is the report. Please help RogueKiller V10.0.5.0 [Nov 11 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : user [Administrator] Mode : Scan -- Date : 11/11/2014 13:07:34 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 20 ¤¤¤ [PUP] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} -> Found [PUP] HKEY_CLASSES_ROOT\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} -> Found [PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} -> Found [suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | snp2uvc : C:\Windows\vsnp2uvc.exe -> Found [PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CltMngSvc (C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe) -> Found [PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CltMngSvc (C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe) -> Found [PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\CltMngSvc (C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe) -> Found [PUM.Proxy] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found [PUM.Proxy] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49169;https=127.0.0.1:49169 -> Found [PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{073E698D-3D8B-435F-B169-267847DFD891} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)] -> Found [PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7CD6D6E7-87E5-48F4-B82B-1DC53BB0D34D} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)] -> Found [PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{073E698D-3D8B-435F-B169-267847DFD891} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)] -> Found [PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7CD6D6E7-87E5-48F4-B82B-1DC53BB0D34D} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)] -> Found [PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{073E698D-3D8B-435F-B169-267847DFD891} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)] -> Found [PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7CD6D6E7-87E5-48F4-B82B-1DC53BB0D34D} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)] -> Found [PUM.StartMenu] HKEY_USERS\S-1-5-21-3091518469-1345478979-959343681-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2 -> Found [PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3091518469-1345478979-959343681-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Found [PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found [PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found [PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3091518469-1345478979-959343681-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD1600BEVT-22ZCT0 +++++ --- User --- [MBR] f5bfffae8366345e0e2d27f36b56ffe5 [bSP] bd21da049e19e2309e613595902b038e : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 152525 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! ([32] The request is not supported. ) Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive2: SanDisk Cruzer USB Device +++++ --- User --- [MBR] a124dc1f32b91ceacb765c7a5ad6ec2e [bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 15266 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. )
  14. Hello I'm trying to remove a nasty infection having to do with Windows 7 x32. Every time i uncheck the proxy settings under IE they just get reenabled after 30 sec. Please advise on what to do. I have ran malwarebytes, pitman pro etc.. they all find the entry for the proxy but cannot permanently resolve the issue. Thanks, Lucas
  15. Hi all, first post here. I recently downloaded something that has infected my computer. When I downloaded the file, my internet continued working for a short time before I started noticing random hyperlinks embedded into the page. Now none of my browsers will connect to the internet, all saying that they cannot connect to the proxy server. I did some Googling and a lot of people have had this same virus, but I cannot seem to get it off my computer. I've ran Malwarebytes, AVG, CCleaner, Adwcleaner, JRT, Wise Registry Cleaner, and RogueKiller, and it's still there. Initially scans with Malwarebytes and AVG brought up a whole bunch of infected files that I deleted, but after several restarts, scans with them now return nothing. Also, when I go into my Chrome settings and try to turn my proxy settings to off, I uncheck the box but it automatically resets to using a proxy. Help!
