Stubborn Adware (trovi and search safer)

[CorvidMoon]

Greetings all,

 

A couple of weeks ago I accidently downloaded adware when I was re-installing programs after replacing my hard drive.  I ran adw cleaner (several times) and malwarebytes (even more times) they both will come up with infections with Trovi and Search Safer PUP's and I quaranine and delete them.  But when I run Malwarebytes immediately afterwards it comes up with more infections, and again after that, ect.  I think I've run malwarebytes five times in succession and didn't get a clear report a single time.

 

I have followed the self-help guides, deleting the programs from the control panel, and manually changing my browser home pages to no avail.

 

Thanks for your help!

 

Here is Frst.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Atani (administrator) on MONKEYGIRLS_PC on 05-06-2014 23:24:18
Running from C:\Users\melissa\Downloads
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\pcreg\pcreg.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
(Akamai Technologies, Inc.) C:\Users\melissa\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\melissa\AppData\Local\Akamai\netsession_win.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [sRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [iJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [124256 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\Run: [Akamai NetSession Interface] => C:\Users\melissa\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\MountPoints2: {55ce8513-e30d-11e3-be71-806e6f6e6963} - "D:\Autorun.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
SearchScopes: HKLM - DefaultScope {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: www.mail.yahoo.com
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\melissa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=", "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-24]
CHR Extension: (Google Drive) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-24]
CHR Extension: (Google Search) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-24]
CHR Extension: (Google Wallet) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-24]
CHR Extension: (Gmail) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-24]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
S2 SAWFP; \??\C:\windows\system32\Drivers\SAWFP64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-05 23:24 - 2014-06-05 23:24 - 00013826 _____ () C:\Users\melissa\Downloads\FRST.txt
2014-06-05 23:23 - 2014-06-05 23:24 - 00000000 ____D () C:\FRST
2014-06-05 23:23 - 2014-06-05 23:23 - 02068992 _____ (Farbar) C:\Users\melissa\Downloads\FRST64.exe
2014-06-05 22:51 - 2014-06-05 22:51 - 00000117 _____ () C:\windows\system32\netcfg-27171.txt
2014-06-05 22:50 - 2014-06-05 22:50 - 00000117 _____ () C:\windows\system32\netcfg-263287250.txt
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593812.txt
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593156.txt
2014-06-05 13:17 - 2014-06-05 13:17 - 00002260 _____ () C:\Users\Public\Desktop\The Sims™ 3 Master Suite Stuff.lnk
2014-06-05 12:36 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2014-06-05 12:36 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266875.txt
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266593.txt
2014-06-04 22:20 - 2014-06-04 22:20 - 00002185 _____ () C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\Users\melissa\Documents\RCT3
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2014-06-04 22:17 - 2014-06-04 22:17 - 00000000 ____D () C:\Program Files (x86)\Atari
2014-06-04 17:55 - 2014-06-04 17:55 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Leadertech
2014-06-04 17:25 - 2014-06-04 17:25 - 00000117 _____ () C:\windows\system32\netcfg-157379125.txt
2014-06-04 17:24 - 2014-06-04 17:24 - 00000117 _____ () C:\windows\system32\netcfg-157324140.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420953.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420921.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483546.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483234.txt
2014-06-03 23:41 - 2014-06-03 23:41 - 00002170 _____ () C:\Users\Public\Desktop\The Sims™ 3 Showtime.lnk
2014-06-03 23:40 - 2014-06-03 23:40 - 00002134 _____ () C:\Users\Public\Desktop\The Sims™ 3 Pets.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002360 _____ () C:\Users\Public\Desktop\The Sims™ 3 World Adventures.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002206 _____ () C:\Users\Public\Desktop\The Sims™ 3 Supernatural.lnk
2014-06-03 23:37 - 2014-06-03 23:37 - 00002324 _____ () C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2014-06-03 23:36 - 2014-06-03 23:36 - 00002198 _____ () C:\Users\Public\Desktop\The Sims™ 3 Generations.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002278 _____ () C:\Users\Public\Desktop\The Sims™ 3 Outdoor Living Stuff.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002180 _____ () C:\Users\Public\Desktop\The Sims™ 3 Ambitions.lnk
2014-06-03 23:26 - 2014-06-03 23:26 - 00002270 _____ () C:\Users\Public\Desktop\The Sims™ 3 70s, 80s, & 90s Stuff.lnk
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080531.txt
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080078.txt
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\Users\melissa\Documents\Electronic Arts
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\ProgramData\EA Core
2014-06-02 21:42 - 2014-06-02 21:42 - 00000117 _____ () C:\windows\system32\netcfg-17312.txt
2014-06-02 21:41 - 2014-06-02 21:41 - 00000117 _____ () C:\windows\system32\netcfg-84370031.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23724984.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23723750.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-73787921.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-17406.txt
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544468.txt
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544437.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633796.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633640.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-3218000.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-17609.txt
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-3349578.txt
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-17078.txt
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-24281.txt
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-194485515.txt
2014-05-31 23:13 - 2014-05-31 23:13 - 00001127 _____ () C:\Users\melissa\Desktop\JRT.txt
2014-05-31 23:10 - 2014-05-31 23:10 - 00000000 ____D () C:\windows\ERUNT
2014-05-31 23:09 - 2014-05-31 23:09 - 01016261 _____ (Thisisu) C:\Users\melissa\Downloads\JRT.exe
2014-05-31 23:08 - 2014-05-31 23:09 - 10971424 _____ (SurfRight B.V.) C:\Users\melissa\Downloads\HitmanPro_x64.exe
2014-05-31 23:00 - 2014-05-31 23:01 - 00001986 _____ () C:\Users\melissa\Desktop\Rkill.txt
2014-05-31 22:59 - 2014-05-31 22:59 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\melissa\Downloads\iExplore.exe
2014-05-31 22:57 - 2014-05-31 22:57 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\melissa\Downloads\tdsskiller.exe
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414562.txt
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414234.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520656.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520625.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033500.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033218.txt
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\FitbitConnect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424843.txt
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424812.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-85433187.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-17546.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894937.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894812.txt
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093093.txt
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093000.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135859.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135828.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-423484.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-21796.txt
2014-05-26 23:11 - 2014-05-26 23:11 - 00000117 _____ () C:\windows\system32\netcfg-19859.txt
2014-05-26 23:10 - 2014-05-26 23:10 - 00000117 _____ () C:\windows\system32\netcfg-561843.txt
2014-05-26 23:07 - 2014-05-26 23:07 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211(1).exe
2014-05-26 22:11 - 2014-05-26 22:11 - 00003514 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MonkeyGirls_PC-Atani
2014-05-26 20:40 - 2014-05-26 20:41 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-26 20:40 - 2014-05-26 20:40 - 00001984 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2014-05-26 20:40 - 2012-08-30 11:18 - 00252416 _____ (CANON INC.) C:\windows\system32\CNMN6PPM.DLL
2014-05-26 20:40 - 2012-08-30 11:18 - 00152064 _____ (CANON INC.) C:\windows\system32\CNMN6UI.DLL
2014-05-26 20:40 - 2012-08-30 11:15 - 00366080 _____ (CANON INC.) C:\windows\SysWOW64\CNMNPPM.DLL
2014-05-26 20:40 - 2009-12-11 13:19 - 01354240 _____ (CANON INC.) C:\windows\system32\CNC620C.DLL
2014-05-26 20:40 - 2009-12-11 13:19 - 00092672 _____ (CANON INC.) C:\windows\system32\CNC620I.DLL
2014-05-26 20:40 - 2009-11-30 16:40 - 00293888 _____ (CANON INC.) C:\windows\system32\CNC620L.DLL
2014-05-26 20:40 - 2008-10-09 05:00 - 00279040 _____ (CANON INC.) C:\windows\system32\CNMLM9D.DLL
2014-05-26 20:40 - 2007-03-20 00:14 - 00117850 _____ () C:\windows\system32\Cnmnput.chm
2014-05-26 20:40 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\windows\system32\CNC620O.DLL
2014-05-26 20:38 - 2014-05-26 20:39 - 20536464 _____ () C:\Users\melissa\Downloads\md6l-win-mp620-1_05-en.exe
2014-05-26 20:37 - 2014-05-26 20:37 - 00000117 _____ () C:\windows\system32\netcfg-76260546.txt
2014-05-26 20:35 - 2014-05-26 20:35 - 00000117 _____ () C:\windows\system32\netcfg-76124656.txt
2014-05-26 20:28 - 2014-05-26 20:28 - 00000117 _____ () C:\windows\system32\netcfg-75728093.txt
2014-05-26 20:27 - 2014-05-26 20:27 - 00000117 _____ () C:\windows\system32\netcfg-75690640.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25642140.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25641687.txt
2014-05-26 00:06 - 2014-05-26 00:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-05-26 00:06 - 2014-05-26 00:05 - 00447752 _____ (On2.com) C:\windows\SysWOW64\vp6vfw.dll
2014-05-26 00:05 - 2014-05-26 00:05 - 00002064 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk
2014-05-26 00:05 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2014-05-26 00:05 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2014-05-25 23:29 - 2014-05-25 23:29 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-18968.txt
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-13005984.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-20000.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-1223281.txt
2014-05-25 19:29 - 2014-05-25 19:29 - 00000117 _____ () C:\windows\system32\netcfg-28531.txt
2014-05-25 19:28 - 2014-05-25 19:28 - 00000117 _____ () C:\windows\system32\netcfg-72927390.txt
2014-05-25 19:26 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-25 19:25 - 2014-05-25 19:26 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211.exe
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934484.txt
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934390.txt
2014-05-24 23:15 - 2014-05-24 23:15 - 01326389 _____ () C:\Users\melissa\Downloads\adwcleaner_3.210(1).exe
2014-05-24 23:13 - 2014-05-24 23:13 - 00000117 _____ () C:\windows\system32\netcfg-33968.txt
2014-05-24 23:12 - 2014-05-24 23:12 - 00000117 _____ () C:\windows\system32\netcfg-1809937.txt
2014-05-24 23:10 - 2014-05-26 23:10 - 00000000 ____D () C:\AdwCleaner
2014-05-24 22:43 - 2014-05-25 23:29 - 00000000 ____D () C:\Users\melissa\AppData\Local\Adobe
2014-05-24 22:43 - 2014-05-24 22:43 - 00000117 _____ () C:\windows\system32\netcfg-50281.txt
2014-05-24 22:42 - 2014-05-24 22:42 - 00000117 _____ () C:\windows\system32\netcfg-9947515.txt
2014-05-24 20:29 - 2014-06-05 21:45 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 20:29 - 2014-05-24 21:49 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-24 20:29 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\windows\system32\Drivers\GEARAspiWDM.sys
2014-05-24 20:28 - 2014-05-24 20:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-24 20:28 - 2014-05-24 20:28 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iPod
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-05-24 20:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-24 20:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-24 20:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-24 20:19 - 2014-05-24 20:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-24 20:17 - 2014-05-24 20:17 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk
2014-05-24 20:17 - 2014-05-24 20:17 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2014-05-24 20:17 - 2012-08-10 03:01 - 00056336 ____N (Corel Corporation) C:\windows\system32\Drivers\PxHlpa64.sys
2014-05-24 20:17 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\windows\system32\Drivers\cdralw2k.sys
2014-05-24 20:17 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\windows\system32\Drivers\cdr4_xp.sys
2014-05-24 20:16 - 2014-05-24 20:16 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-24 20:16 - 2014-05-24 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 20:15 - 2014-05-24 20:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\melissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 20:14 - 2014-05-24 20:16 - 00000000 ____D () C:\Users\melissa\Desktop\Adobe Photoshop Elements 11
2014-05-24 20:13 - 2014-05-24 20:13 - 01270024 _____ (Adobe Systems Incorporated) C:\Users\melissa\Desktop\PhotoshopElements_11_LS15.exe
2014-05-24 20:01 - 2014-06-05 23:10 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 20:01 - 2014-06-05 23:06 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 20:01 - 2014-05-24 20:18 - 112635728 _____ (Apple Inc.) C:\Users\melissa\Downloads\iTunes64Setup.exe
2014-05-24 20:01 - 2014-05-24 20:01 - 00003902 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-24 20:01 - 2014-05-24 20:01 - 00003666 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Deployment
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apps\2.0
2014-05-24 19:57 - 2014-05-24 19:57 - 00000117 _____ () C:\windows\system32\netcfg-52140.txt
2014-05-24 19:56 - 2014-05-24 19:56 - 00000117 _____ () C:\windows\system32\netcfg-73335937.txt
2014-05-24 19:51 - 2014-01-19 02:33 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-05-24 19:48 - 2014-05-24 19:48 - 00000000 ____D () C:\Users\melissa\Desktop\Necropsy reports
2014-05-24 19:47 - 2014-05-24 19:48 - 00001589 _____ () C:\Users\melissa\Desktop\MHTML Converter.lnk
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MHTML Converter
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\Program Files (x86)\MHTML Converter
2014-05-24 19:46 - 2014-05-26 23:04 - 00000000 ____D () C:\temp
2014-05-24 19:45 - 2014-05-24 19:45 - 00197893 _____ (Daniel Pedigo) C:\Users\melissa\Downloads\MHTML-Converter-Setup.exe
2014-05-24 19:43 - 2014-06-05 22:52 - 00000000 ____D () C:\Program Files\pcreg
2014-05-24 19:43 - 2014-05-24 19:43 - 00003706 _____ () C:\windows\System32\Tasks\pcreg
2014-05-24 19:41 - 2014-06-04 00:13 - 00000000 ____D () C:\Users\melissa\AppData\Local\CrashDumps
2014-05-24 19:19 - 2014-05-24 19:19 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Unity
2014-05-24 19:13 - 2014-05-24 19:13 - 00000000 ____D () C:\Users\melissa\AppData\Local\Unity
2014-05-24 19:06 - 2014-05-24 19:07 - 01070624 _____ (Unity Technologies ApS) C:\Users\melissa\Downloads\UnityWebPlayer.exe
2014-05-24 18:48 - 2014-05-24 18:48 - 00000000 ____D () C:\Users\melissa\AppData\Local\Macromedia
2014-05-24 18:46 - 2014-05-24 18:46 - 00000117 _____ () C:\windows\system32\netcfg-69147265.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00001139 _____ () C:\windows\system32\netcfg-68848234.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00000117 _____ () C:\windows\system32\netcfg-68848562.txt
2014-05-24 18:33 - 2014-05-24 18:33 - 00002258 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-05-24 18:33 - 2014-05-24 18:33 - 00000000 ___RD () C:\Users\melissa\OneDrive
2014-05-24 18:24 - 2014-05-24 20:16 - 00000000 ____D () C:\Users\melissa\AppData\Local\Google
2014-05-24 18:24 - 2014-05-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-24 18:24 - 2014-05-24 18:24 - 00918672 _____ (Google Inc.) C:\Users\melissa\Downloads\ChromeSetup.exe
2014-05-24 18:15 - 2014-05-24 18:20 - 06318888 _____ (Fitbit Inc.) C:\Users\melissa\Downloads\FitbitConnect_Win_2014110_1.0.1.5127.exe
2014-05-24 18:10 - 2014-05-24 18:10 - 00000000 ____D () C:\Users\melissa\AppData\Local\Akamai
2014-05-24 18:09 - 2014-05-24 18:10 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\melissa\Downloads\Akamai_NetSession_Installer.exe
2014-05-24 17:58 - 2014-06-05 12:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537125.txt
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537093.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199906.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199890.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-197687.txt
2014-05-24 01:35 - 2014-05-24 01:35 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-24 00:19 - 2014-05-24 17:58 - 00000000 ____D () C:\Users\melissa\AppData\Local\Origin
2014-05-24 00:15 - 2014-05-24 00:15 - 00000013 __RSH () C:\windows\system32\Drivers\fbd.sys
2014-05-24 00:13 - 2014-05-24 17:58 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Origin
2014-05-24 00:07 - 2014-05-24 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-24 00:01 - 2014-05-24 00:01 - 01382640 _____ () C:\windowsNIRMALA.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 01334012 _____ () C:\windowsNIRMALAB.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-24 00:00 - 2014-05-24 00:00 - 00981688 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\Setup.X86.en-US_HomeStudentRetail_1cf57e07-b3a8-47ca-8e82-d9ff12316fe9_TX_PR_.exe
2014-05-23 23:52 - 2014-05-24 23:48 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2499009611-3246832664-3161368672-1001
2014-05-23 23:52 - 2014-05-23 23:53 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Mozilla
2014-05-23 23:52 - 2014-05-23 23:53 - 00000000 ____D () C:\Users\melissa\AppData\Local\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 23:48 - 2014-05-23 23:48 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Macromedia
2014-05-23 23:45 - 2014-05-28 18:13 - 00000000 ____D () C:\Users\melissa\AppData\Local\TOSHIBA
2014-05-23 23:45 - 2014-05-25 23:29 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Adobe
2014-05-23 23:45 - 2014-05-23 23:45 - 00001445 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\WinBatch
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Local\SRS Labs
2014-05-23 23:44 - 2014-05-23 23:44 - 00000000 ____D () C:\windows\System32\Tasks\Norton Anti-Theft
2014-05-23 23:43 - 2014-06-05 23:24 - 00000000 ____D () C:\Users\melissa\AppData\Local\Temp
2014-05-23 23:43 - 2014-06-05 23:11 - 01965600 _____ () C:\windows\WindowsUpdate.log
2014-05-23 23:43 - 2014-06-04 17:56 - 00000000 ____D () C:\Users\melissa\AppData\Local\VirtualStore
2014-05-23 23:43 - 2014-05-24 22:42 - 00000000 ____D () C:\Users\melissa
2014-05-23 23:43 - 2014-05-24 18:04 - 00000000 ____D () C:\Users\melissa\AppData\Local\Packages
2014-05-23 23:43 - 2014-05-23 23:43 - 00000020 ___SH () C:\Users\melissa\ntuser.ini
2014-05-23 23:43 - 2012-09-03 21:06 - 00002111 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-23 23:37 - 2014-05-23 23:37 - 00000117 _____ () C:\windows\system32\netcfg-203515.txt

