Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware/adware autoinstalling and opening new internet pages


  • This topic is locked This topic is locked
6 replies to this topic

#1 LeroyRW

LeroyRW

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 28 June 2015 - 04:22 PM

Hello Bleeping Computer,

A few weeks ago I started having problems with ads in my browser. Every link I clicked and every new page I openend also opened a new window with ads.
Pages that normally had regular text also started having random words highlighted and turned into hyperlinks to similar ad pages.

Because my antivirus program (Bitdefender total security 2015) did not pick up this problem, I got the premium edition of MBAM. The only thing that came up was a file (PUP) in my appdata called appdataFR25.bin
I had MBAM removed it and thought that was that. But after restarting my computer the problem returned.

I have tried several programmes and solutions but nothing turned out to be permanent. I can give some more information on the problem though:

Browser: Google Chrome
-- I don't know which version when I got infected, but it has since been "upgraded" to the dev version: 43.0.2357.130 dev-m

Operating System: Windows 7 Professional N, 64 bit

Antivirus: Bitdefender Total Security 2015
-- This includes internet protection and firewall.


Malwarebytes premium is also running with live malware protection, but this was done AFTER I got infected.
After starting the live protection, MBAM has blocked the pages this malware/adware has been trying to send me to.
Blocked websites include:
-- Domain: boxbestwebscan.in (most frequent one)
-- IP: 52.10.219.161

-- Domain: here.sendevent.net
-- IP: 8.34.112.227

There was one other I have seen, but I can't find it anymore.

The self installing part is an extension in Google Chrome, called "gifter" with version 1.1 and id: ogminpmldncgcmokldnmmapddoccmhfl.
I have also seen an extension named "dealwithit"

By following another solution involving SpyHunter I found a few registry keys about BorderlineEdit.dll which appears to be malicious.

I can't think of anything else that's helpful at the moment, so below will be the FRST.txt text.

I hope you guys can help me.

