Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Malware, programs opening and then closing


  • This topic is locked This topic is locked
4 replies to this topic

#1 coffe4meplz

coffe4meplz

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 17 June 2015 - 02:44 PM

Mod Edit: Moved to Prooper log Forum ~~ boopme

I can't figure out whats wrong with my computer. I have Hitman Pro on my computer, and I have Avast Anti-Virus. Lately I can't open my task manager, or Steam, and sometimes other programs won't open either or they will crash. If I try to open chrome, and go to any antivirus website, it closes. I try to open Steam, it closes. Its getting really aggravating. I ran rougekiller and rkill (and other programs), and Taskmanager opened, but not steam (didn't test chrome), I restarted my computer and then task manager was back to not opening. I'm at my wits end. Heres some logs from things I did today
 
FRST-
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Bwookey (administrator) on BWOOKEY-HP on 17-06-2015 09:58:09
Running from C:\Users\Bwookey\Downloads
Loaded Profiles: Bwookey (Available Profiles: Bwookey)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\Bwookey\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Bwookey\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Bwookey\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Bwookey\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Bwookey\AppData\Roaming\nvxasync\nvxasync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Dropbox, Inc.) C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\Wacom\Inkling Sketch Manager\SketchManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Thisisu) C:\Users\Bwookey\Downloads\JRT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2014-06-22] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-28] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2014-06-05] (NCSOFT Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [sketchmanager] => C:\Program Files (x86)\Wacom\Inkling Sketch Manager\SketchManager.exe [3668992 2013-12-29] ()
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-14] (Raptr, Inc)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [Google Update] => C:\Users\Bwookey\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-21] (Google Inc.)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [Spotify Web Helper] => C:\Users\Bwookey\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-06-15] (Electronic Arts)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [GoogleChromeAutoLaunch_5A01A708E15EE7D0269A4F134C1D1AC1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [Spotify] => C:\Users\Bwookey\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [nvxasync] => C:\Users\Bwookey\AppData\Roaming\nvxasync\nvxasync.exe [153822720 2015-05-15] ()
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [Dropbox Update] => C:\Users\Bwookey\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe <==== ATTENTION 
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-07-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Bwookey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-04-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-07-28] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bwookey\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
CHR HKU\S-1-5-21-3181938619-60246940-1412980263-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50431;https=127.0.0.1:50431
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
SearchScopes: HKLM -> {4AD160DF-E234-4061-8599-32552C09F87E} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3181938619-60246940-1412980263-1001 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-3181938619-60246940-1412980263-1001 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-3181938619-60246940-1412980263-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-18] (HP)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-28] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-24] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-25] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-18] (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-28] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-3181938619-60246940-1412980263-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-08-24] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3181938619-60246940-1412980263-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Bwookey\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3181938619-60246940-1412980263-1001: @talk.google.com/O1DPlugin -> C:\Users\Bwookey\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3181938619-60246940-1412980263-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Bwookey\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3181938619-60246940-1412980263-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Bwookey\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3181938619-60246940-1412980263-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Bwookey\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Bwookey\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Bwookey\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-30]
 