==================== One Month Modified Files and Folders =======

2014-06-05 23:24 - 2014-06-05 23:24 - 00013826 _____ () C:\Users\melissa\Downloads\FRST.txt
2014-06-05 23:24 - 2014-06-05 23:23 - 00000000 ____D () C:\FRST
2014-06-05 23:24 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\Temp
2014-06-05 23:23 - 2014-06-05 23:23 - 02068992 _____ (Farbar) C:\Users\melissa\Downloads\FRST64.exe
2014-06-05 23:11 - 2014-05-23 23:43 - 01965600 _____ () C:\windows\WindowsUpdate.log
2014-06-05 23:10 - 2014-05-24 20:01 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 23:06 - 2014-05-24 20:01 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-05 23:00 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-05 22:55 - 2012-07-26 02:28 - 00848230 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-05 22:52 - 2014-05-24 19:43 - 00000000 ____D () C:\Program Files\pcreg
2014-06-05 22:51 - 2014-06-05 22:51 - 00000117 _____ () C:\windows\system32\netcfg-27171.txt
2014-06-05 22:51 - 2012-07-26 02:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-05 22:50 - 2014-06-05 22:50 - 00000117 _____ () C:\windows\system32\netcfg-263287250.txt
2014-06-05 22:50 - 2012-09-03 20:32 - 00879188 _____ () C:\windows\PFRO.log
2014-06-05 21:45 - 2014-05-24 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 21:33 - 2012-09-03 20:45 - 00000000 ____D () C:\Program Files (x86)\Toshiba
2014-06-05 21:33 - 2012-09-03 20:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593812.txt
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593156.txt
2014-06-05 13:17 - 2014-06-05 13:17 - 00002260 _____ () C:\Users\Public\Desktop\The Sims™ 3 Master Suite Stuff.lnk
2014-06-05 12:36 - 2012-09-03 21:06 - 00018076 _____ () C:\windows\DirectX.log
2014-06-05 12:23 - 2014-05-24 17:58 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266875.txt
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266593.txt
2014-06-04 22:20 - 2014-06-04 22:20 - 00002185 _____ () C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\Users\melissa\Documents\RCT3
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2014-06-04 22:17 - 2014-06-04 22:17 - 00000000 ____D () C:\Program Files (x86)\Atari
2014-06-04 17:56 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\VirtualStore
2014-06-04 17:55 - 2014-06-04 17:55 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Leadertech
2014-06-04 17:25 - 2014-06-04 17:25 - 00000117 _____ () C:\windows\system32\netcfg-157379125.txt
2014-06-04 17:24 - 2014-06-04 17:24 - 00000117 _____ () C:\windows\system32\netcfg-157324140.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420953.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420921.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483546.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483234.txt
2014-06-04 02:23 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-04 00:13 - 2014-05-24 19:41 - 00000000 ____D () C:\Users\melissa\AppData\Local\CrashDumps
2014-06-03 23:41 - 2014-06-03 23:41 - 00002170 _____ () C:\Users\Public\Desktop\The Sims™ 3 Showtime.lnk
2014-06-03 23:40 - 2014-06-03 23:40 - 00002134 _____ () C:\Users\Public\Desktop\The Sims™ 3 Pets.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002360 _____ () C:\Users\Public\Desktop\The Sims™ 3 World Adventures.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002206 _____ () C:\Users\Public\Desktop\The Sims™ 3 Supernatural.lnk
2014-06-03 23:37 - 2014-06-03 23:37 - 00002324 _____ () C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2014-06-03 23:36 - 2014-06-03 23:36 - 00002198 _____ () C:\Users\Public\Desktop\The Sims™ 3 Generations.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002278 _____ () C:\Users\Public\Desktop\The Sims™ 3 Outdoor Living Stuff.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002180 _____ () C:\Users\Public\Desktop\The Sims™ 3 Ambitions.lnk
2014-06-03 23:26 - 2014-06-03 23:26 - 00002270 _____ () C:\Users\Public\Desktop\The Sims™ 3 70s, 80s, & 90s Stuff.lnk
2014-06-03 23:25 - 2012-09-03 20:42 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-03 20:39 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\Web
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080531.txt
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080078.txt
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\Users\melissa\Documents\Electronic Arts
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\ProgramData\EA Core
2014-06-02 21:42 - 2014-06-02 21:42 - 00000117 _____ () C:\windows\system32\netcfg-17312.txt
2014-06-02 21:41 - 2014-06-02 21:41 - 00000117 _____ () C:\windows\system32\netcfg-84370031.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23724984.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23723750.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-73787921.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-17406.txt
2014-06-01 22:15 - 2012-07-26 03:18 - 00000000 ____D () C:\windows\DigitalLocker
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544468.txt
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544437.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633796.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633640.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-3218000.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-17609.txt
2014-06-01 01:45 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\WinStore
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-3349578.txt
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-17078.txt
2014-06-01 00:51 - 2012-09-04 13:16 - 00000000 ____D () C:\windows\Panther
2014-06-01 00:51 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-01 00:03 - 2012-09-03 20:43 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-24281.txt
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-194485515.txt
2014-05-31 23:13 - 2014-05-31 23:13 - 00001127 _____ () C:\Users\melissa\Desktop\JRT.txt
2014-05-31 23:10 - 2014-05-31 23:10 - 00000000 ____D () C:\windows\ERUNT
2014-05-31 23:09 - 2014-05-31 23:09 - 01016261 _____ (Thisisu) C:\Users\melissa\Downloads\JRT.exe
2014-05-31 23:09 - 2014-05-31 23:08 - 10971424 _____ (SurfRight B.V.) C:\Users\melissa\Downloads\HitmanPro_x64.exe
2014-05-31 23:01 - 2014-05-31 23:00 - 00001986 _____ () C:\Users\melissa\Desktop\Rkill.txt
2014-05-31 22:59 - 2014-05-31 22:59 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\melissa\Downloads\iExplore.exe
2014-05-31 22:57 - 2014-05-31 22:57 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\melissa\Downloads\tdsskiller.exe
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414562.txt
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414234.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520656.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520625.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033500.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033218.txt
2014-05-29 17:59 - 2012-07-26 02:21 - 00023581 _____ () C:\windows\setupact.log
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\FitbitConnect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2014-05-28 18:13 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Local\TOSHIBA
2014-05-28 06:24 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\Branding
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424843.txt
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424812.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-85433187.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-17546.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894937.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894812.txt
2014-05-27 05:46 - 2012-09-03 20:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093093.txt
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093000.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135859.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135828.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-423484.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-21796.txt
2014-05-26 23:11 - 2014-05-26 23:11 - 00000117 _____ () C:\windows\system32\netcfg-19859.txt
2014-05-26 23:10 - 2014-05-26 23:10 - 00000117 _____ () C:\windows\system32\netcfg-561843.txt
2014-05-26 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\AdwCleaner
2014-05-26 23:07 - 2014-05-26 23:07 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211(1).exe
2014-05-26 23:04 - 2014-05-24 19:46 - 00000000 ____D () C:\temp
2014-05-26 22:11 - 2014-05-26 22:11 - 00003514 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MonkeyGirls_PC-Atani
2014-05-26 20:41 - 2014-05-26 20:40 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-26 20:40 - 2014-05-26 20:40 - 00001984 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2014-05-26 20:40 - 2012-07-26 03:12 - 00000000 __RSD () C:\windows\Media
2014-05-26 20:39 - 2014-05-26 20:38 - 20536464 _____ () C:\Users\melissa\Downloads\md6l-win-mp620-1_05-en.exe
2014-05-26 20:37 - 2014-05-26 20:37 - 00000117 _____ () C:\windows\system32\netcfg-76260546.txt
2014-05-26 20:35 - 2014-05-26 20:35 - 00000117 _____ () C:\windows\system32\netcfg-76124656.txt
2014-05-26 20:28 - 2014-05-26 20:28 - 00000117 _____ () C:\windows\system32\netcfg-75728093.txt
2014-05-26 20:27 - 2014-05-26 20:27 - 00000117 _____ () C:\windows\system32\netcfg-75690640.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25642140.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25641687.txt
2014-05-26 00:06 - 2014-05-26 00:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-05-26 00:05 - 2014-05-26 00:06 - 00447752 _____ (On2.com) C:\windows\SysWOW64\vp6vfw.dll
2014-05-26 00:05 - 2014-05-26 00:05 - 00002064 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk
2014-05-25 23:29 - 2014-05-25 23:29 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-25 23:29 - 2014-05-24 22:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\Adobe
2014-05-25 23:29 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Adobe
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-18968.txt
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-13005984.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-20000.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-1223281.txt
2014-05-25 19:48 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\Globalization
2014-05-25 19:29 - 2014-05-25 19:29 - 00000117 _____ () C:\windows\system32\netcfg-28531.txt
2014-05-25 19:28 - 2014-05-25 19:28 - 00000117 _____ () C:\windows\system32\netcfg-72927390.txt
2014-05-25 19:26 - 2014-05-25 19:25 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211.exe
2014-05-25 07:35 - 2012-07-26 02:59 - 00000000 ____D () C:\windows\CbsTemp
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934484.txt
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934390.txt
2014-05-24 23:48 - 2014-05-23 23:52 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2499009611-3246832664-3161368672-1001
2014-05-24 23:15 - 2014-05-24 23:15 - 01326389 _____ () C:\Users\melissa\Downloads\adwcleaner_3.210(1).exe
2014-05-24 23:13 - 2014-05-24 23:13 - 00000117 _____ () C:\windows\system32\netcfg-33968.txt
2014-05-24 23:12 - 2014-05-24 23:12 - 00000117 _____ () C:\windows\system32\netcfg-1809937.txt
2014-05-24 22:50 - 2012-09-03 20:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-24 22:50 - 2012-09-03 20:49 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-05-24 22:49 - 2012-09-03 20:49 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-24 22:43 - 2014-05-24 22:43 - 00000117 _____ () C:\windows\system32\netcfg-50281.txt
2014-05-24 22:42 - 2014-05-24 22:42 - 00000117 _____ () C:\windows\system32\netcfg-9947515.txt
2014-05-24 22:42 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa
2014-05-24 22:42 - 2012-07-26 02:52 - 00000000 ____D () C:\windows\ShellNew
2014-05-24 22:42 - 2012-07-26 02:19 - 01955088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-24 21:49 - 2014-05-24 20:29 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-24 20:29 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-24 20:28 - 2014-05-24 20:28 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iPod
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-05-24 20:20 - 2014-05-24 20:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\melissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 20:19 - 2014-05-24 20:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-24 20:18 - 2014-05-24 20:01 - 112635728 _____ (Apple Inc.) C:\Users\melissa\Downloads\iTunes64Setup.exe
2014-05-24 20:18 - 2012-09-03 20:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-24 20:17 - 2014-05-24 20:17 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk
2014-05-24 20:17 - 2014-05-24 20:17 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2014-05-24 20:16 - 2014-05-24 20:16 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-24 20:16 - 2014-05-24 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 20:16 - 2014-05-24 20:14 - 00000000 ____D () C:\Users\melissa\Desktop\Adobe Photoshop Elements 11
2014-05-24 20:16 - 2014-05-24 18:24 - 00000000 ____D () C:\Users\melissa\AppData\Local\Google
2014-05-24 20:16 - 2014-05-24 18:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-24 20:13 - 2014-05-24 20:13 - 01270024 _____ (Adobe Systems Incorporated) C:\Users\melissa\Desktop\PhotoshopElements_11_LS15.exe
2014-05-24 20:01 - 2014-05-24 20:01 - 00003902 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-24 20:01 - 2014-05-24 20:01 - 00003666 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Deployment
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apps\2.0
2014-05-24 19:57 - 2014-05-24 19:57 - 00000117 _____ () C:\windows\system32\netcfg-52140.txt
2014-05-24 19:56 - 2014-05-24 19:56 - 00000117 _____ () C:\windows\system32\netcfg-73335937.txt
2014-05-24 19:56 - 2012-09-03 20:43 - 00000000 ____D () C:\ProgramData\Norton
2014-05-24 19:52 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-24 19:48 - 2014-05-24 19:48 - 00000000 ____D () C:\Users\melissa\Desktop\Necropsy reports
2014-05-24 19:48 - 2014-05-24 19:47 - 00001589 _____ () C:\Users\melissa\Desktop\MHTML Converter.lnk
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MHTML Converter
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\Program Files (x86)\MHTML Converter
2014-05-24 19:45 - 2014-05-24 19:45 - 00197893 _____ (Daniel Pedigo) C:\Users\melissa\Downloads\MHTML-Converter-Setup.exe
2014-05-24 19:43 - 2014-05-24 19:43 - 00003706 _____ () C:\windows\System32\Tasks\pcreg
2014-05-24 19:19 - 2014-05-24 19:19 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Unity
2014-05-24 19:13 - 2014-05-24 19:13 - 00000000 ____D () C:\Users\melissa\AppData\Local\Unity
2014-05-24 19:07 - 2014-05-24 19:06 - 01070624 _____ (Unity Technologies ApS) C:\Users\melissa\Downloads\UnityWebPlayer.exe
2014-05-24 18:48 - 2014-05-24 18:48 - 00000000 ____D () C:\Users\melissa\AppData\Local\Macromedia
2014-05-24 18:46 - 2014-05-24 18:46 - 00000117 _____ () C:\windows\system32\netcfg-69147265.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00001139 _____ () C:\windows\system32\netcfg-68848234.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00000117 _____ () C:\windows\system32\netcfg-68848562.txt
2014-05-24 18:33 - 2014-05-24 18:33 - 00002258 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-05-24 18:33 - 2014-05-24 18:33 - 00000000 ___RD () C:\Users\melissa\OneDrive
2014-05-24 18:32 - 2012-09-03 21:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-24 18:24 - 2014-05-24 18:24 - 00918672 _____ (Google Inc.) C:\Users\melissa\Downloads\ChromeSetup.exe
2014-05-24 18:20 - 2014-05-24 18:15 - 06318888 _____ (Fitbit Inc.) C:\Users\melissa\Downloads\FitbitConnect_Win_2014110_1.0.1.5127.exe
2014-05-24 18:10 - 2014-05-24 18:10 - 00000000 ____D () C:\Users\melissa\AppData\Local\Akamai
2014-05-24 18:10 - 2014-05-24 18:09 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\melissa\Downloads\Akamai_NetSession_Installer.exe
2014-05-24 18:04 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\Packages
2014-05-24 17:58 - 2014-05-24 00:19 - 00000000 ____D () C:\Users\melissa\AppData\Local\Origin
2014-05-24 17:58 - 2014-05-24 00:13 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Origin
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537125.txt
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537093.txt
2014-05-24 02:33 - 2012-07-26 03:13 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199906.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199890.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-197687.txt
2014-05-24 01:35 - 2014-05-24 01:35 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-24 01:35 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\rescache
2014-05-24 00:23 - 2014-05-24 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-24 00:15 - 2014-05-24 00:15 - 00000013 __RSH () C:\windows\system32\Drivers\fbd.sys
2014-05-24 00:05 - 2012-07-26 03:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-05-24 00:01 - 2014-05-24 00:01 - 01382640 _____ () C:\windowsNIRMALA.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 01334012 _____ () C:\windowsNIRMALAB.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-24 00:00 - 2014-05-24 00:00 - 00981688 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\Setup.X86.en-US_HomeStudentRetail_1cf57e07-b3a8-47ca-8e82-d9ff12316fe9_TX_PR_.exe
2014-05-23 23:53 - 2014-05-23 23:52 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Mozilla
2014-05-23 23:53 - 2014-05-23 23:52 - 00000000 ____D () C:\Users\melissa\AppData\Local\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 23:48 - 2014-05-23 23:48 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Macromedia
2014-05-23 23:46 - 2012-09-03 20:48 - 00000000 ____D () C:\ProgramData\Toshiba
2014-05-23 23:45 - 2014-05-23 23:45 - 00001445 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\WinBatch
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Local\SRS Labs
2014-05-23 23:45 - 2012-07-26 02:49 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2014-05-23 23:44 - 2014-05-23 23:44 - 00000000 ____D () C:\windows\System32\Tasks\Norton Anti-Theft
2014-05-23 23:43 - 2014-05-23 23:43 - 00000020 ___SH () C:\Users\melissa\ntuser.ini
2014-05-23 23:43 - 2012-07-26 03:12 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-05-23 23:37 - 2014-05-23 23:37 - 00000117 _____ () C:\windows\system32\netcfg-203515.txt
2014-05-12 07:26 - 2014-05-24 20:28 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 20:28 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 20:28 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\melissa\AppData\Local\Temp\D2M-Precheck.exe
C:\Users\melissa\AppData\Local\Temp\file_to_run55859.exe
C:\Users\melissa\AppData\Local\Temp\MSETUP4.EXE
C:\Users\melissa\AppData\Local\Temp\nsq9D22.tmp.exe
C:\Users\melissa\AppData\Local\Temp\Quarantine.exe
C:\Users\melissa\AppData\Local\Temp\readSTILog.dll
C:\Users\melissa\AppData\Local\Temp\speedmax_20140516.exe
C:\Users\melissa\AppData\Local\Temp\speedmax_3843.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-05 12:00

==================== End Of Log ============================

 

