Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Malicious File Download 24


  • This topic is locked This topic is locked
26 replies to this topic

#1 Azreide

Azreide

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 18 March 2015 - 10:07 AM

I'm very sorry, there was some sort of error when I posted this and it posted 3 times.

 

Full System Scan and Power Eraser by Norton came up with nothing. So I seem to have had it for a while, but it's just recently seemed to actually do something. It used to be that every now and then it redirects me, maybe around once every couple weeks, but now it's doing it quite often. It sometimes redirects and sometimes opens up a new page upon clicking something, as well as what I clicked on.

It's worth noting that I had previously been infected with Malicious File Download 12, I assume they're related. Here's the FRST log with addition in the attached files.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mason (administrator) on MASON-PC on 19-03-2015 02:03:55
Running from C:\Users\Mason\Desktop\FRST
Loaded Profiles: Mason (Available profiles: Mason)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files (x86)\puush\puush.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.83.62.0\OverwolfBrowser.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\nacl64.exe
(Valve Corporation) H:\Steam\Steam.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-03-01] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-08-01] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-31] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [BitTorrent] => C:\Users\Mason\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-11-18] ()
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-02-26] (Overwolf LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
SearchScopes: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> DefaultScope {44880015-BCAE-48E7-A546-FCEA7C2EDF9D} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
SearchScopes: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> {44880015-BCAE-48E7-A546-FCEA7C2EDF9D} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-26] (Symantec Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\..\Interfaces\{430007CC-0FAE-4F6D-90A4-387DB11A7009}: [NameServer] 61.9.133.193 61.9.134.49
 
FireFox:
========
FF ProfilePath: C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-40517483-3242870874-2281284425-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Video DownloadHelper - C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-03-19]
 
Chrome: 
=======
CHR Profile: C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Sheets) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-03-16]
CHR Extension: (Video download helper) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Gmail) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-02-08]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-02-08]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [856960 2015-02-20] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-02-26] (Overwolf LTD)
S2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-03-14] (Asmedia Technology)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-02] (AVG Technologies)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150224.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-01] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30360 2015-03-04] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150317.001\IDSvia64.sys [669400 2015-02-06] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows ® Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2015-03-01] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-03-01] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150317.001\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150317.001\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-03-01] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-07] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-18 21:30 - 2015-03-18 23:27 - 00000000 ____D () C:\Users\Mason\Documents\enemy
2015-03-18 15:44 - 2015-03-18 15:44 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP
2015-03-17 01:33 - 2015-03-17 01:33 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-16 16:48 - 2015-03-16 16:48 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-16 16:48 - 2015-03-16 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\Documents\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Local\Colossal Order
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\Documents\Square Enix
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashRpt
2015-03-14 15:37 - 2015-03-18 15:41 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2015-03-14 15:37 - 2015-03-14 15:37 - 00001971 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\ProgramData\Overwolf
2015-03-14 15:36 - 2015-03-19 00:43 - 00000000 ____D () C:\Users\Mason\AppData\Local\Overwolf
2015-03-14 15:36 - 2015-03-19 00:32 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\TS3Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00001169 _____ () C:\Users\Mason\Desktop\TeamSpeak 3 Client.lnk
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\TeamSpeak 3 Client
2015-03-13 03:36 - 2015-03-13 03:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\Ori and the Blind Forest
2015-03-11 21:31 - 2015-03-06 16:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 21:31 - 2015-03-06 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 21:31 - 2015-03-06 16:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 21:31 - 2015-03-06 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 21:31 - 2015-02-26 14:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 21:31 - 2015-02-24 14:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 21:31 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 21:31 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 21:31 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 21:31 - 2015-02-20 15:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 21:31 - 2015-02-20 14:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 14:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 21:31 - 2015-02-20 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 21:31 - 2015-02-20 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 21:31 - 2015-02-20 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 21:31 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 13:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 21:31 - 2015-02-20 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 21:31 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 21:31 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 21:31 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 21:31 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 21:31 - 2015-02-20 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 21:31 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 21:31 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 21:31 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 21:31 - 2015-02-13 16:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 21:31 - 2015-02-03 14:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 21:31 - 2015-02-03 14:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 21:31 - 2015-02-03 14:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 21:31 - 2015-02-03 14:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 21:31 - 2015-02-03 14:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 21:31 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 21:31 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 13:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 21:31 - 2015-01-31 14:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 21:31 - 2015-01-31 14:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 21:31 - 2015-01-31 10:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 21:31 - 2015-01-31 10:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 21:31 - 2015-01-17 13:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 21:31 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 21:31 - 2014-11-01 09:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 21:30 - 2015-02-21 12:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 21:30 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 21:30 - 2015-02-21 10:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 21:30 - 2015-02-20 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 21:30 - 2015-02-20 13:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 21:30 - 2015-02-20 13:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 21:30 - 2015-02-20 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 21:30 - 2015-02-20 13:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 21:30 - 2015-02-20 13:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 21:30 - 2015-02-20 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 21:30 - 2015-02-20 13:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 21:30 - 2015-02-20 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 21:30 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 21:30 - 2015-02-20 12:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 21:30 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 21:30 - 2015-02-20 12:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 21:30 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 21:30 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 21:29 - 2015-02-04 14:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 21:29 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 03:18 - 2015-03-07 03:18 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\com.jarvisfilms.synonomy
2015-03-07 01:53 - 2015-03-07 15:52 - 00000000 ____D () C:\Users\Mason\AppData\Local\Microsoft Games
2015-03-07 00:58 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 18:30 - 2015-03-06 18:30 - 00000000 ____D () C:\Users\Mason\Documents\Paradox Interactive
2015-03-05 17:14 - 2015-03-05 17:15 - 00027136 _____ () C:\Users\Mason\Desktop\Snowman.avi
2015-03-04 19:59 - 2015-03-04 19:59 - 01398936 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-03-04 19:59 - 2015-03-04 19:59 - 00030360 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-03-04 17:35 - 2015-03-04 17:35 - 00000000 ____D () C:\Users\Mason\AppData\Local\My_Company
2015-03-02 19:27 - 2015-03-02 19:27 - 00010610 _____ () C:\Users\Mason\Documents\Potions.xlsx
2015-03-01 18:15 - 2015-03-01 18:15 - 00129312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-03-01 01:21 - 2015-03-01 01:21 - 00154320 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\e22W7x64.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-01 01:20 - 2015-03-01 01:20 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-01 01:19 - 2015-03-01 01:19 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-01 01:19 - 2015-03-01 01:19 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-01 01:19 - 2015-03-01 01:19 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-01 01:19 - 2015-03-01 01:19 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-01 01:13 - 2015-03-19 00:44 - 00002874 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mason)
2015-03-01 01:13 - 2015-03-16 01:49 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-01 01:13 - 2015-03-01 01:13 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-01 01:13 - 2015-03-01 01:13 - 00003232 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-03-01 01:13 - 2015-03-01 01:13 - 00003176 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\IObit
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\ProgramData\IObit
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-28 23:49 - 2015-03-09 20:03 - 00002297 _____ () C:\Users\Mason\Desktop\Skyrim (SKSE).lnk
2015-02-27 14:16 - 2015-02-27 14:16 - 00000000 ____D () C:\Users\Mason\AppData\Local\BANDAI NAMCO Games
2015-02-26 16:22 - 2015-01-09 14:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 16:22 - 2015-01-09 13:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 21:02 - 2015-02-25 21:02 - 00276872 _____ () C:\Windows\Minidump\022515-11497-01.dmp
2015-02-25 17:59 - 2015-03-19 00:43 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-02-25 17:56 - 2015-01-09 10:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 17:56 - 2015-01-09 10:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 16:21 - 2015-02-25 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Block Legend DX
2015-02-24 19:38 - 2015-02-24 19:38 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-02-24 19:26 - 2015-02-24 19:26 - 00000000 ____D () C:\Users\Mason\Documents\Direct Connect
2015-02-24 19:17 - 2015-02-24 19:17 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-02-24 19:03 - 2015-02-24 19:03 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-02-24 19:02 - 2015-03-05 17:09 - 00000000 ____D () C:\Users\Mason\Documents\3dsMax
2015-02-24 18:42 - 2015-02-24 23:48 - 00000000 ____D () C:\Users\Mason\Documents\Autodesk Application Manager
2015-02-24 18:42 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Mason\AppData\Local\Autodesk
2015-02-24 18:42 - 2015-02-24 19:25 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-02-23 00:16 - 2015-02-23 00:16 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-23 00:16 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\Program Files\iTunes
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files\iPod
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-22 14:51 - 2015-02-22 14:53 - 00000000 ____D () C:\Users\Mason\AppData\Local\Catacomb_Kids
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\Documents\DayZ
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\AppData\Local\DayZ
2015-02-19 19:04 - 2015-02-19 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Steam
2015-02-17 15:26 - 2015-02-17 15:26 - 01217184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-19 02:03 - 2015-01-10 05:11 - 00000000 ____D () C:\Users\Mason\Desktop\FRST
2015-03-19 02:03 - 2015-01-10 03:08 - 00000000 ____D () C:\FRST
2015-03-19 01:55 - 2014-04-26 01:50 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\BitTorrent
2015-03-19 01:53 - 2014-05-06 20:27 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Skype
2015-03-19 01:46 - 2015-01-10 04:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-19 01:34 - 2014-04-22 19:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 01:26 - 2014-04-22 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-19 00:50 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-19 00:50 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-19 00:48 - 2009-07-14 16:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-19 00:46 - 2014-04-22 18:49 - 01312599 _____ () C:\Windows\WindowsUpdate.log
2015-03-19 00:43 - 2014-09-01 17:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\LogMeIn Hamachi
2015-03-19 00:43 - 2014-08-20 11:49 - 00000000 ____D () C:\Users\Mason\AppData\Local\Adobe
2015-03-19 00:43 - 2014-04-22 19:16 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-03-19 00:43 - 2014-04-22 19:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-19 00:43 - 2014-04-22 18:56 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2015-03-19 00:43 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-19 00:43 - 2009-07-14 15:51 - 00097115 _____ () C:\Windows\setupact.log
2015-03-19 00:42 - 2010-11-21 14:47 - 01169560 _____ () C:\Windows\PFRO.log
2015-03-19 00:32 - 2014-04-22 19:27 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-18 22:59 - 2014-10-11 14:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\Akamai
2015-03-18 20:41 - 2014-06-24 02:25 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\SpaceEngineers
2015-03-18 15:41 - 2014-11-18 03:49 - 00000000 ____D () C:\Program Files (x86)\puush
2015-03-18 14:44 - 2015-01-08 06:29 - 00000000 ____D () C:\Users\Mason\AppData\Local\NPE
2015-03-17 22:05 - 2014-05-07 11:44 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashDumps
2015-03-17 00:35 - 2015-01-08 06:30 - 00000000 ____D () C:\NPE
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Google
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-13 23:24 - 2014-04-24 22:58 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\vlc
2015-03-13 22:18 - 2014-10-27 16:26 - 00000000 ____D () C:\Users\Mason\Desktop\System Escape
2015-03-13 02:18 - 2009-07-14 16:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 08:02 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 07:24 - 2009-07-14 15:45 - 05073360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 03:08 - 2014-06-08 14:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 03:08 - 2009-07-14 13:34 - 00000580 _____ () C:\Windows\win.ini
2015-03-12 03:05 - 2014-04-23 11:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:01 - 2014-04-23 11:28 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 00:15 - 2009-07-14 16:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-10 19:32 - 2014-04-22 19:14 - 00109696 _____ () C:\Users\Mason\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 00:05 - 2014-05-14 18:18 - 00000000 ____D () C:\Users\Mason\dwhelper
2015-03-07 16:02 - 2014-04-22 21:17 - 00000000 ____D () C:\Users\Mason\Documents\my games
2015-03-06 01:38 - 2014-04-22 21:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-06 01:38 - 2014-04-22 21:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-06 01:38 - 2014-04-22 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Autodesk
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-01 01:19 - 2014-04-22 18:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-27 23:01 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\tracing
2015-02-25 21:02 - 2014-05-11 17:28 - 1202633221 _____ () C:\Windows\MEMORY.DMP
2015-02-25 21:02 - 2014-05-11 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-02-25 20:02 - 2014-11-26 20:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 23:54 - 2014-10-11 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-02-24 23:54 - 2009-07-14 13:34 - 00017570 _____ () C:\Windows\system32\Drivers\etc\services
2015-02-24 19:02 - 2014-10-11 14:34 - 00000000 ____D () C:\Program Files\Autodesk
2015-02-24 18:42 - 2014-04-22 19:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-23 02:30 - 2014-04-24 13:39 - 00000000 ____D () C:\Program Files (x86)\FVD Suite
2015-02-23 00:15 - 2014-04-24 09:46 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-20 15:28 - 2014-10-30 16:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-20 15:28 - 2014-05-06 20:26 - 00000000 ____D () C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2014-05-27 05:01 - 2014-06-03 05:23 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-01-07 15:53 - 2015-01-07 15:53 - 0000004 _____ () C:\Users\Mason\AppData\Roaming\appdataFr2.bin
2015-01-08 17:32 - 2015-01-08 17:38 - 0000115 _____ () C:\Users\Mason\AppData\Roaming\LogFile.txt
2015-03-04 14:59 - 2015-03-14 21:29 - 0001440 _____ () C:\Users\Mason\AppData\Roaming\SpeedRunnersLog.txt
2015-01-12 23:30 - 2015-01-12 23:30 - 0000000 ____H () C:\Users\Mason\AppData\Local\BIT9F2B.tmp
2014-04-22 18:55 - 2015-01-10 17:44 - 0000717 _____ () C:\Users\Mason\AppData\Local\killertool.log
2015-01-12 23:29 - 2015-01-12 23:29 - 0000000 _____ () C:\Users\Mason\AppData\Local\{AA12CEEB-3BE8-4E39-84C9-367F6834453C}
 
