Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keep getting redirected to spam pages, even when clicking on page, not link!


  • This topic is locked This topic is locked
5 replies to this topic

#1 Meli29

Meli29

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 20 November 2015 - 10:43 PM

Hello,

 

For some time now I keep getting redirected to spam pages. It happens when I click on links (new tabs will open to new pages) but it also happens when I just click on the page. The pages I get redirected to always vary but they're spammy.

 

Another strange thing that often happens is that I'll get a windows notification that a .exe program is trying to run. I always turn it down, but it's a string of numbers with periods (like an ip address) with .exe at the end.

 

I appreciate any help you can give me! Here is my log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
Ran by Meli (administrator) on MELI-PC (20-11-2015 22:20:44)
Running from C:\Users\Meli\Downloads
Loaded Profiles: Meli (Available Profiles: Meli & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Felix Belzile) C:\Program Files (x86)\Cold Turkey\CTService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
(SanDisk Corporation) C:\Users\Meli\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
(Spotify Ltd) C:\Users\Meli\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(IndieCity Limited) C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe
(Flux Software LLC) C:\Users\Meli\AppData\Local\FluxSoftware\Flux\flux.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Verizon) C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Radialpoint Inc.) C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\loggingserver.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Radialpoint Inc.) C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [IME14 CHS Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110776 2015-10-13] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe [9558752 2015-08-27] ()
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [VerizonServicepoint.exe] => C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe [4318520 2011-01-10] (Verizon)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780008 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [IME14 CHS Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3177360 2015-10-27] ()
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [SansaDispatch] => C:\Users\Meli\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2013-04-02] (SanDisk Corporation)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [Spotify Web Helper] => C:\Users\Meli\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-27] (Spotify Ltd)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [IndieCity Client] => C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe [2621424 2013-02-14] (IndieCity Limited)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [Facebook Update] => "C:\Users\Meli\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [f.lux] => C:\Users\Meli\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [Spotify] => C:\Users\Meli\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-06] (Spotify Ltd)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-22] (Electronic Arts)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [GoogleChromeAutoLaunch_0CCD72252D249FEDE7F90DBC57CAFB16] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-06] (Google Inc.)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1409296 2015-11-09] (Lavasoft)
HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Policies\Explorer: [NoInternetIcon] 1
HKU\S-1-5-21-2536932362-501151085-705957901-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Meli\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Meli\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Meli\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Meli\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Panda Malware Icon] -> {F5D1CF73-C196-48F8-AAAC-B9181E22B4E6} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL No File
ShellIconOverlayIdentifiers: [Panda Suspect Icon] -> {9AE343CB-BA45-4618-AF6A-0230EE6FC793} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Meli\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Meli\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Meli\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-24] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Meli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-06-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Meli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts-x32: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 07 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-17] (Lavasoft Limited)
Winsock: Catalog5-x64 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 07 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-17] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-17] (Lavasoft Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1492A9EB-2EB8-4A07-8A7A-936144183A78}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2536932362-501151085-705957901-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2536932362-501151085-705957901-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2536932362-501151085-705957901-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://hp-desktop.us.msn.com/?ocid=iehp
HKU\S-1-5-21-2536932362-501151085-705957901-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={C0470763-599C-4320-8D3A-C9B953F40078}&mid=2e07f7d628bfa40ecb9418456a0d1cfa-94e4fa93780f336ecf7b90fcc4c8f7f771bb9a9e&lang=en&ds=AVG&coid=avgtbavg&cmpid=1015tb&pr=fr&d=2015-10-05 20:57:04&v=4.1.8.599&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {3C03364D-3F09-47AC-A78A-52833FF4EDB7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {3C03364D-3F09-47AC-A78A-52833FF4EDB7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2536932362-501151085-705957901-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={C0470763-599C-4320-8D3A-C9B953F40078}&mid=2e07f7d628bfa40ecb9418456a0d1cfa-94e4fa93780f336ecf7b90fcc4c8f7f771bb9a9e&lang=en&ds=AVG&coid=avgtbavg&cmpid=1015tb&pr=fr&d=2015-10-05 20:57:04&v=4.1.8.599&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2536932362-501151085-705957901-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D091815-A60FA26CFB78147A880F&form=CONBDF&conlogo=CT3332038&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2536932362-501151085-705957901-1000 -> {3C03364D-3F09-47AC-A78A-52833FF4EDB7} URL = 
SearchScopes: HKU\S-1-5-21-2536932362-501151085-705957901-1000 -> {7ECEAFDF-0B3A-4EEF-803A-B1B559E4D5CF} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2536932362-501151085-705957901-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={C0470763-599C-4320-8D3A-C9B953F40078}&mid=2e07f7d628bfa40ecb9418456a0d1cfa-94e4fa93780f336ecf7b90fcc4c8f7f771bb9a9e&lang=en&ds=AVG&coid=avgtbavg&cmpid=1015tb&pr=fr&d=2015-10-05 20:57:04&v=4.1.8.599&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll => No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll => No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-05] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.8.599\AVG Web TuneUp.dll [2015-10-27] (AVG)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO-x32: No Name -> {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} -> No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-05] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
 