Chrome: 
=======
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-17]
CHR Extension: (Skype Click to Call) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-17]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-17]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-04]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-04]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-04]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-04]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-05-04]
CHR Extension: (Bookmark Manager) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Skype Click to Call) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-04]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-04]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10
CHR Extension: (Google Slides) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-30]
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-30]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-30]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-30]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-30]
CHR Extension: (Google Sheets) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-30]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-05-30]
CHR Extension: (Bookmark Manager) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-30]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-30]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-12-21]
CHR Extension: (Bookmark Manager) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-06]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Ask Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2014-12-27]
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-22]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-29]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-22]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-22]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-05-22]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-22]
CHR Extension: (Skype Click to Call) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-05-22]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-22]
CHR Extension: (Tumblr Savior) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2014-05-22]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-22]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-26]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-26]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-26]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-26]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-05-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-06-17]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-17]
CHR Extension: (Pin It Button) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-07-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Skype Click to Call) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-25]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-07-25]
CHR Extension: (Bookmark Manager) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (Skype Click to Call) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-21]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-21]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-21]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-21]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-08-21]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Skype Click to Call) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-21]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-21]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-21]
CHR Profile: C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9
CHR Extension: (Google Slides) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-20]
CHR Extension: (Google Docs) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-20]
CHR Extension: (Google Drive) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-20]
CHR Extension: (YouTube) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-20]
CHR Extension: (Google Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-20]
CHR Extension: (Google Sheets) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-20]
CHR Extension: (XKit) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-04-21]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]
CHR Extension: (Google Wallet) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-20]
CHR Extension: (Gmail) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-28] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-06-17] (SurfRight B.V.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-06-15] (Electronic Arts)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-07-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-28] ()
S3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
S3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [59856 2014-05-06] (Windows ® Win 7 DDK provider) [File not signed]
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-17 09:55 - 2015-06-17 09:56 - 00067925 _____ C:\Users\Bwookey\Downloads\Addition.txt
2015-06-17 09:54 - 2015-06-17 09:58 - 00043570 _____ C:\Users\Bwookey\Downloads\FRST.txt
2015-06-17 09:54 - 2015-06-17 09:58 - 00000000 ____D C:\FRST
2015-06-17 09:53 - 2015-06-17 09:53 - 02109952 _____ (Farbar) C:\Users\Bwookey\Downloads\FRST64.exe
2015-06-17 09:47 - 2015-06-17 09:47 - 02949914 _____ (Thisisu) C:\Users\Bwookey\Downloads\JRT.exe
2015-06-17 09:34 - 2015-06-17 09:34 - 02231296 _____ C:\Users\Bwookey\Downloads\AdwCleaner.exe
2015-06-17 09:14 - 2015-06-17 09:14 - 05628161 ____R (Swearware) C:\Users\Bwookey\Downloads\ComboFix (1).exe
2015-06-17 09:13 - 2015-06-17 09:17 - 00000000 ___SD C:\32788R22FWJFW
2015-06-17 09:13 - 2015-06-17 09:13 - 05628161 ____R (Swearware) C:\Users\Bwookey\Downloads\ComboFix.exe
2015-06-17 09:13 - 2015-06-17 09:13 - 00000000 ____D C:\Windows\erdnt
2015-06-17 09:10 - 2015-06-17 09:10 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Bwookey\Downloads\tdsskiller.exe
2015-06-17 08:56 - 2015-06-17 09:49 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-17 08:56 - 2015-06-17 08:56 - 01476720 _____ C:\Users\Bwookey\Downloads\SteamSetup.exe
2015-06-17 08:56 - 2015-06-17 08:56 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk
2015-06-17 08:53 - 2015-06-17 08:53 - 00062776 _____ C:\Users\Bwookey\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-17 08:49 - 2015-06-17 09:40 - 00000168 _____ C:\Windows\setupact.log
2015-06-17 08:49 - 2015-06-17 08:49 - 00000000 _____ C:\Windows\setuperr.log
2015-06-17 08:48 - 2015-06-17 08:48 - 00003752 _____ C:\Windows\PFRO.log
2015-06-17 08:31 - 2015-06-17 08:31 - 00002266 _____ C:\Users\Bwookey\Documents\Uninstall Dragon Age 2.log
2015-06-17 08:15 - 2015-06-17 08:15 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-17 08:14 - 2015-06-17 08:19 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3181938619-60246940-1412980263-1001UA.job
2015-06-17 08:14 - 2015-06-17 08:14 - 00003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3181938619-60246940-1412980263-1001UA
2015-06-17 08:13 - 2015-06-17 08:18 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3181938619-60246940-1412980263-1001Core.job
2015-06-17 08:13 - 2015-06-17 08:13 - 00003504 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3181938619-60246940-1412980263-1001Core
2015-06-17 08:13 - 2015-06-17 08:13 - 00000000 ____D C:\Users\Bwookey\AppData\Local\Dropbox
2015-06-17 08:13 - 2015-06-17 08:13 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-17 08:02 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-06-17 08:02 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-06-17 07:58 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-06-17 07:58 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-06-17 07:51 - 2015-06-17 07:51 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2015-06-16 19:10 - 2015-06-16 19:10 - 00000000 ____D C:\Users\Bwookey\Downloads\Wasteland Clothing HD V1-3 FULL PACK-54478-1-3
2015-06-16 17:01 - 2015-06-16 19:07 - 409896963 _____ C:\Users\Bwookey\Downloads\Wasteland Clothing HD V1-3 FULL PACK-54478-1-3.7z
2015-06-15 13:56 - 2015-06-15 13:56 - 00687104 _____ C:\Users\Bwookey\Downloads\MicrosoftFixit50756.msi
2015-06-15 13:31 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-06-15 13:31 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-06-15 13:31 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-06-15 13:31 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-06-15 13:31 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-06-15 13:31 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-06-15 13:31 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-06-15 13:31 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-06-15 13:31 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-06-15 13:31 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-06-15 13:31 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-06-15 13:31 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-06-15 13:31 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-06-15 13:31 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-06-15 13:31 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-06-15 13:31 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-06-15 13:30 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-06-15 13:30 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport(13).sys
2015-06-15 13:30 - 2012-08-23 09:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-06-15 13:30 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-06-15 13:29 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-06-15 13:29 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-06-15 12:52 - 2015-05-08 22:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-15 12:52 - 2015-05-08 22:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-15 12:52 - 2015-05-08 22:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-15 12:52 - 2015-05-08 22:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-15 12:52 - 2015-05-08 22:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-15 12:52 - 2015-05-08 22:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-15 12:52 - 2015-05-08 22:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-15 12:52 - 2015-05-08 22:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-15 12:52 - 2015-05-08 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-15 12:52 - 2015-05-08 22:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-15 12:52 - 2015-05-08 22:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-15 12:52 - 2015-05-08 22:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-15 12:52 - 2015-05-08 22:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-15 12:52 - 2015-05-08 22:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-15 12:52 - 2015-05-08 22:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-15 12:52 - 2015-05-08 22:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-15 12:52 - 2015-03-13 22:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-15 12:52 - 2015-03-13 22:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-06-15 12:52 - 2015-03-13 22:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-15 12:52 - 2015-03-13 22:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-06-13 17:39 - 2015-06-13 17:39 - 37655901 ____R C:\Users\Bwookey\Downloads\Starfire 001 (2015) (2 covers) (Digital) (Cypher 2.0-Empire).cbr
2015-06-13 15:30 - 2015-06-16 16:57 - 00000000 ____D C:\Users\Bwookey\AppData\Local\FalloutNV
2015-06-11 20:29 - 2015-06-11 20:29 - 00401430 _____ C:\Users\Bwookey\Downloads\q0ow7Tvz.htm
2015-06-09 18:14 - 2015-06-01 14:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 18:14 - 2015-06-01 13:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 18:14 - 2015-05-27 09:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 18:14 - 2015-05-27 09:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 18:14 - 2015-05-22 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-09 18:14 - 2015-05-22 22:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 18:14 - 2015-05-22 22:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-09 18:14 - 2015-05-22 22:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-09 18:14 - 2015-05-22 22:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 18:14 - 2015-05-22 22:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-09 18:14 - 2015-05-22 22:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 18:14 - 2015-05-22 22:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-09 18:14 - 2015-05-22 22:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-09 18:14 - 2015-05-22 22:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-09 18:14 - 2015-05-22 22:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 18:14 - 2015-05-22 22:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-09 18:14 - 2015-05-22 22:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 18:14 - 2015-05-22 21:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-09 18:14 - 2015-05-22 21:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-09 18:14 - 2015-05-22 21:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-09 18:14 - 2015-05-22 21:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 18:14 - 2015-05-22 21:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 18:14 - 2015-05-22 21:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 18:14 - 2015-05-22 21:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 18:14 - 2015-05-22 21:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 18:14 - 2015-05-22 21:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-09 18:14 - 2015-05-22 21:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 18:14 - 2015-05-22 21:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 18:14 - 2015-05-22 21:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 18:14 - 2015-05-22 21:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 18:14 - 2015-05-22 14:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-09 18:14 - 2015-05-22 14:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-09 18:14 - 2015-05-22 14:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-09 18:14 - 2015-05-22 14:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 18:14 - 2015-05-22 14:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 18:14 - 2015-05-22 14:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 18:14 - 2015-05-22 14:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-09 18:14 - 2015-05-22 13:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-09 18:14 - 2015-05-22 13:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-09 18:14 - 2015-05-22 13:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 18:14 - 2015-05-22 13:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-09 18:14 - 2015-05-22 13:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 18:14 - 2015-05-22 13:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 18:14 - 2015-05-22 13:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 18:14 - 2015-05-22 13:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-09 18:14 - 2015-05-22 13:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-09 18:14 - 2015-05-22 13:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-09 18:14 - 2015-05-22 13:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-09 18:14 - 2015-05-22 13:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-09 18:14 - 2015-05-22 13:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-09 18:14 - 2015-05-22 13:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 18:14 - 2015-05-22 13:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 18:14 - 2015-05-22 13:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-09 18:14 - 2015-05-22 13:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 18:14 - 2015-05-22 13:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 18:14 - 2015-05-22 13:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-09 18:14 - 2015-05-22 12:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 18:14 - 2015-05-22 12:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 18:14 - 2015-05-22 12:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 18:14 - 2015-05-22 12:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 18:12 - 2015-05-25 13:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-09 18:12 - 2015-05-25 13:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-09 18:12 - 2015-05-25 13:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-09 18:12 - 2015-05-25 13:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-09 18:12 - 2015-05-25 13:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-09 18:12 - 2015-05-25 13:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-09 18:12 - 2015-05-25 13:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-09 18:12 - 2015-05-25 13:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-09 18:12 - 2015-05-25 13:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-09 18:12 - 2015-05-25 13:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-09 18:12 - 2015-05-25 13:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-09 18:12 - 2015-05-25 13:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-09 18:12 - 2015-05-25 13:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-09 18:12 - 2015-05-25 13:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-09 18:12 - 2015-05-25 13:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-09 18:12 - 2015-05-25 13:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-09 18:12 - 2015-05-25 13:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-09 18:12 - 2015-05-22 13:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 18:12 - 2015-05-22 13:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 18:12 - 2015-05-22 13:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 18:12 - 2015-05-22 13:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 18:12 - 2015-05-22 13:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 18:12 - 2015-05-22 13:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 18:12 - 2015-05-22 13:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 18:12 - 2015-05-21 08:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 18:12 - 2015-04-29 13:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-09 18:12 - 2015-04-29 13:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-09 18:12 - 2015-04-29 13:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-09 18:12 - 2015-04-29 13:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-09 18:12 - 2015-04-29 13:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-09 18:12 - 2015-04-29 13:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-09 18:12 - 2015-04-29 13:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-09 18:12 - 2015-04-29 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-09 18:12 - 2015-04-29 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-09 18:12 - 2015-04-29 13:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-09 18:11 - 2015-05-25 13:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-09 18:11 - 2015-05-25 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-09 18:11 - 2015-05-25 13:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-09 18:11 - 2015-05-25 13:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-09 18:11 - 2015-05-25 13:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-09 18:11 - 2015-05-25 13:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-09 18:11 - 2015-05-25 13:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-09 18:11 - 2015-05-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-09 18:11 - 2015-05-25 13:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-09 18:11 - 2015-05-25 13:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-09 18:11 - 2015-05-25 13:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-09 18:11 - 2015-05-25 13:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-09 18:11 - 2015-05-25 13:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-09 18:11 - 2015-05-25 13:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-09 18:11 - 2015-05-25 13:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-09 18:11 - 2015-05-25 13:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-09 18:11 - 2015-05-25 13:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-09 18:11 - 2015-05-25 13:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-09 18:11 - 2015-05-25 13:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-09 18:11 - 2015-05-25 13:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-09 18:11 - 2015-05-25 12:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-09 18:11 - 2015-05-25 12:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-09 18:11 - 2015-05-25 12:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-09 18:11 - 2015-05-25 12:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-09 18:11 - 2015-05-25 12:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-09 18:11 - 2015-05-25 12:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 12:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 18:11 - 2015-05-25 11:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-09 18:11 - 2015-05-25 11:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-09 18:11 - 2015-05-25 11:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 11:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 18:11 - 2015-05-25 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-09 18:11 - 2015-04-24 13:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 18:11 - 2015-04-24 12:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 18:10 - 2015-05-25 12:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 18:10 - 2015-04-10 22:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 15:28 - 2015-06-09 15:28 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\RenPy
2015-06-09 15:28 - 2015-06-09 15:28 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\AMD
2015-06-03 18:43 - 2015-06-03 18:43 - 00015819 _____ C:\Users\Bwookey\Downloads\cat_eyes.zip
2015-06-03 18:42 - 2015-06-03 18:42 - 00015220 _____ C:\Users\Bwookey\Downloads\kiss_tell.zip
2015-05-30 23:25 - 2015-05-30 23:25 - 07271286 _____ C:\Users\Bwookey\Downloads\Catwoman icons.7z
2015-05-30 23:22 - 2015-06-13 20:21 - 00000000 ____D C:\Users\Bwookey\Downloads\Selina Icons
2015-05-29 20:05 - 2015-05-29 20:05 - 00001199 _____ C:\Users\Bwookey\Desktop\Any Video Converter.lnk
2015-05-29 20:03 - 2015-05-29 20:04 - 37908856 _____ C:\Users\Bwookey\Downloads\avc-free.exe
2015-05-29 19:52 - 2015-05-29 19:52 - 00000000 ____D C:\Users\Bwookey\Downloads\GSNK no subs
2015-05-29 19:43 - 2015-05-29 19:54 - 00000000 ____D C:\Users\Bwookey\Downloads\Batman The Animated Series DvDRip x264 Complete
2015-05-29 19:32 - 2015-05-29 19:32 - 14213267 _____ (Faasoft Corporation) C:\Users\Bwookey\Downloads\f-video-converter.exe
2015-05-29 11:26 - 2015-05-29 19:53 - 00000000 ____D C:\Users\Bwookey\Downloads\Batman.Assault.On.Arkham.2014.1080p.BluRay.x264-ROVERS[et]
2015-05-29 07:53 - 2015-05-29 08:00 - 00000000 ____D C:\Users\Bwookey\Downloads\Batman - Li'l Gotham (01 - 21 & Special)
2015-05-28 18:19 - 2015-05-28 18:19 - 00019417 _____ C:\Users\Bwookey\Downloads\wpid-bat_nipples.jpeg
2015-05-27 13:31 - 2015-05-27 13:31 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Terawell
2015-05-27 13:13 - 2015-05-27 13:13 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terawell
2015-05-27 13:12 - 2015-05-27 13:12 - 00478832 _____ () C:\Users\Bwookey\Downloads\setup.exe
2015-05-23 16:27 - 2015-05-23 16:27 - 00120074 _____ C:\Users\Bwookey\Downloads\I'M SORRY DAREDEVIL.jpeg
2015-05-19 11:45 - 2015-05-19 11:48 - 00000000 ____D C:\Users\Bwookey\Downloads\[NoobSubs] Space Dandy Season 1 (720p Blu-ray eng dub MP4)
2015-05-18 19:15 - 2015-05-18 19:22 - 693120268 _____ C:\Users\Bwookey\Downloads\[denpa] Space Dandy 2 - 11 [CNHD 720p 5.1][ADC91975].mkv
2015-05-18 19:08 - 2015-05-18 19:13 - 00000000 ____D C:\Users\Bwookey\Downloads\Space Dandy (DUBBED) (Season 2)
2015-05-18 19:06 - 2015-05-18 19:06 - 00000000 ____D C:\Users\Bwookey\Downloads\[deanzel] Space Dandy - Season 1 [BD 1080p Dual Audio FLAC-AC3]
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-17 09:56 - 2015-02-24 06:27 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Skype
2015-06-17 09:54 - 2014-04-30 18:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-17 09:53 - 2014-05-16 22:26 - 00000000 ____D C:\Users\Bwookey\AppData\Local\CrashDumps
2015-06-17 09:51 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 09:51 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 09:47 - 2014-10-10 11:36 - 00000000 ____D C:\ProgramData\Origin
2015-06-17 09:47 - 2014-05-10 19:57 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Spotify
2015-06-17 09:46 - 2015-03-05 00:08 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBwookey
2015-06-17 09:46 - 2015-03-05 00:08 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForBwookey.job
2015-06-17 09:46 - 2011-11-11 10:50 - 01690141 _____ C:\Windows\WindowsUpdate.log
2015-06-17 09:45 - 2014-04-30 18:30 - 00000000 ___RD C:\Users\Bwookey\Dropbox
2015-06-17 09:44 - 2014-06-21 18:23 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Raptr
2015-06-17 09:44 - 2014-04-30 18:28 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Dropbox