Some content of TEMP:
====================
C:\Users\Mason\AppData\Local\Temp\dllnt_dump.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-15 04:18
 
==================== End Of Log ============================

Edited by Azreide, 18 March 2015 - 10:13 AM.


BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:36 AM

Posted 19 March 2015 - 10:56 AM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.
    Step 3: Junkware Removal Tool

    thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Step 4: FRST Scan
    • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
    • Click Scan to start FRST.
    • When FRST finishes scanning, a log, FRST.txt, will open.
    • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Edited by Machiavelli, 19 March 2015 - 10:57 AM.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 Azreide

Azreide
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 19 March 2015 - 08:59 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mason (administrator) on MASON-PC on 20-03-2015 12:57:59
Running from C:\Users\Mason\Desktop\FRST
Loaded Profiles: Mason (Available profiles: Mason)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\puush\puush.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Autodesk Inc.) C:\Users\Mason\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.83.62.0\OverwolfBrowser.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-03-01] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-08-01] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-31] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [BitTorrent] => C:\Users\Mason\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-11-18] ()
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-02-26] (Overwolf LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> {44880015-BCAE-48E7-A546-FCEA7C2EDF9D} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-26] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{430007CC-0FAE-4F6D-90A4-387DB11A7009}: [NameServer] 61.9.134.49 61.9.133.193
 
FireFox:
========
FF ProfilePath: C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-40517483-3242870874-2281284425-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Video DownloadHelper - C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-03-20]
 