FireFox:
========
FF ProfilePath: C:\Users\Meli\AppData\Roaming\Mozilla\Firefox\Profiles\3e7cowdg.default
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.1: EasyLife
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com/?cid={C0470763-599C-4320-8D3A-C9B953F40078}&mid=2e07f7d628bfa40ecb9418456a0d1cfa-94e4fa93780f336ecf7b90fcc4c8f7f771bb9a9e&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915wt&pr=fr&d=2015-10-05 20:57:04&v=4.1.8.599&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Verizon\VSP\nprpspa.dll [2011-01-10] (Verizon)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-06-10] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.8\\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-06-16] (Pando Networks)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [2014-02-26] (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [2014-02-26] (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin-x32: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Verizon\VSP\nprpspa.dll [2011-01-10] (Verizon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2536932362-501151085-705957901-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Meli\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [2010-06-09] ( )
FF Plugin HKU\S-1-5-21-2536932362-501151085-705957901-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Meli\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
FF Plugin HKU\S-1-5-21-2536932362-501151085-705957901-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Meli\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-04] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2536932362-501151085-705957901-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-06-16] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-09-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-09-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-09-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-09-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-09-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-09-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-09-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Meli\AppData\Roaming\mozilla\plugins\npatgpc.dll [2013-09-02] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Meli\AppData\Roaming\Mozilla\Firefox\Profiles\3e7cowdg.default\searchplugins\avg-secure-search.xml [2015-10-27]
FF SearchPlugin: C:\Users\Meli\AppData\Roaming\Mozilla\Firefox\Profiles\3e7cowdg.default\searchplugins\bing-lavasoft.xml [2015-09-17]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-10-27]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-05-28] [not signed]
FF Extension: Add to Amazon Wish List Button - C:\Users\Meli\AppData\Roaming\Mozilla\Firefox\Profiles\3e7cowdg.default\extensions\amznUWL2@amazon.com.xpi [2015-09-29]
FF Extension: StumbleUpon - C:\Users\Meli\AppData\Roaming\Mozilla\Firefox\Profiles\3e7cowdg.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2015-09-29]
FF Extension: AVG Web TuneUp - C:\Users\Meli\AppData\Roaming\Mozilla\Firefox\Profiles\3e7cowdg.default\extensions\avg@toolbar [2015-10-27] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKU\S-1-5-21-2536932362-501151085-705957901-1000\...\Firefox\Extensions: [{7A0EC178-99BF-4B0D-B818-DEDF9863FA0E}] - C:\Users\Meli\AppData\Local\{7A0EC178-99BF-4B0D-B818-DEDF9863FA0E}
FF Extension: XULRunner - C:\Users\Meli\AppData\Local\{7A0EC178-99BF-4B0D-B818-DEDF9863FA0E} [2010-07-20] [not signed]
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Meli\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.796\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Meli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo Web) - C:\Users\Meli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol [2015-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Meli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-20]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Meli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-11-20]
CHR Extension: (Amazon for Chrome) - C:\Users\Meli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2015-11-20] [UpdateUrl: hxxp://d1h5tuq46hrbzn.cloudfront.net/abb/chrome/update.xml] <==== ATTENTION
CHR HKU\S-1-5-21-2536932362-501151085-705957901-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2012-09-27]
CHR HKLM-x32\...\Chrome\Extension: [aaaanijiojpcccpkjdjjmjghddcgcbfj] - C:\Users\Meli\AppData\Local\APN\GoogleCRXs\aaaanijiojpcccpkjdjjmjghddcgcbfj_7.17.1.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome.4P3V6JQV6475VKEVLWIMFVR7ZI - C:\Users\Meli\AppData\Local\Google\Chrome\Application\46.1.2479.0\chromer.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1563664 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-30] (AVG Technologies CZ, s.r.o.)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [938776 2013-05-12] (BitRaider, LLC)
R2 CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [323072 2014-11-25] (Felix Belzile) [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-10-26] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 ImeDictUpdateService; C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [83312 2010-10-20] (Microsoft Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe [712432 2015-08-27] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-09] (Lavasoft Limited)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-10-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-22] (Electronic Arts)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2932224 2011-09-08] (PACE Anti-Piracy, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [60416 2009-06-22] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-01-29] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2015-11-09] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 vToolbarUpdater14.0.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [945328 2013-01-15] ()
R2 vToolbarUpdater40.1.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe [1875856 2015-10-06] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-10-27] ()
S2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-05-12] (BitRaider)
S3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [25216 2014-02-28] (Dev47Apps)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [53793 2006-06-28] (Compuware Corporation) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-20] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S2 MCSTRM; no ImagePath
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-18] (Riverbed Technology, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-31] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [30336 2007-01-18] (Research in Motion Ltd)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2011-02-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2011-02-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2011-02-14] (LG Electronics Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-20 22:20 - 2015-11-20 22:21 - 00039518 _____ C:\Users\Meli\Downloads\FRST.txt
2015-11-20 22:20 - 2015-11-20 22:20 - 02345984 _____ (Farbar) C:\Users\Meli\Downloads\FRST64.exe
2015-11-20 22:20 - 2015-11-20 22:20 - 00000000 ____D C:\FRST