2015-06-17 09:43 - 2015-02-11 19:32 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 09:42 - 2014-05-10 19:57 - 00000000 ____D C:\Users\Bwookey\AppData\Local\Spotify
2015-06-17 09:41 - 2015-02-11 19:32 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 09:40 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 09:39 - 2014-09-27 13:01 - 00000000 ____D C:\AdwCleaner
2015-06-17 09:29 - 2014-05-21 20:29 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181938619-60246940-1412980263-1001UA.job
2015-06-17 09:25 - 2014-05-10 14:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-17 09:00 - 2014-09-02 19:35 - 00000000 ____D C:\ProgramData\Oracle
2015-06-17 09:00 - 2011-08-24 23:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-17 08:56 - 2014-05-02 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-17 08:46 - 2014-09-13 11:20 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Wise Disk Cleaner
2015-06-17 08:43 - 2015-02-10 23:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-17 08:43 - 2015-01-04 19:15 - 00000000 ____D C:\Users\Bwookey\Documents\My CamStudio Temp Files
2015-06-17 08:43 - 2014-09-27 14:17 - 00000000 ____D C:\Users\Bwookey\Documents\Resumes
2015-06-17 08:43 - 2014-08-25 22:33 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Anvsoft
2015-06-17 08:43 - 2014-06-21 18:23 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-06-17 08:43 - 2014-04-30 18:37 - 00000000 ____D C:\Users\Bwookey\Documents\Youcam
2015-06-17 08:43 - 2014-04-30 18:30 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Skype_Old
2015-06-17 08:40 - 2014-05-02 18:18 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-17 08:38 - 2014-04-30 18:29 - 00005015 _____ C:\Windows\wininit.ini
2015-06-17 08:37 - 2014-06-13 01:15 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2015-06-17 08:36 - 2014-09-27 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2015-06-17 08:35 - 2015-01-07 02:33 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\WiseUpdate
2015-06-17 08:35 - 2014-09-27 13:55 - 00000000 ____D C:\Users\Bwookey\Desktop\AntiVirus Junk
2015-06-17 08:35 - 2014-06-01 20:42 - 00000000 ____D C:\Program Files (x86)\WOMic
2015-06-17 08:34 - 2014-05-14 14:31 - 00000000 ____D C:\Program Files (x86)\OBS
2015-06-17 08:34 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-17 08:33 - 2014-06-26 17:56 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-17 08:27 - 2011-08-24 23:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-17 07:51 - 2015-02-10 23:24 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\BitTorrent
2015-06-17 07:45 - 2009-07-14 00:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-17 07:38 - 2014-04-30 00:54 - 00000000 ____D C:\Users\Bwookey
2015-06-17 07:37 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-17 07:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 07:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-17 07:36 - 2014-09-27 13:16 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-17 07:36 - 2014-07-01 15:46 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-17 07:36 - 2014-05-03 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-06-17 07:36 - 2014-05-03 10:33 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2015-06-17 07:36 - 2011-08-24 23:51 - 00000000 ____D C:\ProgramData\RoxioNow
2015-06-17 07:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2015-06-16 16:57 - 2014-05-02 20:11 - 00000000 ____D C:\Users\Bwookey\Documents\Nexus Mod Manager
2015-06-15 18:29 - 2014-05-21 20:29 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181938619-60246940-1412980263-1001Core.job
2015-06-15 16:52 - 2014-08-28 14:07 - 00000000 ____D C:\The KMPlayer
2015-06-15 16:50 - 2014-10-05 14:42 - 00000000 ____D C:\Users\Bwookey\Documents\Camtasia Studio
2015-06-15 14:24 - 2014-04-30 01:00 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EF48A9A0-C936-49E0-B062-3C054051047F}
2015-06-15 13:45 - 2014-04-30 18:29 - 00000000 ____D C:\ProgramData\Skype
2015-06-15 13:44 - 2014-10-20 15:21 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-15 13:40 - 2009-07-13 22:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-15 13:28 - 2014-05-04 11:14 - 00000000 ____D C:\Windows\system32\MRT
2015-06-15 13:16 - 2011-02-10 14:23 - 00000000 ____D C:\SWSetup
2015-06-15 13:16 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-06-15 13:13 - 2011-08-24 23:41 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-15 12:55 - 2011-11-11 10:59 - 00005779 _____ C:\Windows\system32\RaCoInst.log
2015-06-15 03:48 - 2015-02-05 20:02 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\CDisplayEx
2015-06-14 08:36 - 2014-06-22 10:41 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-06-13 17:42 - 2014-08-24 13:02 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\uTorrent
2015-06-13 15:30 - 2014-05-12 00:45 - 00000000 ____D C:\Users\Bwookey\Documents\My Games
2015-06-10 18:54 - 2014-09-27 13:38 - 00000352 _____ C:\Windows\system32\.crusader
2015-06-10 12:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 10:38 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 10:38 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 10:35 - 2009-07-13 23:45 - 04944216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 03:23 - 2014-12-11 08:54 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 03:23 - 2014-05-07 18:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-09 21:44 - 2015-02-11 19:33 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 18:25 - 2014-07-08 23:25 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-09 18:25 - 2014-05-10 14:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 18:25 - 2014-05-10 14:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 18:25 - 2014-05-10 14:29 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-03 09:10 - 2014-04-30 18:00 - 00003222 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBWOOKEY-HP$
2015-06-03 09:10 - 2014-04-30 18:00 - 00000346 _____ C:\Windows\Tasks\HPCeeScheduleForBWOOKEY-HP$.job
2015-05-27 20:58 - 2014-04-30 18:06 - 00000000 ____D C:\Users\Bwookey\AppData\Local\Deployment
2015-05-27 00:04 - 2014-05-04 11:13 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-26 19:22 - 2014-04-30 18:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 16:10 - 2014-10-10 11:36 - 00000000 ____D C:\Users\Bwookey\AppData\Roaming\Origin
2015-05-20 03:00 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
 
