FRST.LOG
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
Ran by Haley (administrator) on HALEY-PC (25-07-2015 18:11:37)
Running from C:\Users\Haley\Desktop
Loaded Profiles: Haley (Available Profiles: Haley)
Platform: Windows Vista Home Premium Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Dropbox, Inc.) C:\Users\Haley\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3863040 2008-10-13] (Dell Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-02] (AVAST Software)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => "C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1849030827-776577423-3574151073-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1849030827-776577423-3574151073-1000\...\Run: [Dropbox Update] => C:\Users\Haley\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-14] (Dropbox, Inc.)
Startup: C:\Users\Haley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Haley\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Haley\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-10-30] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1849030827-776577423-3574151073-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...&q={searchTerms}
HKU\S-1-5-21-1849030827-776577423-3574151073-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1849030827-776577423-3574151073-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-30] (AVAST Software)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-30] (AVAST Software)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{A4235AC5-5A89-47E1-8235-14B1A9D571DF}: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-10-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-30]
Chrome:
=======
CHR Profile: C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-21]
CHR Extension: (Google Docs) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-21]
CHR Extension: (Google Drive) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-21]
CHR Extension: (YouTube) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-21]
CHR Extension: (Google Search) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-21]
CHR Extension: (Google Sheets) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-21]
CHR Extension: (Google Wallet) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-21]
CHR Extension: (AdZap
Block ads across the web) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojnpdahnhojlgimjfcpnfmajngaljogh [2015-07-21]
CHR Extension: (Gmail) - C:\Users\Haley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-10-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-10-30] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2930688 2008-10-13] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-30] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-02] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2014-10-30] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [331504 2014-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-10-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-30] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-10-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-30] ()
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [129792 2013-04-24] (Gemalto)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 USBCCID; C:\Windows\System32\DRIVERS\usbccid.sys [38400 2009-04-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 16:24 - 2015-07-25 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-25 16:22 - 2015-07-25 17:01 - 00000000 ____D C:\Users\Haley\Desktop\mbar
2015-07-25 16:21 - 2015-07-25 16:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Haley\Desktop\mbar-1.09.1.1004.exe
2015-07-23 20:06 - 2015-07-23 20:06 - 00852676 _____ C:\Users\Haley\Desktop\SecurityCheck.exe
2015-07-23 13:25 - 2015-07-23 13:25 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-23 13:21 - 2015-07-23 13:21 - 00001059 _____ C:\mbab.txt
2015-07-22 06:35 - 2015-07-23 06:34 - 00000000 ____D C:\AdwCleaner
2015-07-22 06:35 - 2015-07-22 06:35 - 02248704 _____ C:\Users\Haley\Desktop\AdwCleaner.exe
2015-07-22 06:30 - 2015-07-22 06:33 - 00001255 _____ C:\Users\Haley\Desktop\JRT.txt
2015-07-21 19:37 - 2015-07-21 19:37 - 00000000 ____D C:\Users\Haley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-21 06:50 - 2015-07-21 06:50 - 00029037 _____ C:\Users\Haley\Desktop\Addition.txt
2015-07-21 06:49 - 2015-07-25 18:11 - 00013449 _____ C:\Users\Haley\Desktop\FRST.txt
2015-07-21 06:49 - 2015-07-25 18:11 - 00000000 ____D C:\Users\Haley\Desktop\FRST-OlderVersion
2015-07-21 03:00 - 2015-07-14 12:02 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 03:00 - 2015-07-14 11:45 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 03:00 - 2015-07-14 10:34 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 03:00 - 2015-07-14 10:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 22:06 - 2015-07-20 22:06 - 00003114 _____ C:\Windows\System32\Tasks\avastBCLRestart_IEXPLORE.EXE