2015-11-18 00:40 - 2015-11-18 00:40 - 00000715 _____ C:\Users\Meli\Desktop\bass.nwc
2015-11-16 21:38 - 2015-11-16 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-11-16 21:38 - 2015-11-16 21:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-15 04:40 - 2015-11-03 12:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-14 23:21 - 2015-10-29 12:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-14 23:21 - 2015-10-29 12:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-14 23:21 - 2015-10-29 12:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-14 23:21 - 2015-10-29 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-14 23:21 - 2015-10-29 12:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-14 23:21 - 2015-10-29 12:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-14 23:21 - 2015-10-29 12:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-14 23:21 - 2015-10-20 13:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-14 23:21 - 2015-10-20 13:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-14 23:21 - 2015-10-20 13:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-14 23:21 - 2015-10-20 13:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-14 23:21 - 2015-10-20 13:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-14 23:21 - 2015-10-20 13:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-14 23:21 - 2015-10-20 13:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-14 23:21 - 2015-10-20 12:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-14 23:21 - 2015-10-20 12:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-14 23:21 - 2015-10-20 12:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-14 23:21 - 2015-10-20 12:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-14 23:21 - 2015-10-13 11:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-14 23:21 - 2015-10-13 11:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-14 23:21 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-14 23:20 - 2015-10-20 13:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-14 23:20 - 2015-10-20 13:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-14 23:20 - 2015-10-20 13:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-14 23:20 - 2015-10-20 13:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-14 23:20 - 2015-10-20 12:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-14 23:19 - 2015-11-03 17:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-14 23:19 - 2015-11-03 16:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-14 23:19 - 2015-10-30 18:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-14 23:19 - 2015-10-30 18:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-14 23:19 - 2015-10-30 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-14 23:19 - 2015-10-30 18:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-14 23:19 - 2015-10-30 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-14 23:19 - 2015-10-30 18:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-14 23:19 - 2015-10-30 18:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-14 23:19 - 2015-10-30 18:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-14 23:19 - 2015-10-30 18:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-14 23:19 - 2015-10-30 18:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-14 23:19 - 2015-10-30 18:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-14 23:19 - 2015-10-30 18:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-14 23:19 - 2015-10-30 18:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-14 23:19 - 2015-10-30 18:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-14 23:19 - 2015-10-30 18:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-14 23:19 - 2015-10-30 18:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-14 23:19 - 2015-10-30 18:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-14 23:19 - 2015-10-30 18:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-14 23:19 - 2015-10-30 18:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-14 23:19 - 2015-10-30 17:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-14 23:19 - 2015-10-30 17:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-14 23:19 - 2015-10-30 17:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-14 23:19 - 2015-10-30 17:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-14 23:19 - 2015-10-30 17:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-14 23:19 - 2015-10-30 17:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-14 23:19 - 2015-10-30 17:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-14 23:19 - 2015-10-30 17:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-14 23:19 - 2015-10-30 17:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-14 23:19 - 2015-10-30 17:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-14 23:19 - 2015-10-30 17:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-14 23:19 - 2015-10-30 17:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-14 23:19 - 2015-10-30 17:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-14 23:19 - 2015-10-30 17:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-14 23:19 - 2015-10-30 17:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-14 23:19 - 2015-10-30 17:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-14 23:19 - 2015-10-30 17:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-14 23:19 - 2015-10-30 17:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-14 23:19 - 2015-10-30 17:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-14 23:19 - 2015-10-30 17:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-14 23:19 - 2015-10-30 17:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-14 23:19 - 2015-10-30 17:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-14 23:19 - 2015-10-30 17:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-14 23:19 - 2015-10-30 17:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-14 23:19 - 2015-10-30 17:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-14 23:19 - 2015-10-30 17:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-14 23:19 - 2015-10-30 17:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-14 23:19 - 2015-10-30 17:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-14 23:19 - 2015-10-30 17:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-14 23:19 - 2015-10-30 17:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-14 23:19 - 2015-10-30 17:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-14 23:19 - 2015-10-30 17:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-14 23:19 - 2015-10-30 17:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-14 23:19 - 2015-10-30 17:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-14 23:19 - 2015-10-30 17:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-14 23:19 - 2015-10-30 17:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-14 23:19 - 2015-10-30 17:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-14 23:19 - 2015-10-30 17:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-14 23:19 - 2015-10-30 17:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-14 23:19 - 2015-10-30 16:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-14 23:19 - 2015-10-30 16:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-14 23:19 - 