 

 

And here's Addition.txt

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Atani at 2014-06-05 23:24:46
Running from C:\Users\melissa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MHTML Converter (HKLM-x32\...\MHTML Converter) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4615.1002 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 8.6.3.49 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425.01 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.18.82  - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1515426F-6BF9-443F-99DC-AE679DF90CA0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {388180BE-62D6-40D0-9E9F-715E5CFF9236} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.38\SymErr.exe
Task: {4359896E-BB5A-4B8E-953F-FE39FE164FED} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.38\SymErr.exe
Task: {5A09CC35-8E01-433D-B234-B149CBA17517} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24] (Google Inc.)
Task: {5BDBD254-2055-45CF-9185-07169E610EF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
Task: {7843D078-106A-4D1B-97A8-164CA9D03672} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\windows\system32\dism.exe [2012-07-25] (Microsoft Corporation)
Task: {B80191CF-A928-4C5E-A44C-DC345BE78C3A} - System32\Tasks\AdobeAAMUpdater-1.0-MonkeyGirls_PC-Atani => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {C2B7F051-E5DF-4401-B752-C5B3C3CC820A} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {C4084AEF-6156-414F-822A-11632CAA274A} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe [2014-06-05] () <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-24 00:01 - 2013-10-31 20:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-05-24 00:01 - 2014-04-15 05:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-04-25 03:13 - 2014-04-25 03:13 - 00249024 _____ () C:\Program Files\pcreg\pcreg.exe
2014-05-24 00:24 - 2014-05-24 00:24 - 08889512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-26 02:58 - 2012-07-26 02:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-06 08:36 - 2012-08-06 08:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 21:13 - 2012-08-13 21:13 - 00018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-16 20:09 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-05-23 23:52 - 2014-05-06 21:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-24 20:16 - 2014-05-13 18:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 20:16 - 2014-05-13 18:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 20:16 - 2014-05-13 18:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 20:16 - 2014-05-13 18:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 20:16 - 2014-05-13 18:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-24 20:16 - 2014-05-13 18:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2014 11:10:49 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (06/05/2014 09:33:51 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\melissa\AppData\Local\Temp\{BAD35F2E-D6D1-40CD-B4D1-BD6F7C64F363}\Disk1\DVD_Engine_Setup\DirectX\DXSETUP.exe /silent; Description = Installed DirectX; Error = 0x80070422).

Error: (06/05/2014 09:33:46 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\melissa\AppData\Local\Temp\{BAD35F2E-D6D1-40CD-B4D1-BD6F7C64F363}\Disk1\DVD_Engine_Setup\setup.exe /s /install_tsbdvdenginefiles /3d; Description = Installed DvdEngine; Error = 0x80070422).

Error: (06/05/2014 09:33:42 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\InstallShield Installation Information\DVD_Engine_Setup\Setup.exe Files (x86)\InstallShield Installation Information\DVD_Engine_Setup\Setup.exe" /s /remove_tsbdvdenginefiles /f1"C:\Program Files (x86)\InstallShield Installation Information\DVD_Engine_Setup\setup_u.iss"; Description = Removed DvdEngine; Error = 0x80070422).

Error: (06/05/2014 08:54:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1706219

Error: (06/05/2014 08:54:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1706219

Error: (06/05/2014 08:54:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/05/2014 08:54:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1704969

Error: (06/05/2014 08:54:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1704969

Error: (06/05/2014 08:54:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/05/2014 10:51:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAWFP service failed to start due to the following error:
%%2

Error: (06/02/2014 09:42:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAWFP service failed to start due to the following error:
%%2

Error: (06/01/2014 10:15:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAWFP service failed to start due to the following error:
%%2

Error: (06/01/2014 01:45:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAWFP service failed to start due to the following error:
%%2

Error: (06/01/2014 00:51:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAWFP service failed to start due to the following error:
%%2

Error: (05/31/2014 11:55:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAWFP service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (06/05/2014 11:10:49 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (06/05/2014 09:33:51 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\melissa\AppData\Local\Temp\{BAD35F2E-D6D1-40CD-B4D1-BD6F7C64F363}\Disk1\DVD_Engine_Setup\DirectX\DXSETUP.exe /silentInstalled DirectX0x80070422

Error: (06/05/2014 09:33:46 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\melissa\AppData\Local\Temp\{BAD35F2E-D6D1-40CD-B4D1-BD6F7C64F363}\Disk1\DVD_Engine_Setup\setup.exe /s /install_tsbdvdenginefiles /3dInstalled DvdEngine0x80070422

Error: (06/05/2014 09:33:42 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\InstallShield Installation Information\DVD_Engine_Setup\Setup.exe Files (x86)\InstallShield Installation Information\DVD_Engine_Setup\Setup.exe" /s /remove_tsbdvdenginefiles /f1"C:\Program Files (x86)\InstallShield Installation Information\DVD_Engine_Setup\setup_u.iss"Removed DvdEngine0x80070422

Error: (06/05/2014 08:54:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1706219

Error: (06/05/2014 08:54:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1706219

Error: (06/05/2014 08:54:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/05/2014 08:54:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1704969

Error: (06/05/2014 08:54:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1704969

Error: (06/05/2014 08:54:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8076.21 MB
Available physical RAM: 6190.47 MB
Total Pagefile: 9292.21 MB
Available Pagefile: 7281.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (TI10653400C) (Fixed) (Total:688.46 GB) (Free:549.74 GB) NTFS
Drive d: (RCTYCOON) (CDROM) (Total:0.16 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

[Maniac]

Hello CorvidMoon! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Do you still need help?

[CorvidMoon]

Hi Borislav!

 

Yes I do still need help. 

Thanks so much!

[Maniac]

Sorry for delay!

Please generate a new fresh FRST log file and post it here.

[CorvidMoon]

No worries! 

 