2015-07-16 03:14 - 2015-06-27 12:03 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 03:14 - 2015-06-27 12:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-16 03:14 - 2015-06-27 12:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 03:14 - 2015-06-27 12:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 03:14 - 2015-06-27 12:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-07-16 03:14 - 2015-06-27 11:40 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 03:14 - 2015-06-27 11:40 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 03:14 - 2015-06-27 11:40 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 03:14 - 2015-06-27 11:39 - 01065472 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-16 03:14 - 2015-06-27 10:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 03:14 - 2015-06-27 10:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 03:14 - 2015-06-12 09:13 - 00516544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 03:14 - 2015-01-08 20:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 03:13 - 2015-07-03 12:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 03:13 - 2015-07-03 11:41 - 01916416 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 03:13 - 2015-06-24 23:09 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 03:12 - 2015-05-31 04:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-16 03:12 - 2015-05-31 03:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 03:11 - 2015-06-17 12:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 03:11 - 2015-06-17 12:23 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 03:11 - 2015-06-17 11:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 03:11 - 2015-06-17 11:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 03:11 - 2015-06-12 12:03 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 03:11 - 2015-06-12 11:46 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:19 - 2015-07-03 02:18 - 17887744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 09:19 - 2015-07-03 02:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 09:19 - 2015-07-03 01:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 09:19 - 2015-07-03 01:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 09:14 - 2015-06-16 21:52 - 02343936 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 09:14 - 2015-06-16 21:50 - 10936320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 09:14 - 2015-06-16 21:50 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 09:14 - 2015-06-16 21:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 09:14 - 2015-06-16 21:47 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 09:14 - 2015-06-16 21:46 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 09:14 - 2015-06-16 21:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 09:14 - 2015-06-16 21:46 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 09:14 - 2015-06-16 21:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 09:14 - 2015-06-16 21:46 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 09:14 - 2015-06-16 21:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 09:14 - 2015-06-16 21:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-15 09:14 - 2015-06-16 21:46 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 09:14 - 2015-06-16 21:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 09:14 - 2015-06-16 21:45 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 09:14 - 2015-06-16 21:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 09:14 - 2015-06-16 21:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 09:14 - 2015-06-16 21:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-15 09:14 - 2015-06-16 21:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-15 09:14 - 2015-06-16 21:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-15 09:14 - 2015-06-16 21:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 09:14 - 2015-06-16 21:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 09:14 - 2015-06-16 21:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 09:14 - 2015-06-16 21:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 09:14 - 2015-06-16 21:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 09:14 - 2015-06-16 21:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 09:14 - 2015-06-16 21:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 09:14 - 2015-06-16 21:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 09:14 - 2015-06-16 21:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-07-15 09:14 - 2015-06-16 21:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-07-15 09:14 - 2015-06-16 21:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-07-15 07:39 - 2015-07-15 07:39 - 03034989 _____ (Malwarebytes Corporation) C:\Users\Haley\Desktop\JRT.exe
2015-07-15 07:35 - 2015-07-25 18:11 - 02146816 _____ (Farbar) C:\Users\Haley\Desktop\FRST64.exe
2015-07-15 07:25 - 2015-07-25 18:11 - 00000000 ____D C:\FRST
2015-07-15 07:25 - 2015-07-15 07:26 - 00025264 _____ C:\Users\Haley\Downloads\FRST.txt
2015-07-15 07:25 - 2015-07-15 07:26 - 00025145 _____ C:\Users\Haley\Downloads\Addition.txt
2015-07-15 07:23 - 2015-07-15 07:24 - 02133504 _____ (Farbar) C:\Users\Haley\Downloads\FRST64.exe