2015-10-30 16:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-14 23:19 - 2015-10-30 16:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-14 23:19 - 2015-10-19 20:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-14 23:19 - 2015-10-19 20:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-14 23:19 - 2015-10-19 20:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-14 23:19 - 2015-10-19 20:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-14 23:19 - 2015-10-19 20:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-14 23:19 - 2015-10-19 19:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-14 23:19 - 2015-10-19 19:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-14 23:19 - 2015-10-19 19:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-14 23:19 - 2015-10-19 19:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-14 23:19 - 2015-09-23 08:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-14 23:18 - 2015-10-19 20:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-14 23:18 - 2015-10-19 20:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-14 23:18 - 2015-10-19 20:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-14 23:18 - 2015-10-19 20:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-14 23:18 - 2015-10-19 20:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-14 23:18 - 2015-10-19 20:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-14 23:18 - 2015-10-19 20:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-14 23:18 - 2015-10-19 20:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-14 23:18 - 2015-10-19 20:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-14 23:18 - 2015-10-19 20:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-14 23:18 - 2015-10-19 20:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-14 23:18 - 2015-10-19 20:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-14 23:18 - 2015-10-19 20:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-14 23:18 - 2015-10-19 19:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-14 23:18 - 2015-10-19 19:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-14 23:18 - 2015-10-19 19:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-14 23:18 - 2015-10-19 19:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-14 23:18 - 2015-10-19 19:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-14 23:18 - 2015-10-19 19:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-14 23:18 - 2015-10-19 19:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-14 23:18 - 2015-10-19 19:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-14 23:18 - 2015-10-19 19:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-14 23:18 - 2015-10-19 19:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-14 23:18 - 2015-10-19 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-14 23:18 - 2015-10-19 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 18:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-14 23:18 - 2015-10-19 18:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-14 23:18 - 2015-10-19 18:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-14 23:18 - 2015-10-19 18:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-14 23:18 - 2015-10-19 18:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-14 23:18 - 2015-10-19 18:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 18:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 18:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-14 23:18 - 2015-10-19 18:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-14 23:18 - 2015-09-23 08:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-14 23:18 - 2015-09-23 08:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-14 23:17 - 2015-10-01 13:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-14 23:17 - 2015-10-01 13:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-14 23:17 - 2015-10-01 12:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-02 05:28 - 2015-11-02 05:28 - 00000383 _____ C:\ftconfig.ini
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-20 22:18 - 2012-10-05 19:48 - 01269630 _____ C:\Windows\WindowsUpdate.log
2015-11-20 22:16 - 2012-11-27 00:13 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 22:04 - 2009-07-13 23:45 - 00015984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-20 22:04 - 2009-07-13 23:45 - 00015984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-20 22:03 - 2012-02-04 18:45 - 00000000 ____D C:\ProgramData\Ableton
2015-11-20 21:55 - 2011-04-25 15:58 - 00000000 ____D C:\ProgramData\MFAData
2015-11-20 21:54 - 2012-05-19 23:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-20 21:51 - 2015-09-17 22:55 - 00002323 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-11-20 21:51 - 2015-09-05 14:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 21:49 - 2014-03-17 21:30 - 00000000 ____D C:\Users\Meli\AppData\Local\CrashDumps
2015-11-20 21:47 - 2013-01-15 08:14 - 00000354 _____ C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2015-11-20 21:47 - 2012-11-27 00:13 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 21:46 - 2012-09-25 22:05 - 00116887 _____ C:\Windows\setupact.log
2015-11-20 21:46 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 00:29 - 2011-07-21 17:19 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2536932362-501151085-705957901-1000UA.job
2015-11-18 00:56 - 2015-07-02 20:35 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-18 00:56 - 2014-03-31 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-11-17 21:30 - 2009-07-14 00:13 - 00875868 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-17 21:29 - 2011-07-21 17:19 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2536932362-501151085-705957901-1000Core.job
2015-11-16 21:38 - 2015-09-17 22:06 - 00001936 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-11-16 21:21 - 2009-07-13 23:45 - 00405120 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-16 21:14 - 2011-08-02 03:14 - 00867990 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-16 01:05 - 2012-05-13 20:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-15 21:29 - 2014-11-23 12:30 - 00000967 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-11-15 04:24 - 2013-06-13 01:18 - 00000000 ____D C:\Users\Meli\AppData\Roaming\Little Inferno
2015-11-15 03:17 - 2015-09-23 22:32 - 00000000 ____D C:\Windows\system32\MRT
2015-11-15 03:06 - 2010-05-31 17:36 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-15 03:01 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-15 01:16 - 2013-09-24 23:29 - 00000000 ____D C:\Users\Meli\AppData\Roaming\FEZ
2015-11-14 23:58 - 2012-05-19 23:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-14 23:57 - 2012-05-19 23:40 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-14 23:57 - 2011-09-04 15:40 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-09 18:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-03 00:10 - 2013-05-18 16:01 - 00000000 ____D C:\Users\Meli\Documents\Rodolfo
2015-10-27 22:16 - 2015-10-05 19:56 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-10-26 00:42 - 2013-11-25 21:40 - 00001318 _____ C:\Users\Meli\Documents\rewards.txt
2015-10-23 20:06 - 2012-09-25 22:05 - 00520778 _____ C:\Windows\PFRO.log
 