Here is the FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Atani (administrator) on MONKEYGIRLS_PC on 12-06-2014 11:41:31
Running from C:\Users\melissa\Downloads
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\pcreg\pcreg.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Akamai Technologies, Inc.) C:\Users\melissa\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Akamai Technologies, Inc.) C:\Users\melissa\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [sRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [iJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [124256 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\Run: [Akamai NetSession Interface] => C:\Users\melissa\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2499009611-3246832664-3161368672-1001\...\MountPoints2: {55ce8513-e30d-11e3-be71-806e6f6e6963} - "D:\Autorun.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
SearchScopes: HKLM - DefaultScope {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - DefaultScope {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL =
SearchScopes: HKCU - {0478DE38-5CE4-49E4-BAB6-C044DD522B61} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: www.mail.yahoo.com
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\melissa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=", "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-24]
CHR Extension: (Google Drive) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-24]
CHR Extension: (Google Search) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-24]
CHR Extension: (Google Wallet) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-24]
CHR Extension: (Gmail) - C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-24]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
S2 SAWFP; \??\C:\windows\system32\Drivers\SAWFP64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-12 11:41 - 2014-06-12 11:41 - 00000000 ____D () C:\Users\melissa\Downloads\FRST-OlderVersion
2014-06-12 11:34 - 2014-06-12 11:34 - 00000117 _____ () C:\windows\system32\netcfg-564187609.txt
2014-06-12 11:34 - 2014-06-12 11:34 - 00000117 _____ () C:\windows\system32\netcfg-564187562.txt
2014-06-12 06:59 - 2014-06-12 06:59 - 00000117 _____ () C:\windows\system32\netcfg-547684718.txt
2014-06-12 06:59 - 2014-06-12 06:59 - 00000117 _____ () C:\windows\system32\netcfg-547684296.txt
2014-06-11 21:12 - 2014-06-11 21:12 - 00000117 _____ () C:\windows\system32\netcfg-512460203.txt
2014-06-11 21:11 - 2014-06-11 21:11 - 00000117 _____ () C:\windows\system32\netcfg-512398375.txt
2014-06-11 10:23 - 2014-06-11 10:23 - 00000117 _____ () C:\windows\system32\netcfg-473542015.txt
2014-06-11 10:23 - 2014-06-11 10:23 - 00000117 _____ () C:\windows\system32\netcfg-473541937.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427949750.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427949718.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427944718.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427944109.txt
2014-06-10 05:48 - 2014-06-10 05:48 - 00000117 _____ () C:\windows\system32\netcfg-370616296.txt
2014-06-10 05:48 - 2014-06-10 05:48 - 00000117 _____ () C:\windows\system32\netcfg-370616265.txt
2014-06-09 16:10 - 2014-06-09 16:10 - 00000117 _____ () C:\windows\system32\netcfg-321547671.txt
2014-06-09 16:10 - 2014-06-09 16:10 - 00000117 _____ () C:\windows\system32\netcfg-321547375.txt
2014-06-09 07:59 - 2014-06-09 07:59 - 00000117 _____ () C:\windows\system32\netcfg-292120484.txt
2014-06-09 07:59 - 2014-06-09 07:59 - 00000117 _____ () C:\windows\system32\netcfg-292120218.txt
2014-06-09 00:58 - 2014-06-09 00:58 - 00000117 _____ () C:\windows\system32\netcfg-266870234.txt
2014-06-09 00:58 - 2014-06-09 00:58 - 00000117 _____ () C:\windows\system32\netcfg-266869812.txt
2014-06-07 21:01 - 2014-06-07 21:12 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\SPORE
2014-06-07 21:01 - 2014-06-07 21:01 - 00000000 __RHD () C:\Users\melissa\AppData\Roaming\SecuROM
2014-06-07 21:01 - 2014-06-07 21:01 - 00000000 ____D () C:\Users\melissa\Documents\My Spore Creations
2014-06-07 12:52 - 2014-06-07 12:52 - 00000117 _____ () C:\windows\system32\netcfg-136919078.txt
2014-06-07 12:52 - 2014-06-07 12:52 - 00000117 _____ () C:\windows\system32\netcfg-136918656.txt
2014-06-07 05:27 - 2014-06-07 05:27 - 00000117 _____ () C:\windows\system32\netcfg-110183640.txt
2014-06-07 05:27 - 2014-06-07 05:27 - 00000117 _____ () C:\windows\system32\netcfg-110183390.txt
2014-06-07 00:58 - 2014-06-07 00:58 - 00000117 _____ () C:\windows\system32\netcfg-94057296.txt
2014-06-07 00:58 - 2014-06-07 00:58 - 00000117 _____ () C:\windows\system32\netcfg-94057265.txt
2014-06-06 05:59 - 2014-06-06 05:59 - 00000117 _____ () C:\windows\system32\netcfg-25745843.txt
2014-06-06 05:59 - 2014-06-06 05:59 - 00000117 _____ () C:\windows\system32\netcfg-25745812.txt
2014-06-05 23:24 - 2014-06-12 11:41 - 00015448 _____ () C:\Users\melissa\Downloads\FRST.txt
2014-06-05 23:24 - 2014-06-05 23:25 - 00025172 _____ () C:\Users\melissa\Downloads\Addition.txt
2014-06-05 23:23 - 2014-06-12 11:41 - 02081792 _____ (Farbar) C:\Users\melissa\Downloads\FRST64.exe
2014-06-05 23:23 - 2014-06-12 11:41 - 00000000 ____D () C:\FRST
2014-06-05 22:51 - 2014-06-05 22:51 - 00000117 _____ () C:\windows\system32\netcfg-27171.txt
2014-06-05 22:50 - 2014-06-05 22:50 - 00000117 _____ () C:\windows\system32\netcfg-263287250.txt
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593812.txt
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593156.txt
2014-06-05 13:17 - 2014-06-05 13:17 - 00002260 _____ () C:\Users\Public\Desktop\The Sims™ 3 Master Suite Stuff.lnk
2014-06-05 12:36 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2014-06-05 12:36 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266875.txt
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266593.txt
2014-06-04 22:20 - 2014-06-04 22:20 - 00002185 _____ () C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\Users\melissa\Documents\RCT3
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2014-06-04 22:17 - 2014-06-04 22:17 - 00000000 ____D () C:\Program Files (x86)\Atari
2014-06-04 17:55 - 2014-06-04 17:55 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Leadertech
2014-06-04 17:25 - 2014-06-04 17:25 - 00000117 _____ () C:\windows\system32\netcfg-157379125.txt
2014-06-04 17:24 - 2014-06-04 17:24 - 00000117 _____ () C:\windows\system32\netcfg-157324140.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420953.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420921.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483546.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483234.txt
2014-06-03 23:41 - 2014-06-03 23:41 - 00002170 _____ () C:\Users\Public\Desktop\The Sims™ 3 Showtime.lnk
2014-06-03 23:40 - 2014-06-03 23:40 - 00002134 _____ () C:\Users\Public\Desktop\The Sims™ 3 Pets.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002360 _____ () C:\Users\Public\Desktop\The Sims™ 3 World Adventures.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002206 _____ () C:\Users\Public\Desktop\The Sims™ 3 Supernatural.lnk
2014-06-03 23:37 - 2014-06-03 23:37 - 00002324 _____ () C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2014-06-03 23:36 - 2014-06-03 23:36 - 00002198 _____ () C:\Users\Public\Desktop\The Sims™ 3 Generations.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002278 _____ () C:\Users\Public\Desktop\The Sims™ 3 Outdoor Living Stuff.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002180 _____ () C:\Users\Public\Desktop\The Sims™ 3 Ambitions.lnk
2014-06-03 23:26 - 2014-06-03 23:26 - 00002270 _____ () C:\Users\Public\Desktop\The Sims™ 3 70s, 80s, & 90s Stuff.lnk
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080531.txt
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080078.txt
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\Users\melissa\Documents\Electronic Arts
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\ProgramData\EA Core
2014-06-02 21:42 - 2014-06-02 21:42 - 00000117 _____ () C:\windows\system32\netcfg-17312.txt
2014-06-02 21:41 - 2014-06-02 21:41 - 00000117 _____ () C:\windows\system32\netcfg-84370031.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23724984.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23723750.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-73787921.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-17406.txt
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544468.txt
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544437.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633796.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633640.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-3218000.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-17609.txt
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-3349578.txt
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-17078.txt
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-24281.txt
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-194485515.txt
2014-05-31 23:13 - 2014-05-31 23:13 - 00001127 _____ () C:\Users\melissa\Desktop\JRT.txt
2014-05-31 23:10 - 2014-05-31 23:10 - 00000000 ____D () C:\windows\ERUNT
2014-05-31 23:09 - 2014-05-31 23:09 - 01016261 _____ (Thisisu) C:\Users\melissa\Downloads\JRT.exe
2014-05-31 23:08 - 2014-05-31 23:09 - 10971424 _____ (SurfRight B.V.) C:\Users\melissa\Downloads\HitmanPro_x64.exe
2014-05-31 23:00 - 2014-05-31 23:01 - 00001986 _____ () C:\Users\melissa\Desktop\Rkill.txt
2014-05-31 22:59 - 2014-05-31 22:59 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\melissa\Downloads\iExplore.exe
2014-05-31 22:57 - 2014-05-31 22:57 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\melissa\Downloads\tdsskiller.exe
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414562.txt
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414234.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520656.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520625.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033500.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033218.txt
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\FitbitConnect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424843.txt
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424812.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-85433187.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-17546.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894937.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894812.txt
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093093.txt
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093000.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135859.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135828.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-423484.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-21796.txt
2014-05-26 23:11 - 2014-05-26 23:11 - 00000117 _____ () C:\windows\system32\netcfg-19859.txt
2014-05-26 23:10 - 2014-05-26 23:10 - 00000117 _____ () C:\windows\system32\netcfg-561843.txt
2014-05-26 23:07 - 2014-05-26 23:07 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211(1).exe
2014-05-26 22:11 - 2014-05-26 22:11 - 00003514 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MonkeyGirls_PC-Atani