Chrome: 
=======
CHR Profile: C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Sheets) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Video download helper) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Gmail) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-02-08]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-02-08]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [856960 2015-02-20] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-02-26] (Overwolf LTD)
S2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-03-14] (Asmedia Technology)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-02] (AVG Technologies)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150224.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-01] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30360 2015-03-04] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150318.001\IDSvia64.sys [669400 2015-02-06] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows ® Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2015-03-01] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-03-01] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150318.001\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150318.001\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-03-01] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-07] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-20] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-20 12:52 - 2015-03-17 17:59 - 01388672 _____ (Thisisu) C:\Users\Mason\Desktop\JRT_NEW.exe
2015-03-20 12:45 - 2015-03-20 12:46 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-20 12:40 - 2015-03-20 12:57 - 00000000 ____D () C:\Users\Mason\Desktop\FRST
2015-03-20 12:40 - 2015-03-20 12:40 - 02095616 _____ (Farbar) C:\Users\Mason\Downloads\FRST64.exe
2015-03-20 12:38 - 2015-03-20 12:38 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Desktop\AdwCleaner.exe
2015-03-20 12:38 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-20 12:37 - 2015-03-20 12:38 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Mason\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-20 12:33 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Downloads\AdwCleaner.exe
2015-03-19 22:02 - 2015-03-19 22:20 - 00000000 ____D () C:\Users\Mason\Desktop\BOI Seed Client
2015-03-19 22:01 - 2015-03-19 22:01 - 00019515 _____ () C:\Users\Mason\Downloads\client.zip
2015-03-18 21:30 - 2015-03-18 23:27 - 00000000 ____D () C:\Users\Mason\Documents\enemy
2015-03-18 15:44 - 2015-03-18 15:44 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP
2015-03-17 01:33 - 2015-03-17 01:33 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-16 16:48 - 2015-03-16 16:48 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-16 16:48 - 2015-03-16 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\Documents\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Local\Colossal Order
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\Documents\Square Enix
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashRpt
2015-03-14 15:37 - 2015-03-18 15:41 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2015-03-14 15:37 - 2015-03-14 15:37 - 00001971 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\ProgramData\Overwolf
2015-03-14 15:36 - 2015-03-20 12:43 - 00000000 ____D () C:\Users\Mason\AppData\Local\Overwolf
2015-03-14 15:36 - 2015-03-19 00:32 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\TS3Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00001169 _____ () C:\Users\Mason\Desktop\TeamSpeak 3 Client.lnk
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\TeamSpeak 3 Client
2015-03-13 03:36 - 2015-03-13 03:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\Ori and the Blind Forest
2015-03-11 21:31 - 2015-03-06 16:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 21:31 - 2015-03-06 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 21:31 - 2015-03-06 16:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 21:31 - 2015-03-06 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 21:31 - 2015-02-26 14:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 21:31 - 2015-02-24 14:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 21:31 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 21:31 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 21:31 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 21:31 - 2015-02-20 15:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 21:31 - 2015-02-20 14:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 14:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 21:31 - 2015-02-20 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 21:31 - 2015-02-20 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 21:31 - 2015-02-20 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 21:31 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 13:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 21:31 - 2015-02-20 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 21:31 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 21:31 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 21:31 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 21:31 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 21:31 - 2015-02-20 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 21:31 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 21:31 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 21:31 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 21:31 - 2015-02-13 16:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 21:31 - 2015-02-03 14:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 21:31 - 2015-02-03 14:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 21:31 - 2015-02-03 14:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 21:31 - 2015-02-03 14:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 21:31 - 2015-02-03 14:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 21:31 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 21:31 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 13:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 21:31 - 2015-01-31 14:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 21:31 - 2015-01-31 14:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 21:31 - 2015-01-31 10:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 21:31 - 2015-01-31 10:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 21:31 - 2015-01-17 13:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 21:31 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 21:31 - 2014-11-01 09:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 21:30 - 2015-02-21 12:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 21:30 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 21:30 - 2015-02-21 10:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 21:30 - 2015-02-20 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 21:30 - 2015-02-20 13:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 21:30 - 2015-02-20 13:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 21:30 - 2015-02-20 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 21:30 - 2015-02-20 13:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 21:30 - 2015-02-20 13:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 21:30 - 2015-02-20 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 21:30 - 2015-02-20 13:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 21:30 - 2015-02-20 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 21:30 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 21:30 - 2015-02-20 12:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 21:30 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 21:30 - 2015-02-20 12:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 21:30 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 21:30 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 21:29 - 2015-02-04 14:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 21:29 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 03:18 - 2015-03-07 03:18 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\com.jarvisfilms.synonomy
2015-03-07 01:53 - 2015-03-07 15:52 - 00000000 ____D () C:\Users\Mason\AppData\Local\Microsoft Games
2015-03-07 00:58 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 18:30 - 2015-03-06 18:30 - 00000000 ____D () C:\Users\Mason\Documents\Paradox Interactive
2015-03-05 17:14 - 2015-03-05 17:15 - 00027136 _____ () C:\Users\Mason\Desktop\Snowman.avi
2015-03-04 19:59 - 2015-03-04 19:59 - 01398936 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-03-04 19:59 - 2015-03-04 19:59 - 00030360 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-03-04 17:35 - 2015-03-04 17:35 - 00000000 ____D () C:\Users\Mason\AppData\Local\My_Company
2015-03-02 19:27 - 2015-03-02 19:27 - 00010610 _____ () C:\Users\Mason\Documents\Potions.xlsx
2015-03-01 18:15 - 2015-03-01 18:15 - 00129312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-03-01 01:21 - 2015-03-01 01:21 - 00154320 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\e22W7x64.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-01 01:20 - 2015-03-01 01:20 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-01 01:19 - 2015-03-01 01:19 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-01 01:19 - 2015-03-01 01:19 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-01 01:19 - 2015-03-01 01:19 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-01 01:19 - 2015-03-01 01:19 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-01 01:13 - 2015-03-20 12:44 - 00002874 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mason)
2015-03-01 01:13 - 2015-03-16 01:49 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-01 01:13 - 2015-03-01 01:13 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-01 01:13 - 2015-03-01 01:13 - 00003232 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-03-01 01:13 - 2015-03-01 01:13 - 00003176 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\IObit
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\ProgramData\IObit
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-28 23:49 - 2015-03-09 20:03 - 00002297 _____ () C:\Users\Mason\Desktop\Skyrim (SKSE).lnk
2015-02-27 14:16 - 2015-02-27 14:16 - 00000000 ____D () C:\Users\Mason\AppData\Local\BANDAI NAMCO Games
2015-02-26 16:22 - 2015-01-09 14:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 16:22 - 2015-01-09 13:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 21:02 - 2015-02-25 21:02 - 00276872 _____ () C:\Windows\Minidump\022515-11497-01.dmp
2015-02-25 17:59 - 2015-03-20 12:43 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-02-25 17:56 - 2015-01-09 10:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 17:56 - 2015-01-09 10:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 16:21 - 2015-02-25 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Block Legend DX
2015-02-24 19:26 - 2015-02-24 19:26 - 00000000 ____D () C:\Users\Mason\Documents\Direct Connect
2015-02-24 19:17 - 2015-02-24 19:17 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-02-24 19:03 - 2015-02-24 19:03 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-02-24 19:02 - 2015-03-05 17:09 - 00000000 ____D () C:\Users\Mason\Documents\3dsMax
2015-02-24 18:42 - 2015-02-24 23:48 - 00000000 ____D () C:\Users\Mason\Documents\Autodesk Application Manager
2015-02-24 18:42 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Mason\AppData\Local\Autodesk
2015-02-24 18:42 - 2015-02-24 19:25 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-02-23 00:16 - 2015-02-23 00:16 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-23 00:16 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\Program Files\iTunes
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files\iPod
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-22 14:51 - 2015-02-22 14:53 - 00000000 ____D () C:\Users\Mason\AppData\Local\Catacomb_Kids
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\Documents\DayZ
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\AppData\Local\DayZ
2015-02-19 19:04 - 2015-02-19 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Steam
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-20 12:58 - 2015-01-10 03:08 - 00000000 ____D () C:\FRST
2015-03-20 12:53 - 2014-04-26 01:50 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\BitTorrent
2015-03-20 12:51 - 2014-06-27 02:31 - 00000000 ____D () C:\ProgramData\BlueOcean
2015-03-20 12:50 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-20 12:50 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-20 12:49 - 2009-07-14 16:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-20 12:46 - 2014-04-22 18:49 - 01366885 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 12:45 - 2014-10-11 14:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\Akamai
2015-03-20 12:44 - 2014-05-06 20:27 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Skype
2015-03-20 12:43 - 2014-09-01 17:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\LogMeIn Hamachi
2015-03-20 12:43 - 2014-08-20 11:49 - 00000000 ____D () C:\Users\Mason\AppData\Local\Adobe
2015-03-20 12:43 - 2014-04-22 19:27 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-20 12:43 - 2014-04-22 19:16 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-03-20 12:43 - 2014-04-22 19:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-20 12:43 - 2014-04-22 18:56 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2015-03-20 12:43 - 2010-11-21 14:47 - 01171282 _____ () C:\Windows\PFRO.log
2015-03-20 12:43 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-20 12:43 - 2009-07-14 15:51 - 00097283 _____ () C:\Windows\setupact.log
2015-03-20 12:42 - 2015-01-08 05:05 - 00000000 ____D () C:\AdwCleaner
2015-03-20 12:42 - 2014-04-24 22:44 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium
2015-03-20 12:34 - 2014-04-22 19:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 21:26 - 2014-04-22 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-19 17:50 - 2014-11-18 03:49 - 00000000 ____D () C:\Program Files (x86)\puush
2015-03-19 03:41 - 2014-10-27 16:26 - 00000000 ____D () C:\Users\Mason\Desktop\System Escape
2015-03-19 02:58 - 2014-09-01 17:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-19 02:58 - 2014-09-01 17:27 - 00000000 ____D () C:\Program Files\Java
2015-03-19 02:58 - 2014-08-18 01:25 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-19 02:57 - 2014-08-18 01:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-19 02:57 - 2014-04-22 21:45 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-19 02:57 - 2014-04-22 21:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-19 02:57 - 2014-04-22 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-19 01:46 - 2015-01-10 04:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-18 20:41 - 2014-06-24 02:25 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\SpaceEngineers
2015-03-18 14:44 - 2015-01-08 06:29 - 00000000 ____D () C:\Users\Mason\AppData\Local\NPE
2015-03-17 22:05 - 2014-05-07 11:44 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashDumps
2015-03-17 00:35 - 2015-01-08 06:30 - 00000000 ____D () C:\NPE
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Google
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-13 23:24 - 2014-04-24 22:58 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\vlc
2015-03-13 02:18 - 2009-07-14 16:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 08:02 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 07:24 - 2009-07-14 15:45 - 05073360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 03:08 - 2014-06-08 14:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 03:08 - 2009-07-14 13:34 - 00000580 _____ () C:\Windows\win.ini
2015-03-12 03:05 - 2014-04-23 11:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:01 - 2014-04-23 11:28 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 00:15 - 2009-07-14 16:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-10 19:32 - 2014-04-22 19:14 - 00109696 _____ () C:\Users\Mason\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 00:05 - 2014-05-14 18:18 - 00000000 ____D () C:\Users\Mason\dwhelper
2015-03-07 16:02 - 2014-04-22 21:17 - 00000000 ____D () C:\Users\Mason\Documents\my games
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Autodesk
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-01 01:19 - 2014-04-22 18:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-27 23:01 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\tracing
2015-02-25 21:02 - 2014-05-11 17:28 - 1202633221 _____ () C:\Windows\MEMORY.DMP
2015-02-25 21:02 - 2014-05-11 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-02-25 20:02 - 2014-11-26 20:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 23:54 - 2014-10-11 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-02-24 23:54 - 2009-07-14 13:34 - 00017570 _____ () C:\Windows\system32\Drivers\etc\services
2015-02-24 19:02 - 2014-10-11 14:34 - 00000000 ____D () C:\Program Files\Autodesk
2015-02-24 18:42 - 2014-04-22 19:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-23 02:30 - 2014-04-24 13:39 - 00000000 ____D () C:\Program Files (x86)\FVD Suite
2015-02-23 00:15 - 2014-04-24 09:46 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-20 15:28 - 2014-10-30 16:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-20 15:28 - 2014-05-06 20:26 - 00000000 ____D () C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2014-05-27 05:01 - 2014-06-03 05:23 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-01-07 15:53 - 2015-01-07 15:53 - 0000004 _____ () C:\Users\Mason\AppData\Roaming\appdataFr2.bin
2015-01-08 17:32 - 2015-01-08 17:38 - 0000115 _____ () C:\Users\Mason\AppData\Roaming\LogFile.txt
2015-03-04 14:59 - 2015-03-14 21:29 - 0001440 _____ () C:\Users\Mason\AppData\Roaming\SpeedRunnersLog.txt
2015-01-12 23:30 - 2015-01-12 23:30 - 0000000 ____H () C:\Users\Mason\AppData\Local\BIT9F2B.tmp
2014-04-22 18:55 - 2015-01-10 17:44 - 0000717 _____ () C:\Users\Mason\AppData\Local\killertool.log
2015-01-12 23:29 - 2015-01-12 23:29 - 0000000 _____ () C:\Users\Mason\AppData\Local\{AA12CEEB-3BE8-4E39-84C9-367F6834453C}
 
Some content of TEMP:
====================
C:\Users\Mason\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Mason\AppData\Local\Temp\Quarantine.exe
C:\Users\Mason\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-15 04:18
 
==================== End Of Log ============================

Attached Files



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:36 AM

Posted 20 March 2015 - 08:07 AM

Please post all logs directly into the thread. :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 Azreide

Azreide
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 20 March 2015 - 09:07 AM

FRST Log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mason (administrator) on MASON-PC on 20-03-2015 12:57:59
Running from C:\Users\Mason\Desktop\FRST
Loaded Profiles: Mason (Available profiles: Mason)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\puush\puush.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Autodesk Inc.) C:\Users\Mason\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.83.62.0\OverwolfBrowser.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-03-01] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-08-01] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-31] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [BitTorrent] => C:\Users\Mason\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-11-18] ()
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-02-26] (Overwolf LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> {44880015-BCAE-48E7-A546-FCEA7C2EDF9D} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-26] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{430007CC-0FAE-4F6D-90A4-387DB11A7009}: [NameServer] 61.9.134.49 61.9.133.193
 
FireFox:
========
FF ProfilePath: C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-40517483-3242870874-2281284425-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Video DownloadHelper - C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-03-20]
 