==================== Files in the root of some directories =======
 
2012-12-22 00:42 - 2012-12-22 00:52 - 1174411264 _____ () C:\Program Files\Love actually (2003).avi
2013-09-05 06:33 - 2013-09-05 06:34 - 102491779 _____ () C:\Program Files\Zumba inspired FUN LATIN SOCA DANCE WORKOUT!!.mp4
2013-10-27 21:13 - 2014-07-02 07:00 - 0003736 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2011-01-30 16:22 - 2011-01-30 16:22 - 0000604 ____H () C:\Program Files (x86)\STFT Notifier
2013-01-24 08:05 - 2013-07-31 20:30 - 0000004 ____H () C:\Users\Meli\AppData\Roaming\5C18C8
2013-09-24 23:30 - 2013-09-24 23:13 - 0012005 _____ () C:\Users\Meli\AppData\Roaming\alsoft.ini
2013-10-21 21:22 - 2013-10-21 21:22 - 0000052 _____ () C:\Users\Meli\AppData\Roaming\Camdata.ini
2013-10-21 21:22 - 2013-10-21 21:22 - 0000408 _____ () C:\Users\Meli\AppData\Roaming\CamLayout.ini
2013-10-21 21:22 - 2013-10-21 21:22 - 0000408 _____ () C:\Users\Meli\AppData\Roaming\CamShapes.ini
2013-10-21 21:14 - 2013-10-21 21:22 - 0004510 _____ () C:\Users\Meli\AppData\Roaming\CamStudio.cfg
2010-08-07 09:34 - 2010-08-07 09:34 - 0000268 ___RH () C:\Users\Meli\AppData\Roaming\Flange Saw
2010-08-07 09:37 - 2010-08-07 09:37 - 0000268 ___RH () C:\Users\Meli\AppData\Roaming\Flowers
2013-01-29 00:19 - 2013-01-29 00:19 - 0197976 ____H () C:\Users\Meli\AppData\Roaming\MAnalyzerpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0052733 ____H () C:\Users\Meli\AppData\Roaming\MAutopanpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0003862 ____H () C:\Users\Meli\AppData\Roaming\MAutoPitchpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0052804 ____H () C:\Users\Meli\AppData\Roaming\MBandPasspresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0001235 ____H () C:\Users\Meli\AppData\Roaming\mbasestyleconfigurationpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0055445 ____H () C:\Users\Meli\AppData\Roaming\MChoruspresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0000142 ____H () C:\Users\Meli\AppData\Roaming\mcolorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0035633 ____H () C:\Users\Meli\AppData\Roaming\MCompressorpresets.xml
2011-01-07 21:42 - 2015-03-09 11:10 - 0870128 _____ () C:\Users\Meli\AppData\Roaming\mcs.rma
2013-01-29 00:19 - 2013-01-29 00:19 - 0032977 ____H () C:\Users\Meli\AppData\Roaming\MDelaypresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0027279 ____H () C:\Users\Meli\AppData\Roaming\MDistortionpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0001095 ____H () C:\Users\Meli\AppData\Roaming\menvelopepresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0002820 ____H () C:\Users\Meli\AppData\Roaming\MEqualizerAreasEditorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0041050 ____H () C:\Users\Meli\AppData\Roaming\MEqualizerpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0076741 ____H () C:\Users\Meli\AppData\Roaming\MFlangerpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0010374 ____H () C:\Users\Meli\AppData\Roaming\MFreeformAnalogEqpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0050727 ____H () C:\Users\Meli\AppData\Roaming\MFreqShifterpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0020335 ____H () C:\Users\Meli\AppData\Roaming\MHarmonizerpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0038926 ____H () C:\Users\Meli\AppData\Roaming\MLimiterpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0017558 ____H () C:\Users\Meli\AppData\Roaming\MModernCompressorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0146381 ____H () C:\Users\Meli\AppData\Roaming\MModulatorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0002658 ____H () C:\Users\Meli\AppData\Roaming\MModulatorspresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0005694 ____H () C:\Users\Meli\AppData\Roaming\MNoiseGeneratorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0014426 ____H () C:\Users\Meli\AppData\Roaming\MOscillatorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0046900 ____H () C:\Users\Meli\AppData\Roaming\MPhaserpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0084095 ____H () C:\Users\Meli\AppData\Roaming\MReverbpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0003771 ____H () C:\Users\Meli\AppData\Roaming\MRingModulatorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0039028 ____H () C:\Users\Meli\AppData\Roaming\MSaturatorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0018401 ____H () C:\Users\Meli\AppData\Roaming\MSignalGeneratorpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0002564 ____H () C:\Users\Meli\AppData\Roaming\MSpectralAnalyzerPrefilterpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0009557 ____H () C:\Users\Meli\AppData\Roaming\MStereoExpanderpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0003597 ____H () C:\Users\Meli\AppData\Roaming\MTransientpresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0044992 ____H () C:\Users\Meli\AppData\Roaming\MTremolopresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0000109 ____H () C:\Users\Meli\AppData\Roaming\MUtilitypresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0001011 ____H () C:\Users\Meli\AppData\Roaming\MValueToColor5presets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0047418 ____H () C:\Users\Meli\AppData\Roaming\MVibratopresets.xml
2013-01-29 00:19 - 2013-01-29 00:19 - 0033111 ____H () C:\Users\Meli\AppData\Roaming\MWaveShaperpresets.xml
2013-01-07 08:41 - 2013-12-04 01:13 - 0007451 ____H () C:\Users\Meli\AppData\Roaming\Rim.Desktop.Exception.log
2013-01-07 08:37 - 2013-12-31 02:41 - 0003322 ____H () C:\Users\Meli\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-01-07 08:41 - 2013-12-04 01:13 - 0001232 ____H () C:\Users\Meli\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-04-05 07:52 - 2013-12-04 01:13 - 0000770 ____H () C:\Users\Meli\AppData\Roaming\Rim.Transcoder.Exception.log
2013-01-29 00:19 - 2013-01-29 00:19 - 0018604 ____H () C:\Users\Meli\AppData\Roaming\StepSequencepresets.xml
2010-05-07 04:56 - 2013-01-28 23:46 - 0003162 ____H () C:\Users\Meli\AppData\Roaming\wklnhst.dat
2011-11-27 23:31 - 2011-11-27 23:32 - 0001412 ___SH () C:\Users\Meli\AppData\Local\121518b2t827b281r656r4vbi8m1
2011-03-30 21:23 - 2011-03-30 23:12 - 0010242 ___SH () C:\Users\Meli\AppData\Local\152u4fdc2g
