Jump to content

FUExtrashopper

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hey TY, hAddition.txtere's the logs from Farbar (attatching the addition as the post becomes too long if i paste) Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015Ran by ddd (administrator) on ddd-PC on 12-03-2015 10:52:22Running from C:\Users\ddd\DownloadsLoaded Profiles: ddd (Available profiles: ddd)Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Hi-Rez Studios) G:\Spel\HiPatchService.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\SysWOW64\PnkBstrA.exe() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe(Spotify Ltd) C:\Users\ddd\AppData\Roaming\Spotify\SpotifyWebHelper.exe(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe(Spotify Ltd) C:\Users\ddd\AppData\Roaming\Spotify\Spotify.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe(Microsoft Corporation) C:\Windows\System32\msiexec.exe(Spotify Ltd) C:\Users\ddd\AppData\Roaming\Spotify\SpotifyCrashService.exe(Spotify Ltd) C:\Users\ddd\AppData\Roaming\Spotify\Spotify.exe(Spotify Ltd) C:\Users\ddd\AppData\Roaming\Spotify\Spotify.exe() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe(Razer, Inc.) C:\Users\ddd\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Akamai Technologies, Inc.) C:\Users\ddd\AppData\Local\Akamai\netsession_win.exe(Akamai Technologies, Inc.) C:\Users\ddd\AppData\Local\Akamai\netsession_win.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\SndVol.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\consent.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\Run: [Akamai NetSession Interface] => C:\Users\ddd\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\Run: [spotify Web Helper] => C:\Users\ddd\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-11] (Spotify Ltd)HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\Run: [Voobly] => G:\Spel\Voobly\voobly.exe [159744 2015-02-07] (Voobly)HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\Run: [spotify] => C:\Users\ddd\AppData\Roaming\Spotify\Spotify.exe [6611512 2015-03-11] (Spotify Ltd)HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\Policies\Explorer: [] HKU\S-1-5-21-1341989918-1068890364-4118146772-1000\...\MountPoints2: {6df2ae73-dbc5-11e3-85d2-806e6f6e6963} - D:\Bin\ASSETUP.exeHKU\S-1-5-21-1341989918-1068890364-4118146772-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)GroupPolicy: Group Policy on Chrome detected <======= ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSEHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSEHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comHKU\S-1-5-21-1341989918-1068890364-4118146772-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSEHKU\S-1-5-21-1341989918-1068890364-4118146772-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://no.msn.com/?rd=1&ucc=NO&dcc=NO&opt=0&ocid=iehpSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-12-02] (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-18] (Oracle Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-18] (Oracle Corporation)BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] ()BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-10-14] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-05] (Oracle Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-05] (Oracle Corporation)Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-05-29] (Microsoft Corporation)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2014-08-28] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 130.67.15.198 193.213.112.4 FireFox:========FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-18] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-18] (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-29] (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-05] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-05] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-29] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-05-29] (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No FileFF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)FF Plugin HKU\S-1-5-21-1341989918-1068890364-4118146772-1000: @adobe.com/Acrobat,version=5.1 -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll [2002-08-11] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-1341989918-1068890364-4118146772-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ddd\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)FF Plugin HKU\S-1-5-21-1341989918-1068890364-4118146772-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-30] () Chrome: =======CHR dev: Chrome dev build detected! <======= ATTENTIONCHR DefaultSearchKeyword: Default -> 29A5A5AE0BD21CFD32E35DCA1217ADCB364508C66A3A3E313DF466730E3B23ACCHR DefaultSearchURL: Default -> 6A421FB6A37D55931E10A2EE9D29758582783C5B49F2550578E79DF84C132DB8CHR Profile: C:\Users\ddd\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-17]CHR Extension: (Google Drive) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-17]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-30]CHR Extension: (YouTube) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-17]CHR Extension: (Battlefield Heroes) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-11-04]CHR Extension: (Google Search) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-17]CHR Extension: (AdBlock) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-29]CHR Extension: (Hola Better