Chrome: 
=======
CHR Profile: C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Sheets) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Video download helper) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Gmail) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-02-08]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-02-08]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [856960 2015-02-20] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-02-26] (Overwolf LTD)
S2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-03-14] (Asmedia Technology)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-02] (AVG Technologies)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150224.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-01] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30360 2015-03-04] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150318.001\IDSvia64.sys [669400 2015-02-06] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows ® Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2015-03-01] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-03-01] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150318.001\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150318.001\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-03-01] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-07] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-20] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-20 12:52 - 2015-03-17 17:59 - 01388672 _____ (Thisisu) C:\Users\Mason\Desktop\JRT_NEW.exe
2015-03-20 12:45 - 2015-03-20 12:46 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-20 12:40 - 2015-03-20 12:57 - 00000000 ____D () C:\Users\Mason\Desktop\FRST
2015-03-20 12:40 - 2015-03-20 12:40 - 02095616 _____ (Farbar) C:\Users\Mason\Downloads\FRST64.exe
2015-03-20 12:38 - 2015-03-20 12:38 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Desktop\AdwCleaner.exe
2015-03-20 12:38 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-20 12:37 - 2015-03-20 12:38 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Mason\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-20 12:33 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Downloads\AdwCleaner.exe
2015-03-19 22:02 - 2015-03-19 22:20 - 00000000 ____D () C:\Users\Mason\Desktop\BOI Seed Client
2015-03-19 22:01 - 2015-03-19 22:01 - 00019515 _____ () C:\Users\Mason\Downloads\client.zip
2015-03-18 21:30 - 2015-03-18 23:27 - 00000000 ____D () C:\Users\Mason\Documents\enemy
2015-03-18 15:44 - 2015-03-18 15:44 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP
2015-03-17 01:33 - 2015-03-17 01:33 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-16 16:48 - 2015-03-16 16:48 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-16 16:48 - 2015-03-16 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\Documents\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Local\Colossal Order
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\Documents\Square Enix
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashRpt
2015-03-14 15:37 - 2015-03-18 15:41 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2015-03-14 15:37 - 2015-03-14 15:37 - 00001971 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\ProgramData\Overwolf
2015-03-14 15:36 - 2015-03-20 12:43 - 00000000 ____D () C:\Users\Mason\AppData\Local\Overwolf
2015-03-14 15:36 - 2015-03-19 00:32 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\TS3Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00001169 _____ () C:\Users\Mason\Desktop\TeamSpeak 3 Client.lnk
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\TeamSpeak 3 Client
2015-03-13 03:36 - 2015-03-13 03:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\Ori and the Blind Forest
2015-03-11 21:31 - 2015-03-06 16:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 21:31 - 2015-03-06 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 21:31 - 2015-03-06 16:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 21:31 - 2015-03-06 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 21:31 - 2015-02-26 14:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 21:31 - 2015-02-24 14:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 21:31 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 21:31 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 21:31 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 21:31 - 2015-02-20 15:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 21:31 - 2015-02-20 14:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 14:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 21:31 - 2015-02-20 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 21:31 - 2015-02-20 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 21:31 - 2015-02-20 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 21:31 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 13:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 21:31 - 2015-02-20 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 21:31 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 21:31 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 21:31 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 21:31 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 21:31 - 2015-02-20 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 21:31 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 21:31 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 21:31 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 21:31 - 2015-02-13 16:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 21:31 - 2015-02-03 14:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 21:31 - 2015-02-03 14:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 21:31 - 2015-02-03 14:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 21:31 - 2015-02-03 14:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 21:31 - 2015-02-03 14:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 21:31 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 21:31 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 13:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 21:31 - 2015-01-31 14:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 21:31 - 2015-01-31 14:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 21:31 - 2015-01-31 10:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 21:31 - 2015-01-31 10:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 21:31 - 2015-01-17 13:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 21:31 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 21:31 - 2014-11-01 09:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 21:30 - 2015-02-21 12:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 21:30 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 21:30 - 2015-02-21 10:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 21:30 - 2015-02-20 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 21:30 - 2015-02-20 13:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 21:30 - 2015-02-20 13:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 21:30 - 2015-02-20 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 21:30 - 2015-02-20 13:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 21:30 - 2015-02-20 13:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 21:30 - 2015-02-20 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 21:30 - 2015-02-20 13:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 21:30 - 2015-02-20 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 21:30 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 21:30 - 2015-02-20 12:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 21:30 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 21:30 - 2015-02-20 12:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 21:30 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 21:30 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 21:29 - 2015-02-04 14:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 21:29 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 03:18 - 2015-03-07 03:18 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\com.jarvisfilms.synonomy
2015-03-07 01:53 - 2015-03-07 15:52 - 00000000 ____D () C:\Users\Mason\AppData\Local\Microsoft Games
2015-03-07 00:58 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 18:30 - 2015-03-06 18:30 - 00000000 ____D () C:\Users\Mason\Documents\Paradox Interactive
2015-03-05 17:14 - 2015-03-05 17:15 - 00027136 _____ () C:\Users\Mason\Desktop\Snowman.avi
2015-03-04 19:59 - 2015-03-04 19:59 - 01398936 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-03-04 19:59 - 2015-03-04 19:59 - 00030360 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-03-04 17:35 - 2015-03-04 17:35 - 00000000 ____D () C:\Users\Mason\AppData\Local\My_Company
2015-03-02 19:27 - 2015-03-02 19:27 - 00010610 _____ () C:\Users\Mason\Documents\Potions.xlsx
2015-03-01 18:15 - 2015-03-01 18:15 - 00129312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-03-01 01:21 - 2015-03-01 01:21 - 00154320 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\e22W7x64.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-01 01:20 - 2015-03-01 01:20 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-01 01:19 - 2015-03-01 01:19 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-01 01:19 - 2015-03-01 01:19 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-01 01:19 - 2015-03-01 01:19 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-01 01:19 - 2015-03-01 01:19 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-01 01:13 - 2015-03-20 12:44 - 00002874 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mason)
2015-03-01 01:13 - 2015-03-16 01:49 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-01 01:13 - 2015-03-01 01:13 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-01 01:13 - 2015-03-01 01:13 - 00003232 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-03-01 01:13 - 2015-03-01 01:13 - 00003176 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\IObit
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\ProgramData\IObit
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-28 23:49 - 2015-03-09 20:03 - 00002297 _____ () C:\Users\Mason\Desktop\Skyrim (SKSE).lnk
2015-02-27 14:16 - 2015-02-27 14:16 - 00000000 ____D () C:\Users\Mason\AppData\Local\BANDAI NAMCO Games
2015-02-26 16:22 - 2015-01-09 14:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 16:22 - 2015-01-09 13:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 21:02 - 2015-02-25 21:02 - 00276872 _____ () C:\Windows\Minidump\022515-11497-01.dmp
2015-02-25 17:59 - 2015-03-20 12:43 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-02-25 17:56 - 2015-01-09 10:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 17:56 - 2015-01-09 10:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 16:21 - 2015-02-25 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Block Legend DX
2015-02-24 19:26 - 2015-02-24 19:26 - 00000000 ____D () C:\Users\Mason\Documents\Direct Connect
2015-02-24 19:17 - 2015-02-24 19:17 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-02-24 19:03 - 2015-02-24 19:03 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-02-24 19:02 - 2015-03-05 17:09 - 00000000 ____D () C:\Users\Mason\Documents\3dsMax
2015-02-24 18:42 - 2015-02-24 23:48 - 00000000 ____D () C:\Users\Mason\Documents\Autodesk Application Manager
2015-02-24 18:42 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Mason\AppData\Local\Autodesk
2015-02-24 18:42 - 2015-02-24 19:25 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-02-23 00:16 - 2015-02-23 00:16 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-23 00:16 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\Program Files\iTunes
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files\iPod
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-22 14:51 - 2015-02-22 14:53 - 00000000 ____D () C:\Users\Mason\AppData\Local\Catacomb_Kids
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\Documents\DayZ
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\AppData\Local\DayZ
2015-02-19 19:04 - 2015-02-19 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Steam
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-20 12:58 - 2015-01-10 03:08 - 00000000 ____D () C:\FRST
2015-03-20 12:53 - 2014-04-26 01:50 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\BitTorrent
2015-03-20 12:51 - 2014-06-27 02:31 - 00000000 ____D () C:\ProgramData\BlueOcean
2015-03-20 12:50 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-20 12:50 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-20 12:49 - 2009-07-14 16:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-20 12:46 - 2014-04-22 18:49 - 01366885 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 12:45 - 2014-10-11 14:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\Akamai
2015-03-20 12:44 - 2014-05-06 20:27 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Skype
2015-03-20 12:43 - 2014-09-01 17:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\LogMeIn Hamachi
2015-03-20 12:43 - 2014-08-20 11:49 - 00000000 ____D () C:\Users\Mason\AppData\Local\Adobe
2015-03-20 12:43 - 2014-04-22 19:27 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-20 12:43 - 2014-04-22 19:16 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-03-20 12:43 - 2014-04-22 19:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-20 12:43 - 2014-04-22 18:56 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2015-03-20 12:43 - 2010-11-21 14:47 - 01171282 _____ () C:\Windows\PFRO.log
2015-03-20 12:43 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-20 12:43 - 2009-07-14 15:51 - 00097283 _____ () C:\Windows\setupact.log
2015-03-20 12:42 - 2015-01-08 05:05 - 00000000 ____D () C:\AdwCleaner
2015-03-20 12:42 - 2014-04-24 22:44 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium
2015-03-20 12:34 - 2014-04-22 19:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 21:26 - 2014-04-22 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-19 17:50 - 2014-11-18 03:49 - 00000000 ____D () C:\Program Files (x86)\puush
2015-03-19 03:41 - 2014-10-27 16:26 - 00000000 ____D () C:\Users\Mason\Desktop\System Escape
2015-03-19 02:58 - 2014-09-01 17:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-19 02:58 - 2014-09-01 17:27 - 00000000 ____D () C:\Program Files\Java
2015-03-19 02:58 - 2014-08-18 01:25 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-19 02:57 - 2014-08-18 01:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-19 02:57 - 2014-04-22 21:45 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-19 02:57 - 2014-04-22 21:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-19 02:57 - 2014-04-22 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-19 01:46 - 2015-01-10 04:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-18 20:41 - 2014-06-24 02:25 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\SpaceEngineers
2015-03-18 14:44 - 2015-01-08 06:29 - 00000000 ____D () C:\Users\Mason\AppData\Local\NPE
2015-03-17 22:05 - 2014-05-07 11:44 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashDumps
2015-03-17 00:35 - 2015-01-08 06:30 - 00000000 ____D () C:\NPE
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Google
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-13 23:24 - 2014-04-24 22:58 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\vlc
2015-03-13 02:18 - 2009-07-14 16:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 08:02 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 07:24 - 2009-07-14 15:45 - 05073360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 03:08 - 2014-06-08 14:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 03:08 - 2009-07-14 13:34 - 00000580 _____ () C:\Windows\win.ini
2015-03-12 03:05 - 2014-04-23 11:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:01 - 2014-04-23 11:28 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 00:15 - 2009-07-14 16:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-10 19:32 - 2014-04-22 19:14 - 00109696 _____ () C:\Users\Mason\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 00:05 - 2014-05-14 18:18 - 00000000 ____D () C:\Users\Mason\dwhelper
2015-03-07 16:02 - 2014-04-22 21:17 - 00000000 ____D () C:\Users\Mason\Documents\my games
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Autodesk
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-01 01:19 - 2014-04-22 18:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-27 23:01 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\tracing
2015-02-25 21:02 - 2014-05-11 17:28 - 1202633221 _____ () C:\Windows\MEMORY.DMP
2015-02-25 21:02 - 2014-05-11 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-02-25 20:02 - 2014-11-26 20:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 23:54 - 2014-10-11 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-02-24 23:54 - 2009-07-14 13:34 - 00017570 _____ () C:\Windows\system32\Drivers\etc\services
2015-02-24 19:02 - 2014-10-11 14:34 - 00000000 ____D () C:\Program Files\Autodesk
2015-02-24 18:42 - 2014-04-22 19:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-23 02:30 - 2014-04-24 13:39 - 00000000 ____D () C:\Program Files (x86)\FVD Suite
2015-02-23 00:15 - 2014-04-24 09:46 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-20 15:28 - 2014-10-30 16:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-20 15:28 - 2014-05-06 20:26 - 00000000 ____D () C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2014-05-27 05:01 - 2014-06-03 05:23 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-01-07 15:53 - 2015-01-07 15:53 - 0000004 _____ () C:\Users\Mason\AppData\Roaming\appdataFr2.bin
2015-01-08 17:32 - 2015-01-08 17:38 - 0000115 _____ () C:\Users\Mason\AppData\Roaming\LogFile.txt
2015-03-04 14:59 - 2015-03-14 21:29 - 0001440 _____ () C:\Users\Mason\AppData\Roaming\SpeedRunnersLog.txt
2015-01-12 23:30 - 2015-01-12 23:30 - 0000000 ____H () C:\Users\Mason\AppData\Local\BIT9F2B.tmp
2014-04-22 18:55 - 2015-01-10 17:44 - 0000717 _____ () C:\Users\Mason\AppData\Local\killertool.log
2015-01-12 23:29 - 2015-01-12 23:29 - 0000000 _____ () C:\Users\Mason\AppData\Local\{AA12CEEB-3BE8-4E39-84C9-367F6834453C}
 