  16. Hello, Run into an issue. Found a virus on a windows 7 x64 machine and started to use Malwarebytes, HitmanPro (can't get license to work) M$ Essentials, and RougeKiller. Before removing anything we know the PC had a virus, but now after cleaning, I get an error that we can not surf the internet. IE states: The proxy server isn't responding Check your proxy settings 127.0.0.1:8800.Go to Tools > Internet Options > Connections. If you are on a LAN, click “LAN settings”. Make sure your firewall settings aren’t blocking your web access. Ask your system administrator for help.Make sure your firewall settings aren’t blocking your web access.Ask your system administrator for help. I have run a JRT and FRST and attached the logs. Thx in advance JRT.txt FRST.txt
  17. Every time I try to go online, I encounter the message "unable to connect to proxy server". This is with any search browser. The issue started occurring after I installed what I thought was a free game which also installed a whole bunch of other programs. I have uninstalled all of them butt it still won't let me go online. I have tried to uncheck the box in LAN settings to disable the use of a proxy server, but it automatically rechecks itself. I'm assuming this is a virus and I don't know how to remove it. I have watched numerous videos and done numerous things to try and resolve this issue, so I hope I haven't ruined anything beyond repair... I have seen others with the same issue, so I resorted to asking for help on this because other people have had success. Any help would be appreciated! I have attached the Farbrar files below FRST.txt Addition.txt
  18. Every time I try to go online, I encounter the message "unable to connect to proxy server". This is with any search browser. The issue started occurring after I installed what I thought was a free game which also installed a whole bunch of other programs. I have uninstalled all of them butt it still won't let me go online. I have tried to uncheck the box in LAN settings to disable the use of a proxy server, but it automatically rechecks itself. I'm assuming this is a virus and I don't know how to remove it. I have watched numerous videos and done numerous things to try and resolve this issue. I have seen others with the same issue, so I resorted to asking for help on this because other people have had success. Any help would be appreciated!
  19. Computer: Dell XPS 15 Base Operating System: Windows 8.1 (64) I'm setting up a brand new Dell computer. One of the first things I always do is download Google Chrome. The second thing I always do is install Malwarebytes. Once I had these two items installed, I began installing other software. Almost immediately I had issues with Malwarebytes detecting something. I ran a full scan, deleted what was in quarantine, ran another scan. Immediately I was unable to connect to the internet. I used another computer to research and it returned a possible problem in a Chrome extension, so I uninstalled Chrome. That did not help. Now this computer will not get on the internet due to an error "The proxy server isn't responding" with the setting of 127.0.0.1:8800 I know from past experience that I can go through all the removal steps here, but I'm wondering if it wouldn't be better and faster to just reformat the machine. There's nothing on it except what it came with. Now, I've never done that before so I may not know what I'm talking about. The machine cannot get on the internet so I'm unable to use it to post logs or run anything that I have to download from the machine itself.
  20. When I go into my Internet Options and into the LAN settings, if I ever wanted to change the proxy settings, they would always reset to what it was before, with the port at 80 and <-loopback> in the exceptions. Wasn't able to fix the problem with malwarebytes. What steps would I need to take for me to have the ability to change the proxy settings freely again?
  21. apologies...posted this in the wrong forum initially Hi and thanks for your help/time in advance. I have a Win7 SP1 64bitOS laptop that I cannot seem to clean. I have thrown everything at it (see below) and it continues to revert back to a proxy setting 127.0.0.1:5050. Just logging off and back triggers it, not necessary to restart. Unchecking the "Use a Proxy server..." grays the address and port box out but the apply button below the "Lan settings" button on the main page is not available Some of the things I've already tried and have logs for most Rkill TDSSKiller RogueKillerx64 adwccleaner3.306 JRT Malwarebytes emsisoft emergency kit tweaking.com windows repair Advance System Care 7.1 ComboFix also FRST64 but I am unsure how to do anything but look at the log. Rkill1st.txt mbam-log-2014-09-15 (12-36-17).xml Rkill.txt a2scan_140915-131023.txt FRST.txt Addition.txt JRT.txt protection-log-2014-09-15.xml ComboFix.txt