2014-05-26 20:40 - 2014-05-26 20:41 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-26 20:40 - 2014-05-26 20:40 - 00001984 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2014-05-26 20:40 - 2012-08-30 11:18 - 00252416 _____ (CANON INC.) C:\windows\system32\CNMN6PPM.DLL
2014-05-26 20:40 - 2012-08-30 11:18 - 00152064 _____ (CANON INC.) C:\windows\system32\CNMN6UI.DLL
2014-05-26 20:40 - 2012-08-30 11:15 - 00366080 _____ (CANON INC.) C:\windows\SysWOW64\CNMNPPM.DLL
2014-05-26 20:40 - 2009-12-11 13:19 - 01354240 _____ (CANON INC.) C:\windows\system32\CNC620C.DLL
2014-05-26 20:40 - 2009-12-11 13:19 - 00092672 _____ (CANON INC.) C:\windows\system32\CNC620I.DLL
2014-05-26 20:40 - 2009-11-30 16:40 - 00293888 _____ (CANON INC.) C:\windows\system32\CNC620L.DLL
2014-05-26 20:40 - 2008-10-09 05:00 - 00279040 _____ (CANON INC.) C:\windows\system32\CNMLM9D.DLL
2014-05-26 20:40 - 2007-03-20 00:14 - 00117850 _____ () C:\windows\system32\Cnmnput.chm
2014-05-26 20:40 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\windows\system32\CNC620O.DLL
2014-05-26 20:38 - 2014-05-26 20:39 - 20536464 _____ () C:\Users\melissa\Downloads\md6l-win-mp620-1_05-en.exe
2014-05-26 20:37 - 2014-05-26 20:37 - 00000117 _____ () C:\windows\system32\netcfg-76260546.txt
2014-05-26 20:35 - 2014-05-26 20:35 - 00000117 _____ () C:\windows\system32\netcfg-76124656.txt
2014-05-26 20:28 - 2014-05-26 20:28 - 00000117 _____ () C:\windows\system32\netcfg-75728093.txt
2014-05-26 20:27 - 2014-05-26 20:27 - 00000117 _____ () C:\windows\system32\netcfg-75690640.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25642140.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25641687.txt
2014-05-26 00:06 - 2014-05-26 00:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-05-26 00:06 - 2014-05-26 00:05 - 00447752 _____ (On2.com) C:\windows\SysWOW64\vp6vfw.dll
2014-05-26 00:05 - 2014-05-26 00:05 - 00002064 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk
2014-05-26 00:05 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2014-05-26 00:05 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2014-05-25 23:29 - 2014-05-25 23:29 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-18968.txt
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-13005984.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-20000.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-1223281.txt
2014-05-25 19:29 - 2014-05-25 19:29 - 00000117 _____ () C:\windows\system32\netcfg-28531.txt
2014-05-25 19:28 - 2014-05-25 19:28 - 00000117 _____ () C:\windows\system32\netcfg-72927390.txt
2014-05-25 19:26 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-25 19:25 - 2014-05-25 19:26 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211.exe
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934484.txt
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934390.txt
2014-05-24 23:15 - 2014-05-24 23:15 - 01326389 _____ () C:\Users\melissa\Downloads\adwcleaner_3.210(1).exe
2014-05-24 23:13 - 2014-05-24 23:13 - 00000117 _____ () C:\windows\system32\netcfg-33968.txt
2014-05-24 23:12 - 2014-05-24 23:12 - 00000117 _____ () C:\windows\system32\netcfg-1809937.txt
2014-05-24 23:10 - 2014-05-26 23:10 - 00000000 ____D () C:\AdwCleaner
2014-05-24 22:43 - 2014-05-25 23:29 - 00000000 ____D () C:\Users\melissa\AppData\Local\Adobe
2014-05-24 22:43 - 2014-05-24 22:43 - 00000117 _____ () C:\windows\system32\netcfg-50281.txt
2014-05-24 22:42 - 2014-05-24 22:42 - 00000117 _____ () C:\windows\system32\netcfg-9947515.txt
2014-05-24 20:29 - 2014-06-05 23:26 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 20:29 - 2014-05-24 21:49 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-24 20:29 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\windows\system32\Drivers\GEARAspiWDM.sys
2014-05-24 20:28 - 2014-05-24 20:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-24 20:28 - 2014-05-24 20:28 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iPod
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-05-24 20:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-24 20:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-24 20:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-24 20:19 - 2014-05-24 20:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-24 20:17 - 2014-05-24 20:17 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk
2014-05-24 20:17 - 2014-05-24 20:17 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2014-05-24 20:17 - 2012-08-10 03:01 - 00056336 ____N (Corel Corporation) C:\windows\system32\Drivers\PxHlpa64.sys
2014-05-24 20:17 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\windows\system32\Drivers\cdralw2k.sys
2014-05-24 20:17 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\windows\system32\Drivers\cdr4_xp.sys
2014-05-24 20:16 - 2014-05-24 20:16 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-24 20:16 - 2014-05-24 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 20:15 - 2014-05-24 20:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\melissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 20:14 - 2014-05-24 20:16 - 00000000 ____D () C:\Users\melissa\Desktop\Adobe Photoshop Elements 11
2014-05-24 20:13 - 2014-05-24 20:13 - 01270024 _____ (Adobe Systems Incorporated) C:\Users\melissa\Desktop\PhotoshopElements_11_LS15.exe
2014-05-24 20:01 - 2014-06-12 07:06 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 20:01 - 2014-06-11 18:06 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 20:01 - 2014-05-24 20:18 - 112635728 _____ (Apple Inc.) C:\Users\melissa\Downloads\iTunes64Setup.exe
2014-05-24 20:01 - 2014-05-24 20:01 - 00003902 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-24 20:01 - 2014-05-24 20:01 - 00003666 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Deployment
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apps\2.0
2014-05-24 19:57 - 2014-05-24 19:57 - 00000117 _____ () C:\windows\system32\netcfg-52140.txt
2014-05-24 19:56 - 2014-05-24 19:56 - 00000117 _____ () C:\windows\system32\netcfg-73335937.txt
2014-05-24 19:51 - 2014-01-19 02:33 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-05-24 19:48 - 2014-05-24 19:48 - 00000000 ____D () C:\Users\melissa\Desktop\Necropsy reports
2014-05-24 19:47 - 2014-05-24 19:48 - 00001589 _____ () C:\Users\melissa\Desktop\MHTML Converter.lnk
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MHTML Converter
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\Program Files (x86)\MHTML Converter
2014-05-24 19:46 - 2014-05-26 23:04 - 00000000 ____D () C:\temp
2014-05-24 19:45 - 2014-05-24 19:45 - 00197893 _____ (Daniel Pedigo) C:\Users\melissa\Downloads\MHTML-Converter-Setup.exe
2014-05-24 19:43 - 2014-06-05 22:52 - 00000000 ____D () C:\Program Files\pcreg
2014-05-24 19:43 - 2014-05-24 19:43 - 00003706 _____ () C:\windows\System32\Tasks\pcreg
2014-05-24 19:41 - 2014-06-08 22:29 - 00000000 ____D () C:\Users\melissa\AppData\Local\CrashDumps
2014-05-24 19:19 - 2014-05-24 19:19 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Unity
2014-05-24 19:13 - 2014-05-24 19:13 - 00000000 ____D () C:\Users\melissa\AppData\Local\Unity
2014-05-24 19:06 - 2014-05-24 19:07 - 01070624 _____ (Unity Technologies ApS) C:\Users\melissa\Downloads\UnityWebPlayer.exe
2014-05-24 18:48 - 2014-05-24 18:48 - 00000000 ____D () C:\Users\melissa\AppData\Local\Macromedia
2014-05-24 18:46 - 2014-05-24 18:46 - 00000117 _____ () C:\windows\system32\netcfg-69147265.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00001139 _____ () C:\windows\system32\netcfg-68848234.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00000117 _____ () C:\windows\system32\netcfg-68848562.txt
2014-05-24 18:33 - 2014-05-24 18:33 - 00002258 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-05-24 18:33 - 2014-05-24 18:33 - 00000000 ___RD () C:\Users\melissa\OneDrive
2014-05-24 18:24 - 2014-05-24 20:16 - 00000000 ____D () C:\Users\melissa\AppData\Local\Google
2014-05-24 18:24 - 2014-05-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-24 18:24 - 2014-05-24 18:24 - 00918672 _____ (Google Inc.) C:\Users\melissa\Downloads\ChromeSetup.exe
2014-05-24 18:15 - 2014-05-24 18:20 - 06318888 _____ (Fitbit Inc.) C:\Users\melissa\Downloads\FitbitConnect_Win_2014110_1.0.1.5127.exe
2014-05-24 18:10 - 2014-05-24 18:10 - 00000000 ____D () C:\Users\melissa\AppData\Local\Akamai
2014-05-24 18:09 - 2014-05-24 18:10 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\melissa\Downloads\Akamai_NetSession_Installer.exe
2014-05-24 17:58 - 2014-06-05 12:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537125.txt
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537093.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199906.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199890.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-197687.txt
2014-05-24 01:35 - 2014-05-24 01:35 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-24 00:19 - 2014-05-24 17:58 - 00000000 ____D () C:\Users\melissa\AppData\Local\Origin
2014-05-24 00:15 - 2014-05-24 00:15 - 00000013 __RSH () C:\windows\system32\Drivers\fbd.sys
2014-05-24 00:13 - 2014-05-24 17:58 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Origin
2014-05-24 00:07 - 2014-05-24 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-24 00:01 - 2014-05-24 00:01 - 01382640 _____ () C:\windowsNIRMALA.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 01334012 _____ () C:\windowsNIRMALAB.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-24 00:00 - 2014-05-24 00:00 - 00981688 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\Setup.X86.en-US_HomeStudentRetail_1cf57e07-b3a8-47ca-8e82-d9ff12316fe9_TX_PR_.exe
2014-05-23 23:52 - 2014-05-24 23:48 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2499009611-3246832664-3161368672-1001
2014-05-23 23:52 - 2014-05-23 23:53 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Mozilla
2014-05-23 23:52 - 2014-05-23 23:53 - 00000000 ____D () C:\Users\melissa\AppData\Local\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 23:48 - 2014-05-23 23:48 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Macromedia
2014-05-23 23:45 - 2014-05-28 18:13 - 00000000 ____D () C:\Users\melissa\AppData\Local\TOSHIBA
2014-05-23 23:45 - 2014-05-25 23:29 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Adobe
2014-05-23 23:45 - 2014-05-23 23:45 - 00001445 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\WinBatch
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Local\SRS Labs
2014-05-23 23:44 - 2014-05-23 23:44 - 00000000 ____D () C:\windows\System32\Tasks\Norton Anti-Theft
2014-05-23 23:43 - 2014-06-12 11:41 - 00000000 ____D () C:\Users\melissa\AppData\Local\Temp
2014-05-23 23:43 - 2014-06-11 04:02 - 01252088 _____ () C:\windows\WindowsUpdate.log
2014-05-23 23:43 - 2014-06-04 17:56 - 00000000 ____D () C:\Users\melissa\AppData\Local\VirtualStore
2014-05-23 23:43 - 2014-05-24 22:42 - 00000000 ____D () C:\Users\melissa
2014-05-23 23:43 - 2014-05-24 18:04 - 00000000 ____D () C:\Users\melissa\AppData\Local\Packages
2014-05-23 23:43 - 2014-05-23 23:43 - 00000020 ___SH () C:\Users\melissa\ntuser.ini
2014-05-23 23:43 - 2012-09-03 21:06 - 00002111 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-23 23:43 - 2012-07-26 03:13 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-23 23:37 - 2014-05-23 23:37 - 00000117 _____ () C:\windows\system32\netcfg-203515.txt