Some content of TEMP:
====================
C:\Users\Mason\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Mason\AppData\Local\Temp\Quarantine.exe
C:\Users\Mason\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-15 04:18
 
==================== End Of Log ============================
 
AdwCleaner Log:
 
# AdwCleaner v4.112 - Logfile created 20/03/2015 at 12:42:46
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Mason - MASON-PC
# Running from : C:\Users\Mason\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
Folder Deleted : C:\Program Files (x86)\DriverTuner
Folder Deleted : C:\ProgramData\null
Folder Deleted : C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\Users\Mason\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DriverTuner.lnk
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium\Game - Total Domination.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\DriverTuner_Init
Key Deleted : HKCU\Software\DriverTuner
Key Deleted : HKCU\Software\SearchProtectWS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{520C1D80-935C-42B9-9340-E883849D804F}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D238A788-39B6-B97D-A5BA-13FE8E34E03C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{36BA0E82-2B7D-79E6-9AC9-572294FDA2BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 307880
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B81F9CCF-7FCD-416F-893F-5EAA65087A58}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17689
 
 
-\\ Mozilla Firefox v36.0.1 (x86 en-US)
 
 
-\\ Google Chrome v41.0.2272.89
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [31221 bytes] - [08/01/2015 05:06:00]
AdwCleaner[R1].txt - [1236 bytes] - [08/01/2015 05:52:43]
AdwCleaner[R2].txt - [1363 bytes] - [08/01/2015 20:16:31]
AdwCleaner[R3].txt - [1512 bytes] - [14/01/2015 10:29:28]
AdwCleaner[R4].txt - [3105 bytes] - [20/03/2015 12:41:04]
AdwCleaner[S0].txt - [31875 bytes] - [08/01/2015 05:08:11]
AdwCleaner[S1].txt - [1595 bytes] - [08/01/2015 05:53:19]
AdwCleaner[S2].txt - [1581 bytes] - [14/01/2015 10:30:04]
AdwCleaner[S3].txt - [2795 bytes] - [20/03/2015 12:42:46]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2854  bytes] ##########
 
MalwareByte Log:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/20/2015
Scan Time: 12:46:09 PM
Logfile: Malwarebytes log.txt
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.03.19.10
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mason
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 482909
Time Elapsed: 5 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 3
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\SO_Booster, Quarantined, [89dd4304d9b1e254c0fc3ca548bb738d], 
PUP.Optional.Enterprise.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\enterprise 1.1, Quarantined, [2e38e85faddd58debba58f43d231a858], 
PUP.Optional.weDownload.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, Quarantined, [90d6a2a538527cba66853bb97c87936d], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 4
PUP.Optional.Feven.A, C:\Program Files (x86)\Freeven pro, Quarantined, [6600bf88345692a43573ceaa6b9845bb], 
PUP.Optional.Booster.A, C:\ProgramData\BlueOcean\SO_Booster, Quarantined, [7de96dda2268a78f76ac1777ad5624dc], 
PUP.Optional.Booster.A, C:\ProgramData\BlueOcean\SO_Booster\4675958519, Quarantined, [7de96dda2268a78f76ac1777ad5624dc], 
PUP.Optional.BlueOcean.A, C:\ProgramData\BlueOcean\Setup, Quarantined, [50160344becce74f5f010d860003b050], 
 
Files: 4
PUP.Optional.Feven.A, C:\Program Files (x86)\Freeven pro\54248.crx, Quarantined, [6600bf88345692a43573ceaa6b9845bb], 
PUP.Optional.Feven.A, C:\Program Files (x86)\Freeven pro\54248.xpi, Quarantined, [6600bf88345692a43573ceaa6b9845bb], 
PUP.Optional.Feven.A, C:\Program Files (x86)\Freeven pro\background.html, Quarantined, [6600bf88345692a43573ceaa6b9845bb], 
PUP.Optional.Booster.A, C:\ProgramData\BlueOcean\SO_Booster\4675958519.ini, Quarantined, [7de96dda2268a78f76ac1777ad5624dc], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
JRT Log:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.5 (03.17.2015:1)
OS: Windows 7 Home Premium x64
Ran by Mason on Fri 03/20/2015 at 12:53:33.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\flexnet"
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Mason\AppData\Roaming\mozilla\firefox\profiles\5rvyed00.default\minidumps [1 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/20/2015 at 12:56:03.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:36 AM

Posted 20 March 2015 - 01:38 PM

Hey, :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 Azreide

Azreide
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 20 March 2015 - 10:47 PM

I'm in Australia, the free ESET scan wasn't available, and the problem's still occurring.
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Mason at 2015-03-21 14:41:58 Run:6
Running from C:\Users\Mason\Desktop
Loaded Profiles: Mason (Available profiles: Mason)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
EmptyTemp:
*****************
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
EmptyTemp: => Removed 25.4 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 14:42:05 ====

Edited by Azreide, 20 March 2015 - 10:53 PM.


#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:36 AM

Posted 21 March 2015 - 07:25 PM

Step 2 is missing.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 Azreide

Azreide
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 21 March 2015 - 10:10 PM

Right, I apologize

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mason (administrator) on MASON-PC on 22-03-2015 14:09:50
Running from C:\Users\Mason\Desktop
Loaded Profiles: Mason (Available profiles: Mason)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(BitTorrent Inc.) C:\Users\Mason\AppData\Roaming\BitTorrent\BitTorrent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\puush\puush.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Autodesk Inc.) C:\Users\Mason\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.83.62.0\OverwolfBrowser.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Valve Corporation) H:\Steam\Steam.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-03-01] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-08-01] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-31] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [BitTorrent] => C:\Users\Mason\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-11-18] ()
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-02-26] (Overwolf LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
SearchScopes: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> {44880015-BCAE-48E7-A546-FCEA7C2EDF9D} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{430007CC-0FAE-4F6D-90A4-387DB11A7009}: [NameServer] 61.9.134.49 61.9.133.193
 
FireFox:
========
FF ProfilePath: C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Plugin HKU\S-1-5-21-40517483-3242870874-2281284425-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Video DownloadHelper - C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-03-22]
 