Internet) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-19]CHR Extension: (Master Sword) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkbhjgdkccbjhpgfgjelcedahpnmefk [2014-12-18]CHR Extension: (TabInfoCopy) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\micdllihgoppmejpecmkilggmaagfdmb [2015-03-11]CHR Extension: (Google Wallet) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-17]CHR Extension: (Gmail) - C:\Users\ddd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-17] Opera: =======OPR Extension: (The Weather) - C:\Users\ddd\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnejmennopimdkhecilfhkmmjolebocd [2014-05-18]OPR Extension: (Adblock Plus) - C:\Users\ddd\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-05-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)U2 HiPatchService; G:\Spel\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-04] ()R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)S2 2969302e; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\LibraryEngine\LibraryEngine.dll",serv ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-09-05] (Razer Inc)R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-09-05] (Razer Inc)S3 VGPU; System32\drivers\rdvgkmd.sys [X]S3 ZDPNDIS4; \??\C:\Windows\system32\ZDPNDIS4.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-12 10:52 - 2015-03-12 10:52 - 00022369 _____ () C:\Users\ddd\Downloads\FRST.txt2015-03-12 10:52 - 2015-03-12 10:52 - 00000000 ____D () C:\FRST2015-03-12 10:51 - 2015-03-12 10:51 - 02095616 _____ (Farbar) C:\Users\ddd\Downloads\FRST64.exe2015-03-12 00:10 - 2015-03-12 00:10 - 00000000 __SHD () C:\Users\ddd\AppData\Local\EmieBrowserModeList2015-03-11 20:49 - 2015-03-11 20:49 - 00013476 _____ () C:\Users\ddd\Downloads\hijackthis.log2015-03-11 20:48 - 2015-03-11 20:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\ddd\Downloads\HijackThis.exe2015-03-11 20:23 - 2015-03-11 20:32 - 00000000 ____D () C:\AdwCleaner2015-03-11 20:23 - 2015-03-11 20:23 - 02171392 _____ () C:\Users\ddd\Downloads\adwcleaner_4.112.exe2015-03-11 20:09 - 2015-03-11 20:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-03-11 20:08 - 2015-03-11 20:08 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-03-11 20:08 - 2015-03-11 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-03-11 20:08 - 2015-03-11 20:08 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-03-11 20:08 - 2015-03-11 20:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-03-11 20:08 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-03-11 20:08 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-03-11 20:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-03-11 20:04 - 2015-03-11 20:05 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ddd\Downloads\mbam-setup-2.0.4.1028.exe2015-03-11 20:02 - 2015-03-11 20:16 - 00000000 ____D () C:\Program Files (x86)\LibraryEngine2015-03-11 19:49 - 2015-03-11 19:49 - 00003340 _____ () C:\Windows\System32\Tasks\{65B64E8A-CF77-41DB-9972-523688D4E353}2015-03-11 19:00 - 2015-03-11 19:00 - 00000000 ____D () C:\Program Files (x86)\TabInfoCopy2015-03-11 17:57 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-03-11 17:57 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-03-11 17:57 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-03-11 17:57 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-03-11 17:57 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-03-11 17:57 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-03-11 17:57 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-03-11 17:57 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-03-11 17:57 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-03-11 17:57 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-03-11 17:57 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-03-11 17:57 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-03-11 17:57 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-03-11 17:57 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-03-11 17:57 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-03-11 17:57 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2015-03-11 17:57 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2015-03-11 17:57 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-03-11 17:57 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2015-03-11 17:57 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2015-03-11 17:57 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2015-03-11 17:57 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2015-03-11 17:57 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2015-03-11 17:57 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-03-11 17:57 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2015-03-11 17:57 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2015-03-11 17:57 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2015-03-11 17:57 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-03-11 17:57 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2015-03-11 17:57 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys2015-03-11 17:57 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2015-03-11 17:57 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2015-03-11 17:57 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll2015-03-11 17:57 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll2015-03-11 17:57 