==================== One Month Modified Files and Folders =======

2014-06-12 11:41 - 2014-06-12 11:41 - 00000000 ____D () C:\Users\melissa\Downloads\FRST-OlderVersion
2014-06-12 11:41 - 2014-06-05 23:24 - 00015448 _____ () C:\Users\melissa\Downloads\FRST.txt
2014-06-12 11:41 - 2014-06-05 23:23 - 02081792 _____ (Farbar) C:\Users\melissa\Downloads\FRST64.exe
2014-06-12 11:41 - 2014-06-05 23:23 - 00000000 ____D () C:\FRST
2014-06-12 11:41 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\Temp
2014-06-12 11:35 - 2014-05-23 23:43 - 01252088 _____ () C:\windows\WindowsUpdate.log
2014-06-12 11:34 - 2014-06-12 11:34 - 00000117 _____ () C:\windows\system32\netcfg-564187609.txt
2014-06-12 11:34 - 2014-06-12 11:34 - 00000117 _____ () C:\windows\system32\netcfg-564187562.txt
2014-06-12 07:06 - 2014-05-24 20:01 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-12 07:00 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-12 06:59 - 2014-06-12 06:59 - 00000117 _____ () C:\windows\system32\netcfg-547684718.txt
2014-06-12 06:59 - 2014-06-12 06:59 - 00000117 _____ () C:\windows\system32\netcfg-547684296.txt
2014-06-11 21:12 - 2014-06-11 21:12 - 00000117 _____ () C:\windows\system32\netcfg-512460203.txt
2014-06-11 21:11 - 2014-06-11 21:11 - 00000117 _____ () C:\windows\system32\netcfg-512398375.txt
2014-06-11 18:06 - 2014-05-24 20:01 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-11 10:23 - 2014-06-11 10:23 - 00000117 _____ () C:\windows\system32\netcfg-473542015.txt
2014-06-11 10:23 - 2014-06-11 10:23 - 00000117 _____ () C:\windows\system32\netcfg-473541937.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427949750.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427949718.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427944718.txt
2014-06-10 21:43 - 2014-06-10 21:43 - 00000117 _____ () C:\windows\system32\netcfg-427944109.txt
2014-06-10 05:48 - 2014-06-10 05:48 - 00000117 _____ () C:\windows\system32\netcfg-370616296.txt
2014-06-10 05:48 - 2014-06-10 05:48 - 00000117 _____ () C:\windows\system32\netcfg-370616265.txt
2014-06-09 21:26 - 2012-07-26 02:28 - 00848230 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-09 16:10 - 2014-06-09 16:10 - 00000117 _____ () C:\windows\system32\netcfg-321547671.txt
2014-06-09 16:10 - 2014-06-09 16:10 - 00000117 _____ () C:\windows\system32\netcfg-321547375.txt
2014-06-09 07:59 - 2014-06-09 07:59 - 00000117 _____ () C:\windows\system32\netcfg-292120484.txt
2014-06-09 07:59 - 2014-06-09 07:59 - 00000117 _____ () C:\windows\system32\netcfg-292120218.txt
2014-06-09 00:58 - 2014-06-09 00:58 - 00000117 _____ () C:\windows\system32\netcfg-266870234.txt
2014-06-09 00:58 - 2014-06-09 00:58 - 00000117 _____ () C:\windows\system32\netcfg-266869812.txt
2014-06-08 22:29 - 2014-05-24 19:41 - 00000000 ____D () C:\Users\melissa\AppData\Local\CrashDumps
2014-06-07 21:12 - 2014-06-07 21:01 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\SPORE
2014-06-07 21:01 - 2014-06-07 21:01 - 00000000 __RHD () C:\Users\melissa\AppData\Roaming\SecuROM
2014-06-07 21:01 - 2014-06-07 21:01 - 00000000 ____D () C:\Users\melissa\Documents\My Spore Creations
2014-06-07 21:00 - 2012-09-03 20:42 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-07 12:52 - 2014-06-07 12:52 - 00000117 _____ () C:\windows\system32\netcfg-136919078.txt
2014-06-07 12:52 - 2014-06-07 12:52 - 00000117 _____ () C:\windows\system32\netcfg-136918656.txt
2014-06-07 05:27 - 2014-06-07 05:27 - 00000117 _____ () C:\windows\system32\netcfg-110183640.txt
2014-06-07 05:27 - 2014-06-07 05:27 - 00000117 _____ () C:\windows\system32\netcfg-110183390.txt
2014-06-07 00:58 - 2014-06-07 00:58 - 00000117 _____ () C:\windows\system32\netcfg-94057296.txt
2014-06-07 00:58 - 2014-06-07 00:58 - 00000117 _____ () C:\windows\system32\netcfg-94057265.txt
2014-06-06 05:59 - 2014-06-06 05:59 - 00000117 _____ () C:\windows\system32\netcfg-25745843.txt
2014-06-06 05:59 - 2014-06-06 05:59 - 00000117 _____ () C:\windows\system32\netcfg-25745812.txt
2014-06-05 23:26 - 2014-05-24 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 23:25 - 2014-06-05 23:24 - 00025172 _____ () C:\Users\melissa\Downloads\Addition.txt
2014-06-05 22:52 - 2014-05-24 19:43 - 00000000 ____D () C:\Program Files\pcreg
2014-06-05 22:51 - 2014-06-05 22:51 - 00000117 _____ () C:\windows\system32\netcfg-27171.txt
2014-06-05 22:51 - 2012-07-26 02:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-05 22:50 - 2014-06-05 22:50 - 00000117 _____ () C:\windows\system32\netcfg-263287250.txt
2014-06-05 22:50 - 2012-09-03 20:32 - 00879188 _____ () C:\windows\PFRO.log
2014-06-05 21:33 - 2012-09-03 20:45 - 00000000 ____D () C:\Program Files (x86)\Toshiba
2014-06-05 21:33 - 2012-09-03 20:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593812.txt
2014-06-05 20:25 - 2014-06-05 20:25 - 00000117 _____ () C:\windows\system32\netcfg-254593156.txt
2014-06-05 13:17 - 2014-06-05 13:17 - 00002260 _____ () C:\Users\Public\Desktop\The Sims™ 3 Master Suite Stuff.lnk
2014-06-05 12:36 - 2012-09-03 21:06 - 00018076 _____ () C:\windows\DirectX.log
2014-06-05 12:23 - 2014-05-24 17:58 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266875.txt
2014-06-05 05:36 - 2014-06-05 05:36 - 00000117 _____ () C:\windows\system32\netcfg-201266593.txt
2014-06-04 22:20 - 2014-06-04 22:20 - 00002185 _____ () C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\Users\melissa\Documents\RCT3
2014-06-04 22:19 - 2014-06-04 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2014-06-04 22:17 - 2014-06-04 22:17 - 00000000 ____D () C:\Program Files (x86)\Atari
2014-06-04 17:56 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\VirtualStore
2014-06-04 17:55 - 2014-06-04 17:55 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Leadertech
2014-06-04 17:25 - 2014-06-04 17:25 - 00000117 _____ () C:\windows\system32\netcfg-157379125.txt
2014-06-04 17:24 - 2014-06-04 17:24 - 00000117 _____ () C:\windows\system32\netcfg-157324140.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420953.txt
2014-06-04 17:09 - 2014-06-04 17:09 - 00000117 _____ () C:\windows\system32\netcfg-156420921.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483546.txt
2014-06-04 12:43 - 2014-06-04 12:43 - 00000117 _____ () C:\windows\system32\netcfg-140483234.txt
2014-06-04 02:23 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-03 23:41 - 2014-06-03 23:41 - 00002170 _____ () C:\Users\Public\Desktop\The Sims™ 3 Showtime.lnk
2014-06-03 23:40 - 2014-06-03 23:40 - 00002134 _____ () C:\Users\Public\Desktop\The Sims™ 3 Pets.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002360 _____ () C:\Users\Public\Desktop\The Sims™ 3 World Adventures.lnk
2014-06-03 23:38 - 2014-06-03 23:38 - 00002206 _____ () C:\Users\Public\Desktop\The Sims™ 3 Supernatural.lnk
2014-06-03 23:37 - 2014-06-03 23:37 - 00002324 _____ () C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2014-06-03 23:36 - 2014-06-03 23:36 - 00002198 _____ () C:\Users\Public\Desktop\The Sims™ 3 Generations.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002278 _____ () C:\Users\Public\Desktop\The Sims™ 3 Outdoor Living Stuff.lnk
2014-06-03 23:27 - 2014-06-03 23:27 - 00002180 _____ () C:\Users\Public\Desktop\The Sims™ 3 Ambitions.lnk
2014-06-03 23:26 - 2014-06-03 23:26 - 00002270 _____ () C:\Users\Public\Desktop\The Sims™ 3 70s, 80s, & 90s Stuff.lnk
2014-06-03 20:39 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\Web
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080531.txt
2014-06-03 11:03 - 2014-06-03 11:03 - 00000117 _____ () C:\windows\system32\netcfg-48080078.txt
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\Users\melissa\Documents\Electronic Arts
2014-06-02 21:56 - 2014-06-02 21:56 - 00000000 ____D () C:\ProgramData\EA Core
2014-06-02 21:42 - 2014-06-02 21:42 - 00000117 _____ () C:\windows\system32\netcfg-17312.txt
2014-06-02 21:41 - 2014-06-02 21:41 - 00000117 _____ () C:\windows\system32\netcfg-84370031.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23724984.txt
2014-06-02 04:50 - 2014-06-02 04:50 - 00000117 _____ () C:\windows\system32\netcfg-23723750.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-73787921.txt
2014-06-01 22:15 - 2014-06-01 22:15 - 00000117 _____ () C:\windows\system32\netcfg-17406.txt
2014-06-01 22:15 - 2012-07-26 03:18 - 00000000 ____D () C:\windows\DigitalLocker
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544468.txt
2014-06-01 21:21 - 2014-06-01 21:21 - 00000117 _____ () C:\windows\system32\netcfg-70544437.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633796.txt
2014-06-01 07:45 - 2014-06-01 07:45 - 00000117 _____ () C:\windows\system32\netcfg-21633640.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-3218000.txt
2014-06-01 01:45 - 2014-06-01 01:45 - 00000117 _____ () C:\windows\system32\netcfg-17609.txt
2014-06-01 01:45 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\WinStore
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-3349578.txt
2014-06-01 00:51 - 2014-06-01 00:51 - 00000117 _____ () C:\windows\system32\netcfg-17078.txt
2014-06-01 00:51 - 2012-09-04 13:16 - 00000000 ____D () C:\windows\Panther
2014-06-01 00:51 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-01 00:03 - 2012-09-03 20:43 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-24281.txt
2014-05-31 23:55 - 2014-05-31 23:55 - 00000117 _____ () C:\windows\system32\netcfg-194485515.txt
2014-05-31 23:13 - 2014-05-31 23:13 - 00001127 _____ () C:\Users\melissa\Desktop\JRT.txt
2014-05-31 23:10 - 2014-05-31 23:10 - 00000000 ____D () C:\windows\ERUNT
2014-05-31 23:09 - 2014-05-31 23:09 - 01016261 _____ (Thisisu) C:\Users\melissa\Downloads\JRT.exe
2014-05-31 23:09 - 2014-05-31 23:08 - 10971424 _____ (SurfRight B.V.) C:\Users\melissa\Downloads\HitmanPro_x64.exe
2014-05-31 23:01 - 2014-05-31 23:00 - 00001986 _____ () C:\Users\melissa\Desktop\Rkill.txt
2014-05-31 22:59 - 2014-05-31 22:59 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\melissa\Downloads\iExplore.exe
2014-05-31 22:57 - 2014-05-31 22:57 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\melissa\Downloads\tdsskiller.exe
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414562.txt
2014-05-31 22:13 - 2014-05-31 22:13 - 00000117 _____ () C:\windows\system32\netcfg-188414234.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520656.txt
2014-05-31 18:05 - 2014-05-31 18:05 - 00000117 _____ () C:\windows\system32\netcfg-173520625.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033500.txt
2014-05-30 07:47 - 2014-05-30 07:47 - 00000117 _____ () C:\windows\system32\netcfg-50033218.txt
2014-05-29 17:59 - 2012-07-26 02:21 - 00023581 _____ () C:\windows\setupact.log
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\ProgramData\FitbitConnect
2014-05-28 21:48 - 2014-05-28 21:48 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2014-05-28 18:13 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Local\TOSHIBA
2014-05-28 06:24 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\Branding
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424843.txt
2014-05-28 06:06 - 2014-05-28 06:06 - 00000117 _____ () C:\windows\system32\netcfg-25424812.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-85433187.txt
2014-05-27 23:02 - 2014-05-27 23:02 - 00000117 _____ () C:\windows\system32\netcfg-17546.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894937.txt
2014-05-27 12:19 - 2014-05-27 12:19 - 00000117 _____ () C:\windows\system32\netcfg-46894812.txt
2014-05-27 05:46 - 2012-09-03 20:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093093.txt