2015-07-15 07:14 - 2015-07-15 07:14 - 00000207 _____ C:\Windows\tweaking.com-regbackup-HALEY-PC-Windows-Vista--Home-Premium-(64-bit).dat
2015-07-15 07:13 - 2015-07-15 07:13 - 00000000 ____D C:\RegBackup
2015-07-15 03:55 - 2015-05-08 19:09 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-15 03:55 - 2015-05-08 19:01 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-15 03:54 - 2015-05-04 18:51 - 10627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-15 03:54 - 2015-05-04 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-15 03:54 - 2015-05-04 18:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-15 03:54 - 2015-05-04 18:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-15 03:54 - 2015-05-04 18:33 - 13427712 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-15 03:54 - 2015-05-04 18:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-15 03:54 - 2015-05-04 18:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-15 03:54 - 2015-05-04 18:32 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-15 03:54 - 2015-05-04 17:39 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-15 03:54 - 2015-05-04 17:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-15 03:47 - 2015-04-24 11:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-15 03:47 - 2015-04-24 11:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-14 12:46 - 2015-07-25 10:07 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-14 12:45 - 2015-07-25 16:22 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-14 12:45 - 2015-07-14 12:45 - 00000943 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-14 12:45 - 2015-07-14 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-14 12:45 - 2015-07-14 12:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-14 12:45 - 2015-07-14 12:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-14 12:45 - 2015-06-18 08:41 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-14 12:45 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-14 12:27 - 2015-07-14 12:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2015-07-14 11:39 - 2015-07-25 17:50 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1849030827-776577423-3574151073-1000UA.job
2015-07-14 11:39 - 2015-07-25 10:13 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1849030827-776577423-3574151073-1000Core.job
2015-07-14 11:39 - 2015-07-20 21:45 - 00003802 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1849030827-776577423-3574151073-1000UA
2015-07-14 11:39 - 2015-07-20 21:45 - 00003406 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1849030827-776577423-3574151073-1000Core
2015-07-14 11:39 - 2015-07-14 11:39 - 00000000 ____D C:\Users\Haley\AppData\Local\Dropbox
2015-07-14 11:39 - 2015-07-14 11:39 - 00000000 ____D C:\ProgramData\Dropbox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 18:06 - 2014-10-30 07:37 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 16:20 - 2008-01-20 21:53 - 01310627 _____ C:\Windows\WindowsUpdate.log
2015-07-25 12:06 - 2006-11-02 11:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 12:06 - 2006-11-02 11:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 10:20 - 2014-10-30 07:36 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-24 04:56 - 2006-11-02 08:46 - 00758626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-24 04:51 - 2015-02-11 08:38 - 00000000 ___RD C:\Users\Haley\Dropbox
2015-07-24 04:51 - 2015-02-11 08:31 - 00000000 ____D C:\Users\Haley\AppData\Roaming\Dropbox
2015-07-24 04:49 - 2014-11-07 07:44 - 00000808 _____ C:\Windows\system32\spsys.log
2015-07-24 04:49 - 2006-11-02 11:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-24 04:47 - 2006-11-02 11:42 - 00020492 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-23 12:39 - 2014-10-30 08:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-22 05:59 - 2006-11-02 11:27 - 00027277 _____ C:\Windows\setupact.log
2015-07-21 03:18 - 2006-11-02 11:21 - 00237480 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-16 08:01 - 2014-10-30 07:37 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 08:01 - 2014-10-30 07:36 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 03:08 - 2014-10-29 14:27 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 04:31 - 2006-11-02 09:33 - 00000000 ____D C:\Windows\rescache
2015-07-14 15:36 - 2008-01-20 23:26 - 00684180 _____ C:\Windows\PFRO.log
2015-07-14 13:51 - 2006-11-02 09:33 - 00000000 ____D C:\Windows\Resources
2015-07-14 11:22 - 2015-06-04 10:20 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-03 08:43 - 2006-11-02 08:35 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Files in the root of some directories =======
2014-10-29 12:35 - 2014-10-29 13:37 - 0000732 _____ () C:\Users\Haley\AppData\Local\d3d9caps64.dat
2015-02-02 13:49 - 2015-02-02 13:49 - 0003584 _____ () C:\Users\Haley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Users\Haley\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn6zwbn.dll
C:\Users\Haley\AppData\Local\Temp\Quarantine.exe
C:\Users\Haley\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-24 16:56
==================== End of log ============================