2011-04-26 20:58 - 2011-04-26 20:59 - 0005512 ___SH () C:\Users\Meli\AppData\Local\3oo67x474kd88u312l74d2un4v2dx81f4yebx30ql0
2011-11-28 07:22 - 2011-11-28 07:22 - 0001394 ___SH () C:\Users\Meli\AppData\Local\4v75ye4b40v771
2011-12-01 20:46 - 2011-12-01 20:46 - 0001388 ___SH () C:\Users\Meli\AppData\Local\603732e5q466t887e628b2oot0o6
2011-03-31 22:46 - 2011-04-01 05:54 - 0010488 ___SH () C:\Users\Meli\AppData\Local\85c41t1n5cbla04i6352uvj1206w3hx3tpr218awhu85420
2011-12-05 07:40 - 2011-12-05 07:40 - 0001288 ___SH () C:\Users\Meli\AppData\Local\d4uy08m4ll5bdu
2010-12-11 23:23 - 2013-12-04 01:06 - 0025600 ____H () C:\Users\Meli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-15 21:03 - 2011-05-15 21:03 - 0001536 ___SH () C:\Users\Meli\AppData\Local\edl3w23oj3p
2011-12-16 20:12 - 2011-12-16 20:12 - 0001340 ___SH () C:\Users\Meli\AppData\Local\p8xk12g5qo6xmj
2010-08-12 18:02 - 2011-10-06 06:17 - 0000000 ____H () C:\Users\Meli\AppData\Local\prvlcl.dat
2010-07-20 10:19 - 2010-07-20 10:19 - 0000000 ____H () C:\Users\Meli\AppData\Local\Rzuqiqowa.bin
2010-05-16 17:43 - 2010-05-16 17:43 - 2158260 ____H () C:\Users\Meli\AppData\Local\tmpDSCN0017.0
2010-05-16 17:43 - 2010-05-16 17:43 - 0963600 ____H () C:\Users\Meli\AppData\Local\tmpDSCN0017.JPG
2012-09-25 20:35 - 2011-01-25 12:44 - 0097280 ____H () C:\Users\Meli\AppData\Local\UrlManager.exe
2012-09-25 20:35 - 2012-08-10 00:42 - 0002405 ____H () C:\Users\Meli\AppData\Local\urlManager.xml
2011-05-14 09:37 - 2011-05-14 10:08 - 0012036 ___SH () C:\Users\Meli\AppData\Local\v4pt6gr18h144ig60b2b7o17qt8q6qf8ro2k44i06
2010-07-20 10:19 - 2010-07-20 10:19 - 0000120 ____H () C:\Users\Meli\AppData\Local\Vxusoxo.dat
2011-03-30 21:23 - 2011-03-30 23:12 - 0010242 ___SH () C:\ProgramData\152u4fdc2g
2011-04-26 20:58 - 2011-04-26 20:59 - 0005512 ___SH () C:\ProgramData\3oo67x474kd88u312l74d2un4v2dx81f4yebx30ql0
2011-11-28 07:22 - 2011-11-28 07:22 - 0001394 ___SH () C:\ProgramData\4v75ye4b40v771
2011-03-31 22:46 - 2011-03-31 23:12 - 0010492 ___SH () C:\ProgramData\85c41t1n5cbla04i6352uvj1206w3hx3tpr218awhu85420
2011-12-05 07:40 - 2011-12-05 07:40 - 0001288 ___SH () C:\ProgramData\d4uy08m4ll5bdu
2014-02-28 00:38 - 2014-03-06 07:28 - 0000031 _____ () C:\ProgramData\droidcam-settings
2011-05-15 21:03 - 2011-05-15 21:03 - 0001536 ___SH () C:\ProgramData\edl3w23oj3p
2010-06-05 11:26 - 2010-06-05 11:26 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-08-07 09:34 - 2010-08-07 09:34 - 0000268 ___RH () C:\ProgramData\Folder Actions Handlers
2010-08-07 09:37 - 2010-08-07 09:37 - 0000268 ___RH () C:\ProgramData\Fonts
2010-08-07 09:34 - 2010-08-07 09:34 - 0000012 ___RH () C:\ProgramData\Funk Animals
2010-08-07 09:37 - 2010-08-07 09:37 - 0000012 ___RH () C:\ProgramData\Generic
2011-12-16 20:12 - 2011-12-16 20:12 - 0001340 ___SH () C:\ProgramData\p8xk12g5qo6xmj
2010-08-07 09:34 - 2010-08-07 09:41 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2010-08-07 09:37 - 2010-08-07 09:37 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
2011-05-14 09:37 - 2011-05-14 10:08 - 0012036 ___SH () C:\ProgramData\v4pt6gr18h144ig60b2b7o17qt8q6qf8ro2k44i06
 