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx2015-03-11 17:57 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll2015-03-11 17:57 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2015-03-11 17:57 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2015-03-11 17:57 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll2015-03-11 17:57 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll2015-03-11 17:57 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe2015-03-11 17:57 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe2015-03-11 17:57 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll2015-03-11 17:57 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2015-03-11 17:57 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll2015-03-11 17:57 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys2015-03-11 17:57 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-03-11 17:57 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-03-11 17:57 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2015-03-11 17:57 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll2015-03-11 17:57 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll2015-03-11 17:57 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2015-03-11 17:57 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll2015-03-11 17:57 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx2015-03-11 17:57 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll2015-03-11 17:57 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2015-03-11 17:57 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe2015-03-11 17:57 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe2015-03-11 17:57 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll2015-03-11 17:57 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2015-03-11 17:57 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys2015-03-11 17:57 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2015-03-11 17:57 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe2015-03-11 17:56 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-03-11 17:56 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-03-11 17:56 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-03-11 17:56 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-03-11 17:56 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-03-11 17:56 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-03-11 17:56 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-03-11 17:56 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-03-11 17:56 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-03-11 17:56 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-03-11 17:56 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-03-11 17:56 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-03-11 17:56 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-03-11 17:56 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-03-11 17:56 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-03-11 17:56 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-03-11 17:56 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-03-11 17:56 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-03-11 17:56 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-03-11 17:56 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-03-11 17:56 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-03-11 17:56 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-03-11 17:56 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-03-11 17:56 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-03-11 17:56 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-03-11 17:56 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-03-11 17:56 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-03-11 17:56 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-03-11 17:56 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-03-11 17:56 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-03-11 17:56 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-03-11 17:56 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-03-11 17:56 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-03-11 17:56 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-03-11 17:56 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-03-11 17:56 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-03-11 17:56 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-03-11 17:56 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-03-11 17:56 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-03-11 17:56 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-03-11 17:56 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-03-11 17:56 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-03-11 17:56 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-03-11 17:56 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-03-11 17:56 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-03-11 17:56 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-03-11 17:56 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-03-11 17:56 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-03-11 17:56 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-03-11 17:56 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-03-11 17:56 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-03-11 17:56 