==================== Files in the root of some directories =======
 
2015-01-04 19:24 - 2015-01-04 19:46 - 0000127 _____ () C:\Users\Bwookey\AppData\Roaming\Camdata.ini
2015-01-04 19:24 - 2015-01-04 19:46 - 0000408 _____ () C:\Users\Bwookey\AppData\Roaming\CamLayout.ini
2015-01-04 19:24 - 2015-01-04 19:46 - 0000408 _____ () C:\Users\Bwookey\AppData\Roaming\CamShapes.ini
2015-01-04 19:18 - 2015-01-04 19:46 - 0004535 _____ () C:\Users\Bwookey\AppData\Roaming\CamStudio.cfg
2015-05-15 20:46 - 2015-05-15 20:46 - 53205728 _____ () C:\Users\Bwookey\AppData\Roaming\chport.exe
2015-05-15 20:45 - 2015-05-15 20:45 - 243361280 _____ () C:\Users\Bwookey\AppData\Roaming\Launcher.rb4
2015-05-10 20:33 - 2015-05-16 21:02 - 0000001 _____ () C:\Users\Bwookey\AppData\Roaming\update.dat
2015-01-04 19:15 - 2015-01-04 19:32 - 0000096 _____ () C:\Users\Bwookey\AppData\Roaming\version2.xml
2014-08-28 21:35 - 2014-08-28 21:35 - 0000218 _____ () C:\Users\Bwookey\AppData\Local\recently-used.xbel
2014-08-22 09:27 - 2014-08-22 09:28 - 0007602 _____ () C:\Users\Bwookey\AppData\Local\resmon.resmoncfg
 
Files to move or delete:
====================
C:\Users\Bwookey\Captivate_8_x64_LS21.exe
 
 
Some files in TEMP:
====================
C:\Users\Bwookey\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnmmxw7.dll
C:\Users\Bwookey\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Bwookey\AppData\Local\Temp\Quarantine.exe
C:\Users\Bwookey\AppData\Local\Temp\sqlite3.dll
C:\Users\Bwookey\AppData\Local\Temp\{D1435320-FB8A-434A-9B9B-7BCACB9A4C63}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-03 16:52
 
==================== End of log ============================
 
ADWCleaner-
# AdwCleaner v4.206 - Logfile created 17/06/2015 at 09:39:23
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Bwookey - BWOOKEY-HP
# Running from : C:\Users\Bwookey\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
File Deleted : C:\Users\Bwookey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
File Deleted : C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.petango.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:50431;hxxps=127.0.0.1:50431
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v43.0.2357.124
 