2014-05-27 05:43 - 2014-05-27 05:43 - 00000117 _____ () C:\windows\system32\netcfg-23093000.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135859.txt
2014-05-27 00:27 - 2014-05-27 00:27 - 00000117 _____ () C:\windows\system32\netcfg-4135828.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-423484.txt
2014-05-26 23:18 - 2014-05-26 23:18 - 00000117 _____ () C:\windows\system32\netcfg-21796.txt
2014-05-26 23:11 - 2014-05-26 23:11 - 00000117 _____ () C:\windows\system32\netcfg-19859.txt
2014-05-26 23:10 - 2014-05-26 23:10 - 00000117 _____ () C:\windows\system32\netcfg-561843.txt
2014-05-26 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\AdwCleaner
2014-05-26 23:07 - 2014-05-26 23:07 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211(1).exe
2014-05-26 23:04 - 2014-05-24 19:46 - 00000000 ____D () C:\temp
2014-05-26 22:11 - 2014-05-26 22:11 - 00003514 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MonkeyGirls_PC-Atani
2014-05-26 20:41 - 2014-05-26 20:40 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-26 20:40 - 2014-05-26 20:40 - 00001984 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2014-05-26 20:40 - 2012-07-26 03:12 - 00000000 __RSD () C:\windows\Media
2014-05-26 20:39 - 2014-05-26 20:38 - 20536464 _____ () C:\Users\melissa\Downloads\md6l-win-mp620-1_05-en.exe
2014-05-26 20:37 - 2014-05-26 20:37 - 00000117 _____ () C:\windows\system32\netcfg-76260546.txt
2014-05-26 20:35 - 2014-05-26 20:35 - 00000117 _____ () C:\windows\system32\netcfg-76124656.txt
2014-05-26 20:28 - 2014-05-26 20:28 - 00000117 _____ () C:\windows\system32\netcfg-75728093.txt
2014-05-26 20:27 - 2014-05-26 20:27 - 00000117 _____ () C:\windows\system32\netcfg-75690640.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25642140.txt
2014-05-26 06:33 - 2014-05-26 06:33 - 00000117 _____ () C:\windows\system32\netcfg-25641687.txt
2014-05-26 00:06 - 2014-05-26 00:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-05-26 00:05 - 2014-05-26 00:06 - 00447752 _____ (On2.com) C:\windows\SysWOW64\vp6vfw.dll
2014-05-26 00:05 - 2014-05-26 00:05 - 00002064 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk
2014-05-25 23:29 - 2014-05-25 23:29 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-25 23:29 - 2014-05-24 22:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\Adobe
2014-05-25 23:29 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Adobe
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-18968.txt
2014-05-25 23:26 - 2014-05-25 23:26 - 00000117 _____ () C:\windows\system32\netcfg-13005984.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-20000.txt
2014-05-25 19:49 - 2014-05-25 19:49 - 00000117 _____ () C:\windows\system32\netcfg-1223281.txt
2014-05-25 19:48 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\Globalization
2014-05-25 19:29 - 2014-05-25 19:29 - 00000117 _____ () C:\windows\system32\netcfg-28531.txt
2014-05-25 19:28 - 2014-05-25 19:28 - 00000117 _____ () C:\windows\system32\netcfg-72927390.txt
2014-05-25 19:26 - 2014-05-25 19:25 - 01327971 _____ () C:\Users\melissa\Downloads\adwcleaner_3.211.exe
2014-05-25 07:35 - 2012-07-26 02:59 - 00000000 ____D () C:\windows\CbsTemp
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934484.txt
2014-05-25 07:31 - 2014-05-25 07:31 - 00000117 _____ () C:\windows\system32\netcfg-29934390.txt
2014-05-24 23:48 - 2014-05-23 23:52 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2499009611-3246832664-3161368672-1001
2014-05-24 23:15 - 2014-05-24 23:15 - 01326389 _____ () C:\Users\melissa\Downloads\adwcleaner_3.210(1).exe
2014-05-24 23:13 - 2014-05-24 23:13 - 00000117 _____ () C:\windows\system32\netcfg-33968.txt
2014-05-24 23:12 - 2014-05-24 23:12 - 00000117 _____ () C:\windows\system32\netcfg-1809937.txt
2014-05-24 22:50 - 2012-09-03 20:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-24 22:50 - 2012-09-03 20:49 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-05-24 22:49 - 2012-09-03 20:49 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-24 22:43 - 2014-05-24 22:43 - 00000117 _____ () C:\windows\system32\netcfg-50281.txt
2014-05-24 22:42 - 2014-05-24 22:42 - 00000117 _____ () C:\windows\system32\netcfg-9947515.txt
2014-05-24 22:42 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa
2014-05-24 22:42 - 2012-07-26 02:52 - 00000000 ____D () C:\windows\ShellNew
2014-05-24 22:42 - 2012-07-26 02:19 - 01955088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-24 21:49 - 2014-05-24 20:29 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple Computer
2014-05-24 20:29 - 2014-05-24 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-24 20:29 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-24 20:28 - 2014-05-24 20:28 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\ProgramData\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\iPod
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-24 20:28 - 2014-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-05-24 20:20 - 2014-05-24 20:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\melissa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 20:19 - 2014-05-24 20:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-24 20:18 - 2014-05-24 20:01 - 112635728 _____ (Apple Inc.) C:\Users\melissa\Downloads\iTunes64Setup.exe
2014-05-24 20:18 - 2012-09-03 20:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-24 20:17 - 2014-05-24 20:17 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk
2014-05-24 20:17 - 2014-05-24 20:17 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2014-05-24 20:16 - 2014-05-24 20:16 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-24 20:16 - 2014-05-24 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 20:16 - 2014-05-24 20:14 - 00000000 ____D () C:\Users\melissa\Desktop\Adobe Photoshop Elements 11
2014-05-24 20:16 - 2014-05-24 18:24 - 00000000 ____D () C:\Users\melissa\AppData\Local\Google
2014-05-24 20:16 - 2014-05-24 18:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-24 20:13 - 2014-05-24 20:13 - 01270024 _____ (Adobe Systems Incorporated) C:\Users\melissa\Desktop\PhotoshopElements_11_LS15.exe
2014-05-24 20:01 - 2014-05-24 20:01 - 00003902 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-24 20:01 - 2014-05-24 20:01 - 00003666 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Deployment
2014-05-24 20:01 - 2014-05-24 20:01 - 00000000 ____D () C:\Users\melissa\AppData\Local\Apps\2.0
2014-05-24 19:57 - 2014-05-24 19:57 - 00000117 _____ () C:\windows\system32\netcfg-52140.txt
2014-05-24 19:56 - 2014-05-24 19:56 - 00000117 _____ () C:\windows\system32\netcfg-73335937.txt
2014-05-24 19:56 - 2012-09-03 20:43 - 00000000 ____D () C:\ProgramData\Norton
2014-05-24 19:52 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-24 19:48 - 2014-05-24 19:48 - 00000000 ____D () C:\Users\melissa\Desktop\Necropsy reports
2014-05-24 19:48 - 2014-05-24 19:47 - 00001589 _____ () C:\Users\melissa\Desktop\MHTML Converter.lnk
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MHTML Converter
2014-05-24 19:47 - 2014-05-24 19:47 - 00000000 ____D () C:\Program Files (x86)\MHTML Converter
2014-05-24 19:45 - 2014-05-24 19:45 - 00197893 _____ (Daniel Pedigo) C:\Users\melissa\Downloads\MHTML-Converter-Setup.exe
2014-05-24 19:43 - 2014-05-24 19:43 - 00003706 _____ () C:\windows\System32\Tasks\pcreg
2014-05-24 19:19 - 2014-05-24 19:19 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Unity
2014-05-24 19:13 - 2014-05-24 19:13 - 00000000 ____D () C:\Users\melissa\AppData\Local\Unity
2014-05-24 19:07 - 2014-05-24 19:06 - 01070624 _____ (Unity Technologies ApS) C:\Users\melissa\Downloads\UnityWebPlayer.exe
2014-05-24 18:48 - 2014-05-24 18:48 - 00000000 ____D () C:\Users\melissa\AppData\Local\Macromedia
2014-05-24 18:46 - 2014-05-24 18:46 - 00000117 _____ () C:\windows\system32\netcfg-69147265.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00001139 _____ () C:\windows\system32\netcfg-68848234.txt
2014-05-24 18:41 - 2014-05-24 18:41 - 00000117 _____ () C:\windows\system32\netcfg-68848562.txt
2014-05-24 18:33 - 2014-05-24 18:33 - 00002258 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-05-24 18:33 - 2014-05-24 18:33 - 00000000 ___RD () C:\Users\melissa\OneDrive
2014-05-24 18:32 - 2012-09-03 21:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-24 18:24 - 2014-05-24 18:24 - 00918672 _____ (Google Inc.) C:\Users\melissa\Downloads\ChromeSetup.exe
2014-05-24 18:20 - 2014-05-24 18:15 - 06318888 _____ (Fitbit Inc.) C:\Users\melissa\Downloads\FitbitConnect_Win_2014110_1.0.1.5127.exe
2014-05-24 18:10 - 2014-05-24 18:10 - 00000000 ____D () C:\Users\melissa\AppData\Local\Akamai
2014-05-24 18:10 - 2014-05-24 18:09 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\melissa\Downloads\Akamai_NetSession_Installer.exe
2014-05-24 18:04 - 2014-05-23 23:43 - 00000000 ____D () C:\Users\melissa\AppData\Local\Packages
2014-05-24 17:58 - 2014-05-24 00:19 - 00000000 ____D () C:\Users\melissa\AppData\Local\Origin
2014-05-24 17:58 - 2014-05-24 00:13 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Origin
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537125.txt
2014-05-24 06:39 - 2014-05-24 06:39 - 00000117 _____ () C:\windows\system32\netcfg-25537093.txt
2014-05-24 02:33 - 2012-07-26 03:13 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199906.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-199890.txt
2014-05-24 01:36 - 2014-05-24 01:36 - 00000117 _____ () C:\windows\system32\netcfg-197687.txt
2014-05-24 01:35 - 2014-05-24 01:35 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-24 01:35 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\rescache
2014-05-24 00:23 - 2014-05-24 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-24 00:15 - 2014-05-24 00:15 - 00000013 __RSH () C:\windows\system32\Drivers\fbd.sys
2014-05-24 00:05 - 2012-07-26 03:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-05-24 00:01 - 2014-05-24 00:01 - 01382640 _____ () C:\windowsNIRMALA.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 01334012 _____ () C:\windowsNIRMALAB.tt2
2014-05-24 00:01 - 2014-05-24 00:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-24 00:00 - 2014-05-24 00:00 - 00981688 _____ (Microsoft Corporation) C:\Users\melissa\Downloads\Setup.X86.en-US_HomeStudentRetail_1cf57e07-b3a8-47ca-8e82-d9ff12316fe9_TX_PR_.exe
2014-05-23 23:53 - 2014-05-23 23:52 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Mozilla
2014-05-23 23:53 - 2014-05-23 23:52 - 00000000 ____D () C:\Users\melissa\AppData\Local\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 23:52 - 2014-05-23 23:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 23:48 - 2014-05-23 23:48 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\Macromedia
2014-05-23 23:46 - 2012-09-03 20:48 - 00000000 ____D () C:\ProgramData\Toshiba
2014-05-23 23:45 - 2014-05-23 23:45 - 00001445 _____ () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ___RD () C:\Users\melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Roaming\WinBatch
2014-05-23 23:45 - 2014-05-23 23:45 - 00000000 ____D () C:\Users\melissa\AppData\Local\SRS Labs
2014-05-23 23:45 - 2012-07-26 02:49 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2014-05-23 23:44 - 2014-05-23 23:44 - 00000000 ____D () C:\windows\System32\Tasks\Norton Anti-Theft
2014-05-23 23:43 - 2014-05-23 23:43 - 00000020 ___SH () C:\Users\melissa\ntuser.ini
2014-05-23 23:43 - 2012-07-26 03:12 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-05-23 23:37 - 2014-05-23 23:37 - 00000117 _____ () C:\windows\system32\netcfg-203515.txt