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-03-11 17:56 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-03-11 17:56 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-03-11 17:56 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-03-11 17:56 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-03-11 17:56 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-03-11 17:56 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2015-03-11 17:56 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2015-03-11 17:56 - 2015-01-31 04:48 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2015-03-11 17:56 - 2015-01-31 04:05 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2015-03-11 17:56 - 2015-01-31 04:04 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys2015-03-11 17:56 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll2015-03-11 17:56 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll2015-03-11 17:54 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2015-03-11 17:54 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2015-03-01 03:28 - 2015-03-01 03:28 - 00000000 ____D () C:\Users\ddd\Documents\DyingLight2015-03-01 01:47 - 2015-03-01 01:47 - 00000000 ____D () C:\Users\ddd\AppData\Local\Steam2015-02-28 17:40 - 2015-03-12 10:48 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ddd-PC-ddd ddd-PC2015-02-25 23:17 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls2015-02-25 23:17 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls2015-02-25 20:23 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll2015-02-25 20:23 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll2015-02-25 20:23 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll2015-02-25 20:23 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll2015-02-22 20:34 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2015-02-22 20:33 - 2015-02-05 22:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2015-02-22 20:33 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2015-02-22 20:33 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2015-02-22 20:33 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2015-02-22 20:33 - 2015-02-05 22:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2015-02-22 20:33 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2015-02-22 20:33 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2015-02-22 20:33 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2015-02-22 20:33 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2015-02-22 20:33 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2015-02-22 20:33 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2015-02-22 20:33 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2015-02-22 20:33 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll2015-02-22 20:33 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2015-02-22 20:33 - 2015-02-05 22:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2015-02-22 20:33 - 2015-02-05 22:01 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2015-02-21 22:45 - 2015-02-21 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi2015-02-21 22:45 - 2015-02-21 22:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi2015-02-20 17:42 - 2015-02-20 17:43 - 00000000 ____D () C:\Program Files (x86)\InstaBrowser2015-02-11 20:44 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2015-02-11 20:44 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2015-02-11 20:39 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-02-11 20:39 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-02-11 20:39 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-02-11 20:39 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-02-11 20:39 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-02-11 20:39 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-02-11 20:39 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-02-11 20:39 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe2015-02-11 20:26 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll2015-02-11 20:26 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll2015-02-11 20:26 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2015-02-11 20:26 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2015-02-11 20:26 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll2015-02-10 16:14 - 2015-02-11 20:49 - 00248003 _____ () C:\Users\ddd\Desktop\Presentasjon Krafttak mot kreft.pptx ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-12 10:50 - 2014-05-14 16:19 - 01620595 _____ () C:\Windows\WindowsUpdate.log2015-03-12 10:47 - 2014-07-03 19:48 - 00000000 ____D () C:\Users\ddd\AppData\Local\LogMeIn Hamachi2015-03-12 10:47 - 2014-05-29 11:22 - 00000000 ____D () C:\Users\ddd\AppData\Local\Akamai2015-03-12 10:47 - 2014-05-19 14:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-03-12 10:47 - 2014-05-18 16:26 - 00000000 ____D () C:\Users\ddd\AppData\Roaming\Spotify2015-03-12 10:47 - 2014-05-18 16:26 - 00000000 ____D () C:\Users\ddd\AppData\Local\Spotify2015-03-12 10:47 - 2009-07-14 05:51 - 00124406 _____ () C:\Windows\setupact.log2015-03-12 10:46 - 2014-08-17 12:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-03-12 10:46 - 2014-05-16 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA2015-03-12 10:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-03-12 00:23 - 2014-12-03 21:46 - 00000000 ____D () C:\Users\ddd\Desktop\All skjiten2015-03-12 00:15 - 2014-08-17 12:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-03-11 23:35 - 2014-06-14 00:52 - 00000000 ____D () C:\Users\ddd\AppData\Roaming\vlc2015-03-11 21:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache2015-03-11 20:31 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI2015-03-11 20:25 - 2010-11-21 04:47 - 00092300 _____ () C:\Windows\PFRO.log2015-03-11 20:16 - 2009-07-14 05:45 - 00025936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-03-11 20:16 - 2009-07-14 05:45 - 00025936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-03-11 19:00 - 2015-01-30 16:16 - 00000000 ____D () C:\ProgramData\97017292515552430452015-03-11 18:40 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD2015-03-11 18:40 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk2015-03-11 18:40 - 2009-07-14 05:45 - 00514592 _____ () C:\Windows\system32\FNTCACHE.DAT2015-03-11 18:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing2015-03-11 18:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism2015-03-11 18:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism2015-03-11 18:03 - 2014-05-18 15:21 - 00000000 ____D () C:\Windows\system32\MRT2015-03-11 18:00 - 2014-05-18 15:21 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-03-11 01:09 - 2014-08-10 17:01 - 00000000 ____D () C:\Users\ddd\AppData\Roaming\.minecraft2015-03-10 20:52 - 2015-02-05 21:15 - 00000020 _____ () C:\Users\ddd\AppData\Roaming\appdataFr3.bin2015-03-10 17:11 - 2014-09-02 14:29 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 14096645972015-03-10 17:11 - 2014-09-02 14:29 - 00000000 ____D () C:\Program Files (x86)\Opera2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2015-03-01 03:28 - 2014-05-18 16:53 - 00000000 ____D () C:\ProgramData\Package Cache2015-02-26 23:00 - 2014-12-10 17:24 - 00003815 _____ () C:\Users\ddd\Desktop\New Text Document.txt2015-02-25 22:38 - 2014-05-24 20:50 - 00000000 ____D () C:\Users\ddd\AppData\Roaming\Skype2015-02-25 16:32 - 2014-06-12 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly2015-02-24 17:39 - 2014-05-29 10:58 - 00000000 ____D () C:\Program Files\Microsoft Office 152015-02-22 20:34 - 2014-05-16 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2015-02-21 22:46 - 2014-10-18 23:53 - 00000000 ___RD () C:\Program Files (x86)\Skype2015-02-21 22:46 - 2014-05-24 20:50 - 00000000 ____D () C:\ProgramData\Skype2015-02-20 19:05 - 2014-07-27 13:49 - 00000000 ____D () C:\Users\ddd\AppData\Roaming\Awesomium2015-02-20 17:31 - 2014-05-18 16:14 - 00000000 ____D () C:\Users\ddd\AppData\Local\Battle.net2015-02-16 16:20 - 2014-07-03 19:49 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys2015-02-14 20:27 - 2014-12-01 18:25 - 00000000 ____D () C:\Users\ddd\AppData\Local\Popcorn-Time2015-02-12 15:59 - 2014-12-12 15:02 - 00000000 ____D () C:\Windows\system32\appraiser2015-02-12 15:59 - 2014-05-18 16:10 - 00000000 ___SD () C:\Windows\system32\CompatTel2015-02-12 15:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2015-02-12 00:11 - 2014-05-18 16:46 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk2015-02-12 00:11 - 2014-05-18 16:46 - 00001945 _____ () C:\Windows\epplauncher.mif2015-02-12 00:11 - 2014-05-18 16:46 - 00000000 ____D () C:\Program Files\Microsoft Security Client2015-02-12 00:11 - 2014-05-18 16:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client ==================== Files in the root of some directories ======= 2014-07-24 20:56 - 2014-07-23 17:08 - 221248604 _____ () C:\Users\ddd\AppData\Roaming\1_7_10_SealFolder_V2_0.zip2014-07-05 01:35 - 2014-07-05 01:35 - 353375507 _____ () C:\Users\ddd\AppData\Roaming\1_7_2_PandaFolder_V3_7.zip2015-02-05 21:15 - 2015-03-10 20:52 - 0000020 _____ () C:\Users\ddd\AppData\Roaming\appdataFr3.bin2014-08-23 16:38 - 2014-08-23 16:38 - 0000017 _____ () C:\Users\ddd\AppData\Local\resmon.resmoncfg2014-05-29 12:47 - 2014-05-29 12:47 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Some content of TEMP:====================C:\Users\ddd\AppData\Local\Temp\AcDeltree.exeC:\Users\ddd\AppData\Local\Temp\EBUD7F9.exeC:\Users\ddd\AppData\Local\Temp\EBUDE6F.DLLC:\Users\ddd\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exeC:\Users\ddd\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exeC:\Users\ddd\AppData\Local\Temp\nvSCPAPI.dllC:\Users\ddd\AppData\Local\Temp\nvSCPAPI64.dllC:\Users\ddd\AppData\Local\Temp\nvStInst.exeC:\Users\ddd\AppData\Local\Temp\optprosetup.exeC:\Users\ddd\AppData\Local\Temp\Quarantine.exeC:\Users\ddd\AppData\Local\Temp\sqlite3.dllC:\Users\ddd\AppData\Local\Temp\swt-win32-3349.dllC:\Users\ddd\AppData\Local\Temp\_is5E93.exeC:\Users\ddd\AppData\Local\Temp\_is888.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-05 16:22 ==================== End Of Log ============================
  2. Hey I'm sitting on my cousins PC and he has a browser hijacker called extrashopper making a ton of ads and (sometimes) redirecting links in Chrome (not Opera or IE). I can't find ExtraShopper in the programs & features in control panel or browser extensions in Chrome (obviously?). I've ran Mb Anti-Malware and AdwCleaner both of them finding and removing lots of stuff, but not this. Almost every result on Google seems to lead to "spammy" sites wanting me to look in programs & features or browser extensions, or installing their suspicious anti-malware software. Anyways here's the HiJackthis log, can't really see anything obvious:
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.