Chrome: 
=======
CHR Profile: C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Sheets) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Video download helper) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Gmail) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-01-07] (Adobe Systems Incorporated)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [856960 2015-02-20] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-02-26] (Overwolf LTD)
S2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-03-14] (Asmedia Technology)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-02] (AVG Technologies)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150224.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-01] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30360 2015-03-04] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150320.001\IDSvia64.sys [669400 2015-02-06] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows ® Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2015-03-01] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-03-01] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150321.003\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150321.003\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-03-01] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-07] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-22] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-22 14:09 - 2015-03-22 14:09 - 00030608 _____ () C:\Users\Mason\Desktop\FRST.txt
2015-03-21 20:17 - 2015-03-21 20:17 - 00001483 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2014.lnk
2015-03-21 20:17 - 2015-03-21 20:17 - 00000000 ____D () C:\ProgramData\ALM
2015-03-21 19:27 - 2015-03-21 19:27 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-21 19:27 - 2015-03-21 19:27 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-03-21 14:48 - 2015-03-21 14:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2015-03-21 04:44 - 2015-03-21 04:54 - 255418695 _____ () C:\Users\Mason\Downloads\Supernatural.S10E15.HDTV.x264-LOL.mp4
2015-03-21 04:44 - 2015-03-21 04:44 - 00010175 _____ () C:\Users\Mason\Downloads\761F64EFAEE649B8D6BCB34225EB62936F27B7D3.torrent
2015-03-21 03:52 - 2015-03-21 03:52 - 00000000 ____D () C:\Users\Mason\Documents\Klei
2015-03-21 03:25 - 2015-03-21 03:25 - 00276984 _____ () C:\Windows\Minidump\032115-11902-01.dmp
2015-03-20 12:52 - 2015-03-17 17:59 - 01388672 _____ (Thisisu) C:\Users\Mason\Desktop\JRT_NEW.exe
2015-03-20 12:45 - 2015-03-20 12:46 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-20 12:40 - 2015-03-21 14:40 - 00000000 ____D () C:\Users\Mason\Desktop\FRST
2015-03-20 12:40 - 2015-03-20 12:40 - 02095616 _____ (Farbar) C:\Users\Mason\Downloads\FRST64.exe
2015-03-20 12:40 - 2015-03-20 12:40 - 02095616 _____ (Farbar) C:\Users\Mason\Desktop\FRST64.exe
2015-03-20 12:38 - 2015-03-20 12:38 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Desktop\AdwCleaner.exe
2015-03-20 12:38 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-20 12:37 - 2015-03-20 12:38 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Mason\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-20 12:33 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Downloads\AdwCleaner.exe
2015-03-19 22:02 - 2015-03-21 16:17 - 00000000 ____D () C:\Users\Mason\Desktop\BOI Seed Client
2015-03-19 22:01 - 2015-03-19 22:01 - 00019515 _____ () C:\Users\Mason\Downloads\client.zip
2015-03-18 21:30 - 2015-03-21 18:01 - 00000000 ____D () C:\Users\Mason\Documents\enemy
2015-03-18 15:44 - 2015-03-18 15:44 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP
2015-03-17 01:33 - 2015-03-17 01:33 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-16 16:48 - 2015-03-21 10:36 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-16 16:48 - 2015-03-16 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\Documents\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Local\Colossal Order
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\Documents\Square Enix
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashRpt
2015-03-14 15:37 - 2015-03-22 12:08 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2015-03-14 15:37 - 2015-03-14 15:37 - 00001971 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\ProgramData\Overwolf
2015-03-14 15:36 - 2015-03-22 01:56 - 00000000 ____D () C:\Users\Mason\AppData\Local\Overwolf
2015-03-14 15:36 - 2015-03-19 00:32 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\TS3Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00001169 _____ () C:\Users\Mason\Desktop\TeamSpeak 3 Client.lnk
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\TeamSpeak 3 Client
2015-03-13 03:36 - 2015-03-13 03:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\Ori and the Blind Forest
2015-03-11 21:31 - 2015-03-06 16:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 21:31 - 2015-03-06 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 21:31 - 2015-03-06 16:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 21:31 - 2015-03-06 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 21:31 - 2015-02-26 14:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 21:31 - 2015-02-24 14:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 21:31 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 21:31 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 21:31 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 21:31 - 2015-02-20 15:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 21:31 - 2015-02-20 14:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 14:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 21:31 - 2015-02-20 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 21:31 - 2015-02-20 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 21:31 - 2015-02-20 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 21:31 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 13:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 21:31 - 2015-02-20 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 21:31 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 21:31 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 21:31 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 21:31 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 21:31 - 2015-02-20 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 21:31 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 21:31 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 21:31 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 21:31 - 2015-02-13 16:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 21:31 - 2015-02-03 14:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 21:31 - 2015-02-03 14:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 21:31 - 2015-02-03 14:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 21:31 - 2015-02-03 14:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 21:31 - 2015-02-03 14:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 21:31 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 21:31 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 13:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 21:31 - 2015-01-31 14:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 21:31 - 2015-01-31 14:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 21:31 - 2015-01-31 10:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 21:31 - 2015-01-31 10:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 21:31 - 2015-01-17 13:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 21:31 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 21:31 - 2014-11-01 09:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 21:30 - 2015-02-21 12:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 21:30 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 21:30 - 2015-02-21 10:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 21:30 - 2015-02-20 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 21:30 - 2015-02-20 13:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 21:30 - 2015-02-20 13:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 21:30 - 2015-02-20 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 21:30 - 2015-02-20 13:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 21:30 - 2015-02-20 13:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 21:30 - 2015-02-20 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 21:30 - 2015-02-20 13:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 21:30 - 2015-02-20 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 21:30 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 21:30 - 2015-02-20 12:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 21:30 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 21:30 - 2015-02-20 12:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 21:30 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 21:30 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 21:29 - 2015-02-04 14:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 21:29 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 03:18 - 2015-03-07 03:18 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\com.jarvisfilms.synonomy
2015-03-07 01:53 - 2015-03-07 15:52 - 00000000 ____D () C:\Users\Mason\AppData\Local\Microsoft Games
2015-03-07 00:58 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 18:30 - 2015-03-06 18:30 - 00000000 ____D () C:\Users\Mason\Documents\Paradox Interactive
2015-03-05 17:14 - 2015-03-05 17:15 - 00027136 _____ () C:\Users\Mason\Desktop\Snowman.avi
2015-03-04 19:59 - 2015-03-04 19:59 - 01398936 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-03-04 19:59 - 2015-03-04 19:59 - 00030360 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-03-04 17:35 - 2015-03-04 17:35 - 00000000 ____D () C:\Users\Mason\AppData\Local\My_Company
2015-03-02 19:27 - 2015-03-02 19:27 - 00010610 _____ () C:\Users\Mason\Documents\Potions.xlsx
2015-03-01 18:15 - 2015-03-01 18:15 - 00129312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-03-01 01:21 - 2015-03-01 01:21 - 00154320 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\e22W7x64.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-01 01:20 - 2015-03-01 01:20 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-01 01:19 - 2015-03-01 01:19 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-01 01:19 - 2015-03-01 01:19 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-01 01:19 - 2015-03-01 01:19 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-01 01:19 - 2015-03-01 01:19 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-01 01:13 - 2015-03-22 01:57 - 00002874 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mason)
2015-03-01 01:13 - 2015-03-16 01:49 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-01 01:13 - 2015-03-01 01:13 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-01 01:13 - 2015-03-01 01:13 - 00003232 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-03-01 01:13 - 2015-03-01 01:13 - 00003176 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\IObit
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\ProgramData\IObit
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-28 23:49 - 2015-03-09 20:03 - 00002297 _____ () C:\Users\Mason\Desktop\Skyrim (SKSE).lnk
2015-02-27 14:16 - 2015-02-27 14:16 - 00000000 ____D () C:\Users\Mason\AppData\Local\BANDAI NAMCO Games
2015-02-26 16:22 - 2015-01-09 14:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 16:22 - 2015-01-09 13:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 21:02 - 2015-02-25 21:02 - 00276872 _____ () C:\Windows\Minidump\022515-11497-01.dmp
2015-02-25 17:59 - 2015-03-22 01:56 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-02-25 17:56 - 2015-01-09 10:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 17:56 - 2015-01-09 10:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 16:21 - 2015-02-25 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Block Legend DX
2015-02-24 19:26 - 2015-02-24 19:26 - 00000000 ____D () C:\Users\Mason\Documents\Direct Connect
2015-02-24 19:17 - 2015-02-24 19:17 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-02-24 19:03 - 2015-02-24 19:03 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-02-24 19:02 - 2015-03-05 17:09 - 00000000 ____D () C:\Users\Mason\Documents\3dsMax
2015-02-24 18:42 - 2015-02-24 23:48 - 00000000 ____D () C:\Users\Mason\Documents\Autodesk Application Manager
2015-02-24 18:42 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Mason\AppData\Local\Autodesk
2015-02-24 18:42 - 2015-02-24 19:25 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-02-23 00:16 - 2015-02-23 00:16 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-23 00:16 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\Program Files\iTunes
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files\iPod
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-22 14:51 - 2015-02-22 14:53 - 00000000 ____D () C:\Users\Mason\AppData\Local\Catacomb_Kids
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\Documents\DayZ
2015-02-20 20:58 - 2015-02-20 21:07 - 00000000 ____D () C:\Users\Mason\AppData\Local\DayZ
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-22 14:09 - 2015-01-10 03:08 - 00000000 ____D () C:\FRST
2015-03-22 14:09 - 2014-05-06 20:27 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Skype
2015-03-22 14:09 - 2014-04-26 01:50 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\BitTorrent
2015-03-22 13:34 - 2014-04-22 19:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-22 13:26 - 2014-04-22 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-22 12:08 - 2014-11-18 03:49 - 00000000 ____D () C:\Program Files (x86)\puush
2015-03-22 11:02 - 2014-10-11 14:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\Akamai
2015-03-22 04:31 - 2014-04-22 18:49 - 01436024 _____ () C:\Windows\WindowsUpdate.log
2015-03-22 04:02 - 2014-05-07 11:44 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashDumps
2015-03-22 03:34 - 2014-04-22 19:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 02:03 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 02:03 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 02:02 - 2009-07-14 16:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-22 02:00 - 2014-08-20 11:49 - 00000000 ____D () C:\Users\Mason\AppData\Local\Adobe
2015-03-22 01:57 - 2014-04-22 18:56 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2015-03-22 01:56 - 2014-09-01 17:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\LogMeIn Hamachi
2015-03-22 01:56 - 2014-04-22 19:16 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-03-22 01:56 - 2014-04-22 18:50 - 00000000 ____D () C:\Users\Mason
2015-03-22 01:56 - 2010-11-21 14:47 - 01172276 _____ () C:\Windows\PFRO.log
2015-03-22 01:56 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-22 01:56 - 2009-07-14 15:51 - 00097451 _____ () C:\Windows\setupact.log
2015-03-21 22:06 - 2014-04-22 19:27 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-21 20:17 - 2014-07-04 12:05 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-21 20:17 - 2014-07-04 12:05 - 00000000 ____D () C:\Program Files\Adobe
2015-03-21 20:17 - 2014-04-22 21:35 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Adobe
2015-03-21 19:27 - 2014-04-22 19:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-21 19:25 - 2014-08-03 18:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-21 14:43 - 2015-02-08 04:33 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-21 14:43 - 2015-02-08 04:33 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-03-21 14:43 - 2015-02-08 04:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-03-21 14:43 - 2015-02-08 04:32 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-03-21 03:25 - 2014-05-11 17:28 - 1312619125 _____ () C:\Windows\MEMORY.DMP
2015-03-21 03:25 - 2014-05-11 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-03-20 12:51 - 2014-06-27 02:31 - 00000000 ____D () C:\ProgramData\BlueOcean
2015-03-20 12:42 - 2015-01-08 05:05 - 00000000 ____D () C:\AdwCleaner
2015-03-20 12:42 - 2014-04-24 22:44 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium
2015-03-19 03:41 - 2014-10-27 16:26 - 00000000 ____D () C:\Users\Mason\Desktop\System Escape
2015-03-19 02:58 - 2014-09-01 17:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-19 02:58 - 2014-09-01 17:27 - 00000000 ____D () C:\Program Files\Java
2015-03-19 02:58 - 2014-08-18 01:25 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-19 02:57 - 2014-08-18 01:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-19 02:57 - 2014-04-22 21:45 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-19 02:57 - 2014-04-22 21:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-19 02:57 - 2014-04-22 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-19 01:46 - 2015-01-10 04:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-18 20:41 - 2014-06-24 02:25 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\SpaceEngineers
2015-03-18 14:44 - 2015-01-08 06:29 - 00000000 ____D () C:\Users\Mason\AppData\Local\NPE
2015-03-17 00:35 - 2015-01-08 06:30 - 00000000 ____D () C:\NPE
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Google
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-13 23:24 - 2014-04-24 22:58 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\vlc
2015-03-13 02:18 - 2009-07-14 16:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 08:02 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 07:24 - 2009-07-14 15:45 - 05073360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 03:08 - 2014-06-08 14:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 03:08 - 2009-07-14 13:34 - 00000580 _____ () C:\Windows\win.ini
2015-03-12 03:05 - 2014-04-23 11:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:01 - 2014-04-23 11:28 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 00:15 - 2009-07-14 16:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-10 19:32 - 2014-04-22 19:14 - 00109696 _____ () C:\Users\Mason\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 00:05 - 2014-05-14 18:18 - 00000000 ____D () C:\Users\Mason\dwhelper
2015-03-07 16:02 - 2014-04-22 21:17 - 00000000 ____D () C:\Users\Mason\Documents\my games
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Autodesk
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-01 01:19 - 2014-04-22 18:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-27 23:01 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\tracing
2015-02-25 20:02 - 2014-11-26 20:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 23:54 - 2014-10-11 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-02-24 23:54 - 2009-07-14 13:34 - 00017570 _____ () C:\Windows\system32\Drivers\etc\services
2015-02-24 19:02 - 2014-10-11 14:34 - 00000000 ____D () C:\Program Files\Autodesk
2015-02-23 02:30 - 2014-04-24 13:39 - 00000000 ____D () C:\Program Files (x86)\FVD Suite
2015-02-23 00:15 - 2014-04-24 09:46 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-20 15:28 - 2014-10-30 16:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-20 15:28 - 2014-05-06 20:26 - 00000000 ____D () C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2014-05-27 05:01 - 2014-06-03 05:23 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-01-07 15:53 - 2015-01-07 15:53 - 0000004 _____ () C:\Users\Mason\AppData\Roaming\appdataFr2.bin
2015-01-08 17:32 - 2015-01-08 17:38 - 0000115 _____ () C:\Users\Mason\AppData\Roaming\LogFile.txt
2015-03-04 14:59 - 2015-03-14 21:29 - 0001440 _____ () C:\Users\Mason\AppData\Roaming\SpeedRunnersLog.txt
2015-01-12 23:30 - 2015-01-12 23:30 - 0000000 ____H () C:\Users\Mason\AppData\Local\BIT9F2B.tmp
2014-04-22 18:55 - 2015-01-10 17:44 - 0000717 _____ () C:\Users\Mason\AppData\Local\killertool.log
2015-01-12 23:29 - 2015-01-12 23:29 - 0000000 _____ () C:\Users\Mason\AppData\Local\{AA12CEEB-3BE8-4E39-84C9-367F6834453C}
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-15 04:18
 
==================== End Of Log ============================


#10 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:36 AM

Posted 22 March 2015 - 05:13 AM

What does it exactly say when you try to run ESET?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#11 Azreide

Azreide
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 23 March 2015 - 11:56 AM

Well it seems like it works now, but the first time I tried going to the pag,e it simply said it's not available for me as I'm not in North America...