  22. Hi and thanks for your help/time in advance. I have a Win7 SP1 64bitOS laptop that I cannot seem to clean. I have thrown everything at it (see below) and it continues to revert back to a proxy setting 127.0.0.1:5050. Just logging off and back triggers it, not necessary to restart. Unchecking the "Use a Proxy server..." grays the address and port box out but the apply button below the "Lan settings" button on the main page is not available Some of the things I've already tried and have logs for most Rkill TDSSKiller RogueKillerx64 adwccleaner3.306 JRT Malwarebytes emsisoft emergency kit tweaking.com windows repair Advance System Care 7.1 ComboFix also FRST64 but I am unsure how to do anything but look at the log. Rkill1st.txt a2scan_140915-131023.txt FRST.txt Addition.txt JRT.txt ComboFix.txt mbam-log-2014-09-15 (12-36-17).xml protection-log-2014-09-15.xml
  23. Hi there, Hoping someone can provide some guidance to rid my system of this malware once and for all I've tried several tools but malwarebytes is the only that even seems to detect this. It does remove it but its back within a day or so. I look forward to working with an expert on the permenant removal! Detection : PUM.BAD.PROXY Thanks Bryan
  24. Proxy server settings have been self activating in Windows 8. Here is a copy of my Malwarebytes log Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/16/2014Scan Time: 9:35:42 AMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.16.04Rootkit Database: v2014.07.14.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Scott Scan Type: Threat ScanResult: CompletedObjects Scanned: 398064Time Elapsed: 24 min, 22 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 1PUP.Optional.RocketTab.A, C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe, 6036, , [22124c54f88381b55aa54108837d26da] Modules: 0(No malicious items detected) Registry Keys: 17PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [dd572a76fb8079bd7b7de172e022bc44], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [dd572a76fb8079bd7b7de172e022bc44], PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browsersafeguard, , [1e16821e9fdc33038d62f0101fe57d83], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [fb39dac6106bd95d460f01e62bd747b9], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [da5a613f205bc96d4c26e4dc9d65966a], PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, , [e54fb4ecd2a9d660b3db4ac6a65e1be5], PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, , [ce66643c96e5b1854fa2b84852b21ae6], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [e84caaf65b20c670a8adf8ef23dff60a], PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD, , [8da7f2ae55261224672923ed9e664db3], PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowsersafeguardInstalled, , [c56f1987cfac3df9bf9605bcc1417a86], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [250f1a86c1ba55e14f05e502986a2ad6], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [dd57633db6c54beb9444f0f4a65c38c8], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [d95bbce4ccaf2f075487e218e91a3ec2], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [64d0f4ac5a21a0961d56d9e728dab050], Registry Values: 7PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserSafeguard, "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe", , [22124c54f88381b55aa54108837d26da]PUP.Optional.NextLive.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Scott\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, , [062e7030ff7c122410fcd686c041b24e]PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [da5a613f205bc96d4c26e4dc9d65966a]PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, downloadinfo|1_di_pi_g_s_us_win8pt1_ch_0_0000-0001, , [ce66643c96e5b1854fa2b84852b21ae6]PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD|DisplayName, hlnfd, , [8da7f2ae55261224672923ed9e664db3]PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, , [d95bbce4ccaf2f075487e218e91a3ec2]PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [64d0f4ac5a21a0961d56d9e728dab050] Registry Data: 4PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, "http://www.youtube.com/watch?v=oT5HHEef4Qs&feature=player_detailpage#t=23s", "http://www.google.com/", "http://search.iminent.com/?appId=151E8644-A051-4000-B08E-F9273E7BF3C9", "http://isearch.fantastigames.com/465", "http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzuzzzzyDtC0F0ByC0A0C0DtB0E0C0Ezz0EtN0D0Tzu0SyByEyBtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=954820702&ir=", "http://wnyw-ipc/" ],), ,[e252a8f81863e45215e0b31fbc48ee12] Physical Sectors: 0(No malicious items detected) (end)
  25. Hi there! I've been desperately trying to solve this problem with various Anti-virus software scans and resetting my browser settings to default, but nothing seems to work: Proxy server keeps ticking itself in the box at LAN settings. I am running Windows 7 Ultimate 64-bit version. I have used HitManPro3, it detects the Proxy server problem, but doesn't entirely fixes it. I have attached the log. Every time I scan - it appears again even when it showed as repaired. With Malwarebyts Anti-Malware it has detected PUP.Optional. files, but doesn't fix the problem too. Log is attached. SuperAntiSpywareProfessional also didn't help - and doesn't detect the problems. Please help! /Vadim HitmanPro_20140604_1302.log Malwarebyts Scan.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.