ZeroAccess:
C:\Windows\Installer\{3cbe7659-d8d5-446b-da5d-06f3b4b1edb7}
C:\Windows\Installer\{3cbe7659-d8d5-446b-da5d-06f3b4b1edb7}\@
C:\Windows\Installer\{3cbe7659-d8d5-446b-da5d-06f3b4b1edb7}\L\00000004.@
C:\Windows\Installer\{3cbe7659-d8d5-446b-da5d-06f3b4b1edb7}\L\201d3dde
 
ZeroAccess:
C:\Users\Meli\AppData\Local\{3cbe7659-d8d5-446b-da5d-06f3b4b1edb7}
C:\Users\Meli\AppData\Local\{3cbe7659-d8d5-446b-da5d-06f3b4b1edb7}\@
 
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3788.dll
 
 
Some files in TEMP:
====================
C:\Users\Meli\AppData\Local\Temp\138d3368-3b9a-409a-adda-9f390f3699cd.exe
C:\Users\Meli\AppData\Local\Temp\anbfl89c.dll
C:\Users\Meli\AppData\Local\Temp\AVG-Safeguard.exe
C:\Users\Meli\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1054492033656785595.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1162864352100540332.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1208585331757818508.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1372188844533285461.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1422490831417173255.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1490083530294925983.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1932448532285792907.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_1981862250035870740.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_2173010823045059181.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_2332636858287018633.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_2404190913981093107.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_2503944594471921264.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_2656809465394654431.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_279250752637773760.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_2814422253962051858.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_3078542381558997326.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_31083159156106347.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_3707084788452923958.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_394252971957679293.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_4161785301900796866.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_4501900292758023582.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_4651493162736961890.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_4659350605565450940.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_4919446271829065499.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_5090950667979795897.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_5171211521430658487.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_5905993242475318362.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_6119505082766634816.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_6140309629757542862.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_618777544292916757.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_619606831158794858.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_6412620782441632373.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_656330758264098741.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_7238737221673201679.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_734486500068626932.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_7554395012944095580.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_7949589521550053155.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_9070881236653586029.dll
C:\Users\Meli\AppData\Local\Temp\clipstreamsa_945453158516749776.dll
C:\Users\Meli\AppData\Local\Temp\contentDATs.exe
C:\Users\Meli\AppData\Local\Temp\ftywqvrq.dll
C:\Users\Meli\AppData\Local\Temp\Gw2.exe
C:\Users\Meli\AppData\Local\Temp\i4jdel0.exe
C:\Users\Meli\AppData\Local\Temp\i4jdel1.exe
C:\Users\Meli\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe
C:\Users\Meli\AppData\Local\Temp\mp3el.exe
C:\Users\Meli\AppData\Local\Temp\oi_{790D7F34-3C89-45DB-B101-D9DAD059B0F4}.exe
C:\Users\Meli\AppData\Local\Temp\qqsafeud.exe
C:\Users\Meli\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Meli\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Meli\AppData\Local\Temp\SyncrosoftLicenseControlSetup.exe
C:\Users\Meli\AppData\Local\Temp\Tsu414EB3BB.dll
C:\Users\Meli\AppData\Local\Temp\TsuBADC1D63.dll
C:\Users\Meli\AppData\Local\Temp\uninst.exe
C:\Users\Meli\AppData\Local\Temp\winzipdusetup.exe
C:\Users\Meli\AppData\Local\Temp\winziprosetup.exe
C:\Users\Meli\AppData\Local\Temp\ytb.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-15 05:32
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:42 AM

Posted 22 November 2015 - 05:37 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
warning.gif Malware Warning

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should change all account information (including those used for banking, Email, eBay, Paypal, online forums, etc).

Step 1
  • Please download and install revouninstaller.pngRevo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s) to remove it:
    Vuze Remote Toolbar v6.6
    Ad-Aware Antivirus
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish
Step 2

Please download combofix.pngCombofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)

Edited by deeprybka, 22 November 2015 - 05:38 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 Meli29

Meli29
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 23 November 2015 - 01:21 AM

Hey hey! Thanks so much for the follow up and your help.

 

I stopped at step 1 because I wanted to check on the following: I downloaded Revo successfully and I was able to remove vuze remote toolbar.  I can't find ad-aware antivirus (screenshot:

 

-Meli



#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:42 AM

Posted 23 November 2015 - 05:32 AM

Thanks for letting me know:

Step 1

Please try the following:

  • Windows 7w7.png: Click on the hidden2.png button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

        Ad-aware antivirus

  • Reboot your computer.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:42 AM

Posted 27 November 2015 - 02:01 PM

Hi,

3 Day Inactivity

this is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:42 AM

Posted 29 November 2015 - 07:14 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users