 

FRST Log AFTER running ESET:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mason (administrator) on MASON-PC on 24-03-2015 03:54:22
Running from C:\Users\Mason\Desktop
Loaded Profiles: Mason (Available profiles: Mason)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BitTorrent Inc.) C:\Users\Mason\AppData\Roaming\BitTorrent\BitTorrent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
() C:\Program Files (x86)\puush\puush.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Autodesk Inc.) C:\Users\Mason\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.83.62.0\OverwolfBrowser.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper64.exe
(Valve Corporation) H:\Steam\Steam.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-03-01] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-08-01] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-31] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [BitTorrent] => C:\Users\Mason\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-11-18] ()
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-02-26] (Overwolf LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-40517483-3242870874-2281284425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
SearchScopes: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> {44880015-BCAE-48E7-A546-FCEA7C2EDF9D} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-40517483-3242870874-2281284425-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\..\Interfaces\{430007CC-0FAE-4F6D-90A4-387DB11A7009}: [NameServer] 61.9.133.193 61.9.134.49
 
FireFox:
========
FF ProfilePath: C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Plugin HKU\S-1-5-21-40517483-3242870874-2281284425-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Video DownloadHelper - C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-03-23]
 
Chrome: 
=======
CHR Profile: C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Sheets) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Video download helper) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Gmail) - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-01-07] (Adobe Systems Incorporated)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [856960 2015-02-20] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-02-26] (Overwolf LTD)
S2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-03-14] (Asmedia Technology)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-02] (AVG Technologies)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-07] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150224.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-01] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30360 2015-03-04] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150320.001\IDSvia64.sys [669400 2015-02-06] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows ® Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2015-03-01] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-03-01] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150322.022\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150322.022\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-03-01] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-07] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-23] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-22 21:18 - 2015-03-22 21:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-22 21:17 - 2015-03-22 21:18 - 02347384 _____ (ESET) C:\Users\Mason\Downloads\esetsmartinstaller_enu.exe
2015-03-22 14:09 - 2015-03-24 03:54 - 00029963 _____ () C:\Users\Mason\Desktop\FRST.txt
2015-03-21 20:17 - 2015-03-21 20:17 - 00001483 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2014.lnk
2015-03-21 20:17 - 2015-03-21 20:17 - 00000000 ____D () C:\ProgramData\ALM
2015-03-21 19:27 - 2015-03-21 19:27 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-21 19:27 - 2015-03-21 19:27 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-03-21 14:48 - 2015-03-21 14:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2015-03-21 04:44 - 2015-03-21 04:54 - 255418695 _____ () C:\Users\Mason\Downloads\Supernatural.S10E15.HDTV.x264-LOL.mp4
2015-03-21 04:44 - 2015-03-21 04:44 - 00010175 _____ () C:\Users\Mason\Downloads\761F64EFAEE649B8D6BCB34225EB62936F27B7D3.torrent
2015-03-21 03:52 - 2015-03-21 03:52 - 00000000 ____D () C:\Users\Mason\Documents\Klei
2015-03-21 03:25 - 2015-03-21 03:25 - 00276984 _____ () C:\Windows\Minidump\032115-11902-01.dmp
2015-03-20 12:52 - 2015-03-17 17:59 - 01388672 _____ (Thisisu) C:\Users\Mason\Desktop\JRT_NEW.exe
2015-03-20 12:45 - 2015-03-20 12:46 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-20 12:40 - 2015-03-21 14:40 - 00000000 ____D () C:\Users\Mason\Desktop\FRST
2015-03-20 12:40 - 2015-03-20 12:40 - 02095616 _____ (Farbar) C:\Users\Mason\Downloads\FRST64.exe
2015-03-20 12:40 - 2015-03-20 12:40 - 02095616 _____ (Farbar) C:\Users\Mason\Desktop\FRST64.exe
2015-03-20 12:38 - 2015-03-20 12:38 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-20 12:38 - 2015-03-20 12:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-20 12:38 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Desktop\AdwCleaner.exe
2015-03-20 12:38 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-20 12:38 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-20 12:37 - 2015-03-20 12:38 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Mason\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-20 12:33 - 2015-03-20 12:34 - 02171392 _____ () C:\Users\Mason\Downloads\AdwCleaner.exe
2015-03-19 22:02 - 2015-03-21 16:17 - 00000000 ____D () C:\Users\Mason\Desktop\BOI Seed Client
2015-03-19 22:01 - 2015-03-19 22:01 - 00019515 _____ () C:\Users\Mason\Downloads\client.zip
2015-03-18 21:30 - 2015-03-22 17:33 - 00000000 ____D () C:\Users\Mason\Documents\enemy
2015-03-18 15:44 - 2015-03-18 15:44 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP
2015-03-17 01:33 - 2015-03-17 01:33 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-17 01:33 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-16 16:48 - 2015-03-21 10:36 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-16 16:48 - 2015-03-16 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\Documents\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Colossal Order
2015-03-16 03:59 - 2015-03-16 03:59 - 00000000 ____D () C:\Users\Mason\AppData\Local\Colossal Order
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\Documents\Square Enix
2015-03-14 21:15 - 2015-03-14 21:15 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashRpt
2015-03-14 15:37 - 2015-03-23 20:51 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2015-03-14 15:37 - 2015-03-14 15:37 - 00001971 _____ () C:\Users\Public\Desktop\Overwolf.lnk
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-03-14 15:37 - 2015-03-14 15:37 - 00000000 ____D () C:\ProgramData\Overwolf
2015-03-14 15:36 - 2015-03-23 17:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Overwolf
2015-03-14 15:36 - 2015-03-22 20:15 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\TS3Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00001169 _____ () C:\Users\Mason\Desktop\TeamSpeak 3 Client.lnk
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-14 15:36 - 2015-03-14 15:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\TeamSpeak 3 Client
2015-03-13 03:36 - 2015-03-13 03:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\Ori and the Blind Forest
2015-03-11 21:31 - 2015-03-06 16:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 21:31 - 2015-03-06 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 21:31 - 2015-03-06 16:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 21:31 - 2015-03-06 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 21:31 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 21:31 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 21:31 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 21:31 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 21:31 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 21:31 - 2015-02-26 14:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 21:31 - 2015-02-24 14:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 21:31 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 21:31 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 21:31 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 21:31 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 21:31 - 2015-02-20 15:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 21:31 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 21:31 - 2015-02-20 15:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 21:31 - 2015-02-20 14:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 21:31 - 2015-02-20 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 14:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 21:31 - 2015-02-20 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 21:31 - 2015-02-20 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 21:31 - 2015-02-20 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 21:31 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 21:31 - 2015-02-20 13:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 21:31 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 21:31 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 21:31 - 2015-02-20 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 21:31 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 21:31 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 21:31 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 21:31 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 21:31 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 21:31 - 2015-02-20 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 21:31 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 21:31 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 21:31 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 21:31 - 2015-02-20 12:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 21:31 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 21:31 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 21:31 - 2015-02-13 16:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 21:31 - 2015-02-03 14:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 21:31 - 2015-02-03 14:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 21:31 - 2015-02-03 14:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 21:31 - 2015-02-03 14:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 21:31 - 2015-02-03 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 21:31 - 2015-02-03 14:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 21:31 - 2015-02-03 14:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 14:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 21:31 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 21:31 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 21:31 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 21:31 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 21:31 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 21:31 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 21:31 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 21:31 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 21:31 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 21:31 - 2015-02-03 13:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 21:31 - 2015-01-31 14:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 21:31 - 2015-01-31 14:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 21:31 - 2015-01-31 10:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 21:31 - 2015-01-31 10:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 21:31 - 2015-01-17 13:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 21:31 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 21:31 - 2014-11-01 09:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 21:30 - 2015-02-21 12:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 21:30 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 21:30 - 2015-02-21 10:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 21:30 - 2015-02-20 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 21:30 - 2015-02-20 13:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 21:30 - 2015-02-20 13:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 21:30 - 2015-02-20 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 21:30 - 2015-02-20 13:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 21:30 - 2015-02-20 13:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 21:30 - 2015-02-20 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 21:30 - 2015-02-20 13:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 21:30 - 2015-02-20 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 21:30 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 21:30 - 2015-02-20 13:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 21:30 - 2015-02-20 12:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 21:30 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 21:30 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 21:30 - 2015-02-20 12:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 21:30 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 21:30 - 2015-02-20 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 21:30 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 21:29 - 2015-02-04 14:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 21:29 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 03:18 - 2015-03-07 03:18 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\com.jarvisfilms.synonomy
2015-03-07 01:53 - 2015-03-07 15:52 - 00000000 ____D () C:\Users\Mason\AppData\Local\Microsoft Games
2015-03-07 00:58 - 2015-03-17 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 18:30 - 2015-03-06 18:30 - 00000000 ____D () C:\Users\Mason\Documents\Paradox Interactive
2015-03-05 17:14 - 2015-03-05 17:15 - 00027136 _____ () C:\Users\Mason\Desktop\Snowman.avi
2015-03-04 19:59 - 2015-03-04 19:59 - 01398936 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-03-04 19:59 - 2015-03-04 19:59 - 00030360 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-03-04 17:35 - 2015-03-04 17:35 - 00000000 ____D () C:\Users\Mason\AppData\Local\My_Company
2015-03-02 19:27 - 2015-03-02 19:27 - 00010610 _____ () C:\Users\Mason\Documents\Potions.xlsx
2015-03-01 18:15 - 2015-03-01 18:15 - 00129312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-03-01 01:21 - 2015-03-01 01:21 - 00154320 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\e22W7x64.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-01 01:20 - 2015-03-01 01:20 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-03-01 01:20 - 2015-03-01 01:20 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-01 01:19 - 2015-03-01 01:19 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-01 01:19 - 2015-03-01 01:19 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-01 01:19 - 2015-03-01 01:19 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-01 01:19 - 2015-03-01 01:19 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-03-01 01:19 - 2015-03-01 01:19 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-01 01:13 - 2015-03-23 17:05 - 00002874 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mason)
2015-03-01 01:13 - 2015-03-16 01:49 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-01 01:13 - 2015-03-01 01:13 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-01 01:13 - 2015-03-01 01:13 - 00003232 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-03-01 01:13 - 2015-03-01 01:13 - 00003176 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\IObit
2015-03-01 01:13 - 2015-03-01 01:13 - 00000000 ____D () C:\ProgramData\IObit
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-01 01:12 - 2015-03-01 01:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-28 23:49 - 2015-03-09 20:03 - 00002297 _____ () C:\Users\Mason\Desktop\Skyrim (SKSE).lnk
2015-02-27 14:16 - 2015-02-27 14:16 - 00000000 ____D () C:\Users\Mason\AppData\Local\BANDAI NAMCO Games
2015-02-26 16:22 - 2015-01-09 14:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 16:22 - 2015-01-09 14:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 16:22 - 2015-01-09 13:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 21:02 - 2015-02-25 21:02 - 00276872 _____ () C:\Windows\Minidump\022515-11497-01.dmp
2015-02-25 17:59 - 2015-03-23 17:04 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-02-25 17:56 - 2015-01-09 10:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 17:56 - 2015-01-09 10:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 16:21 - 2015-02-25 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Block Legend DX
2015-02-24 19:26 - 2015-02-24 19:26 - 00000000 ____D () C:\Users\Mason\Documents\Direct Connect
2015-02-24 19:17 - 2015-02-24 19:17 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-02-24 19:03 - 2015-02-24 19:03 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-02-24 19:02 - 2015-03-05 17:09 - 00000000 ____D () C:\Users\Mason\Documents\3dsMax
2015-02-24 18:42 - 2015-02-24 23:48 - 00000000 ____D () C:\Users\Mason\Documents\Autodesk Application Manager
2015-02-24 18:42 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Mason\AppData\Local\Autodesk
2015-02-24 18:42 - 2015-02-24 19:25 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-02-23 00:16 - 2015-02-23 00:16 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-23 00:16 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-23 00:15 - 2015-02-23 00:16 - 00000000 ____D () C:\Program Files\iTunes
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files\iPod
2015-02-23 00:15 - 2015-02-23 00:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-22 14:51 - 2015-02-22 14:53 - 00000000 ____D () C:\Users\Mason\AppData\Local\Catacomb_Kids
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-24 03:54 - 2015-01-10 03:08 - 00000000 ____D () C:\FRST
2015-03-24 03:54 - 2014-04-26 01:50 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\BitTorrent
2015-03-24 03:53 - 2014-05-06 20:27 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Skype
2015-03-24 03:34 - 2014-04-22 19:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-24 03:34 - 2014-04-22 19:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-24 03:26 - 2014-04-22 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-24 03:02 - 2014-10-11 14:36 - 00000000 ____D () C:\Users\Mason\AppData\Local\Akamai
2015-03-24 03:00 - 2014-04-22 18:49 - 01482389 _____ () C:\Windows\WindowsUpdate.log
2015-03-24 02:00 - 2014-08-20 11:49 - 00000000 ____D () C:\Users\Mason\AppData\Local\Adobe
2015-03-23 22:21 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-23 22:21 - 2009-07-14 15:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-23 20:51 - 2014-11-18 03:49 - 00000000 ____D () C:\Program Files (x86)\puush
2015-03-23 17:10 - 2009-07-14 16:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-23 17:04 - 2014-09-01 17:50 - 00000000 ____D () C:\Users\Mason\AppData\Local\LogMeIn Hamachi
2015-03-23 17:04 - 2014-04-22 19:16 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-03-23 17:04 - 2014-04-22 18:56 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2015-03-23 17:04 - 2010-11-21 14:47 - 01180544 _____ () C:\Windows\PFRO.log
2015-03-23 17:04 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-23 17:04 - 2009-07-14 15:51 - 00097563 _____ () C:\Windows\setupact.log
2015-03-23 08:02 - 2014-04-22 19:27 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-22 22:13 - 2014-04-22 18:50 - 00000000 ____D () C:\Users\Mason
2015-03-22 04:02 - 2014-05-07 11:44 - 00000000 ____D () C:\Users\Mason\AppData\Local\CrashDumps
2015-03-21 20:17 - 2014-07-04 12:05 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-21 20:17 - 2014-07-04 12:05 - 00000000 ____D () C:\Program Files\Adobe
2015-03-21 20:17 - 2014-04-22 21:35 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Adobe
2015-03-21 19:27 - 2014-04-22 19:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-21 19:25 - 2014-08-03 18:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-21 14:43 - 2015-02-08 04:33 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-21 14:43 - 2015-02-08 04:33 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-03-21 14:43 - 2015-02-08 04:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-03-21 14:43 - 2015-02-08 04:32 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-03-21 03:25 - 2014-05-11 17:28 - 1312619125 _____ () C:\Windows\MEMORY.DMP
2015-03-21 03:25 - 2014-05-11 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-03-20 12:51 - 2014-06-27 02:31 - 00000000 ____D () C:\ProgramData\BlueOcean
2015-03-20 12:42 - 2015-01-08 05:05 - 00000000 ____D () C:\AdwCleaner
2015-03-20 12:42 - 2014-04-24 22:44 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium
2015-03-19 03:41 - 2014-10-27 16:26 - 00000000 ____D () C:\Users\Mason\Desktop\System Escape
2015-03-19 02:58 - 2014-09-01 17:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-19 02:58 - 2014-09-01 17:27 - 00000000 ____D () C:\Program Files\Java
2015-03-19 02:58 - 2014-08-18 01:25 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-19 02:57 - 2014-08-18 01:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-19 02:57 - 2014-04-22 21:45 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-19 02:57 - 2014-04-22 21:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-19 02:57 - 2014-04-22 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-19 01:46 - 2015-01-10 04:44 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-18 20:41 - 2014-06-24 02:25 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\SpaceEngineers
2015-03-18 14:44 - 2015-01-08 06:29 - 00000000 ____D () C:\Users\Mason\AppData\Local\NPE
2015-03-17 00:35 - 2015-01-08 06:30 - 00000000 ____D () C:\NPE
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Users\Mason\AppData\Local\Google
2015-03-16 16:48 - 2014-04-22 19:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-13 23:24 - 2014-04-24 22:58 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\vlc
2015-03-13 02:18 - 2009-07-14 16:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 08:02 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 07:24 - 2009-07-14 15:45 - 05073360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 07:24 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 03:08 - 2014-06-08 14:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 03:08 - 2009-07-14 13:34 - 00000580 _____ () C:\Windows\win.ini
2015-03-12 03:05 - 2014-04-23 11:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:01 - 2014-04-23 11:28 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 00:15 - 2009-07-14 16:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-10 19:32 - 2014-04-22 19:14 - 00109696 _____ () C:\Users\Mason\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 00:05 - 2014-05-14 18:18 - 00000000 ____D () C:\Users\Mason\dwhelper
2015-03-07 16:02 - 2014-04-22 21:17 - 00000000 ____D () C:\Users\Mason\Documents\my games
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\Users\Mason\AppData\Roaming\Autodesk
2015-03-05 17:09 - 2014-10-11 14:38 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-01 01:19 - 2014-04-22 18:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-27 23:01 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\tracing
2015-02-25 20:02 - 2014-11-26 20:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 23:54 - 2014-10-11 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-02-24 23:54 - 2009-07-14 13:34 - 00017570 _____ () C:\Windows\system32\Drivers\etc\services
2015-02-24 19:02 - 2014-10-11 14:34 - 00000000 ____D () C:\Program Files\Autodesk
2015-02-23 02:30 - 2014-04-24 13:39 - 00000000 ____D () C:\Program Files (x86)\FVD Suite
2015-02-23 00:15 - 2014-04-24 09:46 - 00000000 ____D () C:\Program Files\Common Files\Apple
 