Some content of TEMP:
====================
C:\Users\melissa\AppData\Local\Temp\D2M-Precheck.exe
C:\Users\melissa\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\melissa\AppData\Local\Temp\file_to_run55859.exe
C:\Users\melissa\AppData\Local\Temp\MSETUP4.EXE
C:\Users\melissa\AppData\Local\Temp\nsq9D22.tmp.exe
C:\Users\melissa\AppData\Local\Temp\Quarantine.exe
C:\Users\melissa\AppData\Local\Temp\readSTILog.dll
C:\Users\melissa\AppData\Local\Temp\speedmax_20140516.exe
C:\Users\melissa\AppData\Local\Temp\speedmax_3843.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-06 22:44

==================== End Of Log ============================

[Maniac]

Step 1

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Step 2

• Launch Malwarebytes' Anti-Malware
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
• Go to Scanner tab and select Threat Scan, then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• FRST log
• Malwarebytes' Anti-Malware log

[CorvidMoon]

Apologies, but I cant seem to find the attachment.

[Maniac]

Sorry about that. Check again.

fixlist.txt

[CorvidMoon]

Here's fixlog.txt

 

Ran by Atani at 2014-06-19 18:04:34 Run:1
Running from C:\Users\melissa\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=", "hxxp://www.google.com/"
C:\Users\melissa\AppData\Local\Temp\D2M-Precheck.exe
C:\Users\melissa\AppData\Local\Temp\file_to_run55859.exe
C:\Users\melissa\AppData\Local\Temp\nsq9D22.tmp.exe
End

*****************

CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV= ==> The Chrome "Settings" can be used to fix the entry.
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=", "hxxp://www.google.com/" ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\melissa\AppData\Local\Temp\D2M-Precheck.exe => Moved successfully.
C:\Users\melissa\AppData\Local\Temp\file_to_run55859.exe => Moved successfully.
C:\Users\melissa\AppData\Local\Temp\nsq9D22.tmp.exe => Moved successfully.

==== End of Fixlog ====

 

And Malwarebytes:

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/19/2014
Scan Time: 6:07:56 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.19.09
Rootkit Database: v2014.06.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Atani

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 272750
Time Elapsed: 5 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.Trovi.A, C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ ""http://www.google.com/" ],), Replaced,[d5814238e299c5713eac614a90740ff1]
PUP.Optional.Trovi.A, C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=",), Replaced,[05513941641767cf5e8d02a944c0619f]

Physical Sectors: 0
(No malicious items detected)


(end)

[Maniac]

Step 1

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 2

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Scan button. Wait until is finished.
• Click on Clean.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.

In your next reply, post the following log files:

• Junkware Removal Tool log
• AdwCleaner log

[CorvidMoon]

Here's JRT.txt

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Atani on Wed 06/25/2014 at 20:19:12.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 06/25/2014 at 20:22:26.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

And here's adwcleaner log

 

# AdwCleaner v3.213 - Report created 25/06/2014 at 20:23:26
# Updated 23/06/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Atani - MONKEYGIRLS_PC
# Running from : C:\Users\melissa\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\Bench
Folder Found : C:\Program Files\pcreg

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\Software\Bench

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16384


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Trovi search");
Line Found : user_pref("browser.search.selectedEngine", "Trovi search");

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326239&octid=EB_ORIGINAL_CTID&ISID=M73251F8F-AC79-4B90-BC33-804D3A362680&SearchSource=55&CUI=&UM=2&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=
Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

*************************

AdwCleaner[R0].txt - [3647 octets] - [24/05/2014 23:10:20]
AdwCleaner[R1].txt - [1219 octets] - [24/05/2014 23:16:23]
AdwCleaner[R2].txt - [14743 octets] - [25/05/2014 19:26:11]
AdwCleaner[R3].txt - [16431 octets] - [26/05/2014 23:07:52]
AdwCleaner[R4].txt - [10140 octets] - [25/06/2014 20:23:26]
AdwCleaner[s0].txt - [3610 octets] - [24/05/2014 23:11:17]
AdwCleaner[s1].txt - [4917 octets] - [25/05/2014 19:27:18]
AdwCleaner[s2].txt - [5151 octets] - [26/05/2014 23:09:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [10381 octets] ##########
 

[Maniac]

About AdwCleaner, did you click on Clean button?

[CorvidMoon]

No.  So much for following directions!  Sorry, is it okay to do it now or do I need to rescan things first?

[Maniac]

Manaully delete AdwCleaner and repeat my steps for it.

[CorvidMoon]

Here's the report:

 

# AdwCleaner v3.214 - Report created 05/07/2014 at 19:54:33
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Atani - MONKEYGIRLS_PC
# Running from : C:\Users\melissa\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\melissa\Favorites\StumbleUpon
Folder Deleted : C:\Program Files\pcreg

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16384


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Trovi search");
Line Deleted : user_pref("browser.search.selectedEngine", "Trovi search");

[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


[ File : C:\Users\melissa\AppData\Roaming\Mozilla\Firefox\Profiles\9cqmtrkq.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M17320AB4-2DF2-4588-9497-5B1F6E0FFCE1&SearchSource=55&CUI=&UM=5&UP=SP224D7969-6DE6-4B87-93C0-19A4A15CDE5F&SSPV=

[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3647 octets] - [24/05/2014 23:10:20]
AdwCleaner[R1].txt - [1219 octets] - [24/05/2014 23:16:23]
AdwCleaner[R2].txt - [14743 octets] - [25/05/2014 19:26:11]
AdwCleaner[R3].txt - [16431 octets] - [26/05/2014 23:07:52]
AdwCleaner[R4].txt - [10462 octets] - [25/06/2014 20:23:26]
AdwCleaner[R5].txt - [8038 octets] - [05/07/2014 19:52:20]
AdwCleaner[s0].txt - [3610 octets] - [24/05/2014 23:11:17]
AdwCleaner[s1].txt - [4917 octets] - [25/05/2014 19:27:18]
AdwCleaner[s2].txt - [5151 octets] - [26/05/2014 23:09:18]
AdwCleaner[s3].txt - [3946 octets] - [05/07/2014 19:54:33]

########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [4006 octets] ##########
 

[Maniac]

How are things now?

[CorvidMoon]

Everything seems to be running smoothly.  Anything else I need to do?

[Maniac]

Glad I could help!

Last steps:

Step 1

• Download OTL to your desktop and run it.
• Click on CleanUp button.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Step 2

• Double click on AdwCleaner.exe to run the tool.
• Click on Uninstall
• Confirm with Yes

Step 3

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[CorvidMoon]

Steps are complete!  Thanks so much!!!

[Maniac]

You're welcome!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!