[C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/
[C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : B4ECC39378E6BBD1B0CC703F92FEA1BD9A70FF40A8537CDDCF7D217D8B1D4944"},"software_reporter":{"prompt_reason":"8B3B0C67AB2F1EAEA6D0594CEF1E97480D1042EE1028C9D10C8F145BB5CC4702","prompt_seed":"0717E15836A6C6DCD2F899CDD2DB4DE8A8A50F0683EABC06053C3740C30EFB9D","prompt_version":"3280DAACFE67E25256C7FD3F81EE4473E9815200AA6A5CAA57634C16297711CE"},"sync":{"remaining_rollback_tries":"684129E267AF516DE80A1D0430D5F0DA18B4DFB0EDAF38BAF74D798A382546F6"}},"super_mac":"248504CA392024B122D2EF26E948CE0736BD8120274930AA0A37FEB4335D6A13"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3329910&octid=EB_ORIGINAL_CTID&ISID=MEC8185FB-3D9C-46D6-8DF1-47A05E4612A1&SearchSource=58&CUI=&UM=2&UP=SPD45340BA-7CE9-4A9B-B9D0-6012C5BBAB3F&q={searchTerms}&SSPV=
 
*************************
 
AdwCleaner[R0].txt - [8084 bytes] - [27/09/2014 13:01:35]
AdwCleaner[R1].txt - [4206 bytes] - [10/02/2015 23:32:55]
AdwCleaner[R2].txt - [1530 bytes] - [11/02/2015 02:00:11]
AdwCleaner[R3].txt - [3821 bytes] - [17/06/2015 09:35:05]
AdwCleaner[S0].txt - [7944 bytes] - [27/09/2014 13:04:20]
AdwCleaner[S1].txt - [4009 bytes] - [10/02/2015 23:37:28]
AdwCleaner[S2].txt - [3525 bytes] - [17/06/2015 09:39:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3584  bytes] ##########
 
RKill-
Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html
 
Program started at: 06/17/2015 02:28:19 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Modified HKCU\...\Winlogon: [Shell] => C:\ProgramData\nvxasync\cvxasync.exe
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
The first time I ran Rkill, it did stop a malware process but the second time, as you can see here, there is nothing now.
 
I just removed ATI from my computer, I'm hoping that helps. Any advice would be welcomed.

Edited by boopme, 17 June 2015 - 03:15 PM.


BC AdBot (Login to Remove)

 


#2 coffe4meplz

coffe4meplz
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 17 June 2015 - 04:13 PM

I didn't realize that my topic had been moved, here and reposted in the other forum but here:

I have malware it seems, I have no idea where it came from or how but its been giving me serious problems for a couple days now. When I try to open task manager, it closes it out, when I try to run updates it keeps it from updating, system restore, NOPE. I have researched pretty much everything, deleted the programs that I was able to find that is behind the malware. I have run rkill, roguekiller, hitman pro, malware bytes, anything I can find or try to get rid of it. They will delete the malware, I will restart my computer and its back. I have no idea what do and I am at my wits end. 



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,765 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:19 AM

Posted 19 June 2015 - 10:04 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

The fix will delete this proxy setting
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50431;https=127.0.0.1:50431


If you know what it is and is needed please remove the lines in the Code box below before saving the file.

===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Run: [nvxasync] => C:\Users\Bwookey\AppData\Roaming\nvxasync\nvxasync.exe [153822720 2015-05-15] ()
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe <==== ATTENTION
CHR HKU\S-1-5-21-3181938619-60246940-1412980263-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50431;https=127.0.0.1:50431
HKU\S-1-5-21-3181938619-60246940-1412980263-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
Toolbar: HKU\S-1-5-21-3181938619-60246940-1412980263-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR Extension: (avast! Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-17]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-04]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-30]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-20]
CHR Extension: (Ask Search) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2014-12-27]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-22]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-17]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-25]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-21]
CHR Extension: (Avast Online Security) - C:\Users\Bwookey\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-11]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
C:\Users\Bwookey\AppData\Roaming\nvxasync
C:\ProgramData\nvxasync

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,765 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:19 AM

Posted 24 June 2015 - 08:21 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,765 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:19 AM

Posted 29 June 2015 - 07:19 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users