==================== Files in the root of some directories =======
 
2014-05-27 05:01 - 2014-06-03 05:23 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-01-07 15:53 - 2015-01-07 15:53 - 0000004 _____ () C:\Users\Mason\AppData\Roaming\appdataFr2.bin
2015-01-08 17:32 - 2015-01-08 17:38 - 0000115 _____ () C:\Users\Mason\AppData\Roaming\LogFile.txt
2015-03-04 14:59 - 2015-03-14 21:29 - 0001440 _____ () C:\Users\Mason\AppData\Roaming\SpeedRunnersLog.txt
2015-01-12 23:30 - 2015-01-12 23:30 - 0000000 ____H () C:\Users\Mason\AppData\Local\BIT9F2B.tmp
2014-04-22 18:55 - 2015-01-10 17:44 - 0000717 _____ () C:\Users\Mason\AppData\Local\killertool.log
2015-01-12 23:29 - 2015-01-12 23:29 - 0000000 _____ () C:\Users\Mason\AppData\Local\{AA12CEEB-3BE8-4E39-84C9-367F6834453C}
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-15 04:18
 
==================== End Of Log ============================
 
ESET Log:
 
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\Temp\ReimageRepair.exe.vir a variant of Win32/ReImageRepair.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\torch\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\torch\User Data\Default\Extensions\biijdgbmlemjofbmnajmdomeabiconmm\2.14\oYy.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\torch\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\torch\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\torch\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mason\AppData\Local\torch\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\XzZE.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\ProgramData\cimcolldicbaonkidachomihkbdmlnfb\I.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\0vH@q.org\content\bg.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\71Cz@Uki.net\content\bg.js JS/Kryptik.ATL trojan cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\fveR@DH.org\content\bg.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\5rvyed00.default\Extensions\TnuXqog0@QE.edu\content\bg.js JS/Kryptik.ATL trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmelojcmgikahfdipmbgkkoienfjkmcp\2.1\tdQZQM8nN.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo\197\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
 


#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:36 AM

Posted 23 March 2015 - 05:53 PM

How is your system running now? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 Azreide

Azreide
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 24 March 2015 - 02:09 AM

Still getting the redirecting, I'm clicking on things and a new window opens up of another website.



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:36 AM

Posted 24 March 2015 - 08:05 AM

Reset your router please.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 Azreide

Azreide
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 24 March 2015 - 08:50 PM

Not my router, I'm 19, I live with my father and he's unwilling for me to do anything involving the router...oh well, thank you for trying






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users