Thanks in advance,

Leroy.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015
Ran by Leroy (administrator) on LEROY-LAPTOP on 28-06-2015 23:09:46
Running from D:\BrowserDownloads
Loaded Profiles: Leroy (Available Profiles: Leroy)
Platform: Windows 7 Professional N Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Insyde Software Corp.) C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\HotkeyService.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\HkeyTray.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Leroy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\hotkeyrtk.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\hkysound.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\ComboKeyTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [391784 2015-03-20] ()
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1695744 2015-06-23] (Bitdefender)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13764312 2014-10-07] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806000 2014-01-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600320 2015-02-03] (Razer Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2112000 2013-06-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKU\S-1-5-21-2356967475-77043003-3432433322-1000\...\Run: [Dropbox Update] => C:\Users\Leroy\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-2356967475-77043003-3432433322-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-2356967475-77043003-3432433322-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-23] (Bitdefender)
HKU\S-1-5-21-2356967475-77043003-3432433322-1000\...\MountPoints2: {4a8cc057-e50c-11e4-8486-806e6f6e6963} - F:\InstAll.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2015-05-29]
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-05-29]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{8F4E2FCA-A415-4293-8111-187B6BFB3F5E}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Leroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Leroy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Leroy\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2356967475-77043003-3432433322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2356967475-77043003-3432433322-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/nl-nl/?ocid=iehp
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-23] (Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-23] (Bitdefender)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-29] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-29] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-23] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-23] (Bitdefender)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{09285729-F065-45ED-9CD5-5841546EDCA2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{392BA109-89FA-4DD6-8A02-52482E94CF9B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D95A17BC-EB66-429B-9DE8-FD8D800AAE33}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-04-17]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-04-17]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17]
CHR Extension: (Duolingo on the Web) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-06-27]
CHR Extension: (Cards Against Originality) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\akccmajgihkbpjdmkceiamgkkplachhk [2015-06-26]
CHR Extension: (Google Docs) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17]
CHR Extension: (Google Drive) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-17]
CHR Extension: (Habitual) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblicfmcdjkhhnafcogoldjiihbnjili [2015-06-27]
CHR Extension: (Pulsate) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjilkkfelgjefpjbjfnfdhmmoglpbhli [2015-06-26]
CHR Extension: (YouTube) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-17]
CHR Extension: (Might and Magic Heroes Online) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bofmomibemibekfhdnbndompcedgimfl [2015-06-27]
CHR Extension: (Google Search) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-17]
CHR Extension: (Video Downloader professional) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-06-26]
CHR Extension: (Google Sheets) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-17]
CHR Extension: (Typing Word Game) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkoognbonphplmfhlabdhfgnkpkooiel [2015-06-27]
CHR Extension: (AdBlock) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-17]
CHR Extension: (ZenCast) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncgklnmcokagjlmdkjneiabailabkop [2015-06-27]
CHR Extension: (Ghostery) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-04-17]
CHR Extension: (Google Wallet) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-17]
CHR Extension: (Gmail) - C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-06-01] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-06-01] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237352 2015-04-17] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-08] (NVIDIA Corporation)
R2 HKClipSvc; C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe [246272 2014-09-24] (Insyde Software Corp.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-20] (Intel Corporation)
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-08] (NVIDIA Corporation)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [23552 2014-05-27] (CLEVO CO.) [File not signed]
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [360448 2014-08-28] (Qualcomm Atheros) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2015-06-23] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows ® Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-07] (Windows ® Win 7 DDK provider)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-06-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-06-23] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-04-17] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-04-17] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [97456 2014-08-13] (Qualcomm Atheros, Inc.)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [83688 2013-08-08] (Egis Technology Inc.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-06-23] (BitDefender LLC)
R3 HKKbdFltr; C:\Windows\System32\DRIVERS\HKKbdFltr.sys [41160 2014-09-24] (Insyde Software Corp.)
R3 HKMouFltr; C:\Windows\System32\DRIVERS\HKMouFltr.sys [40136 2014-09-24] (Insyde Software Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [43456 2014-11-23] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-06-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 Qcamain; C:\Windows\System32\DRIVERS\Qcamain7x64.sys [2216960 2014-08-27] (Qualcomm Atheros, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-01-09] (Synaptics Incorporated)
R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Windows ® Win 7 DDK provider)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-23] (BitDefender S.R.L.)
S3 vjoy; C:\Windows\System32\DRIVERS\vjoy.sys [44656 2014-09-15] (Shaul Eizikovich)
S1 ATKWMIACPIIO; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvkflt; system32\DRIVERS\nvkflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 23:09 - 2015-06-28 23:09 - 00000000 ____D C:\FRST
2015-06-28 20:30 - 2015-06-28 20:31 - 00000024 _____ C:\Users\Leroy\AppData\Roaming\appdataFr25.bin
2015-06-28 20:29 - 2015-06-28 20:29 - 00000958 _____ C:\Windows\PFRO.log
2015-06-28 18:48 - 2015-06-28 18:48 - 00000000 _____ C:\autoexec.bat
2015-06-28 16:23 - 2015-06-28 20:30 - 00000672 _____ C:\Windows\setupact.log
2015-06-28 16:23 - 2015-06-28 16:23 - 00000000 _____ C:\Windows\setuperr.log
2015-06-28 15:43 - 2015-06-28 15:43 - 00000000 ____D C:\Users\Leroy\Documents\ccleaner reg backup
2015-06-28 15:40 - 2015-06-28 15:40 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-06-28 15:40 - 2015-06-28 15:40 - 00000825 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-28 15:40 - 2015-06-28 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-28 15:40 - 2015-06-28 15:40 - 00000000 ____D C:\Program Files\CCleaner
2015-06-27 19:43 - 2015-06-27 19:43 - 00000000 ____D C:\Users\Leroy\Downloads\images
2015-06-27 00:10 - 2015-06-27 00:10 - 00002326 _____ C:\Users\Leroy\Desktop\App-opstartprogramma van Chrome.lnk
2015-06-27 00:10 - 2015-06-27 00:10 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-25 10:33 - 2015-06-27 22:29 - 00001239 _____ C:\Users\Leroy\Desktop\ARK_Launcher-SP.exe - Snelkoppeling.lnk
2015-06-24 11:06 - 2015-06-24 11:06 - 00000000 ___SH C:\Users\Leroy\AppData\Local\LumaEmu
2015-06-24 01:23 - 2015-06-24 01:23 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-24 01:00 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-24 01:00 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-24 01:00 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-24 01:00 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-24 01:00 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-24 01:00 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-24 01:00 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-24 01:00 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-24 01:00 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-24 01:00 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-24 01:00 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-24 01:00 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-24 01:00 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-24 01:00 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-24 01:00 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-24 01:00 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-24 00:59 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-24 00:59 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-24 00:59 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-24 00:59 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-24 00:59 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-24 00:59 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-24 00:59 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-24 00:59 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-24 00:59 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-24 00:59 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-24 00:59 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-24 00:59 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-24 00:59 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-24 00:59 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-24 00:59 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-24 00:59 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-24 00:59 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-24 00:59 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-24 00:59 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-24 00:59 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-24 00:59 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-24 00:59 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-24 00:59 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-24 00:59 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-24 00:59 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-24 00:59 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-24 00:59 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-24 00:59 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-24 00:59 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-24 00:59 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-24 00:59 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-24 00:59 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-24 00:59 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-24 00:59 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-24 00:59 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-24 00:59 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-24 00:59 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-24 00:59 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-24 00:59 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-24 00:59 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-24 00:59 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-24 00:59 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-24 00:59 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-24 00:59 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-24 00:59 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-24 00:59 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-24 00:59 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-24 00:59 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-24 00:59 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-24 00:59 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-24 00:59 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-24 00:59 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-24 00:59 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-24 00:59 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-24 00:59 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-24 00:59 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-24 00:59 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-24 00:59 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-24 00:59 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-24 00:59 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-24 00:58 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-24 00:58 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-24 00:58 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-23 23:20 - 2015-06-23 23:20 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\SpaceEngineers
2015-06-23 15:37 - 2015-06-23 15:37 - 00477272 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-06-23 15:37 - 2015-06-23 15:37 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-06-23 15:37 - 2015-06-23 15:37 - 00003518 _____ C:\Windows\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
2015-06-23 15:37 - 2015-06-23 15:37 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-23 11:02 - 2015-06-28 15:42 - 00000000 ____D C:\Windows\Minidump
2015-06-22 14:01 - 2015-06-22 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-22 14:01 - 2015-06-22 14:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-22 14:01 - 2015-06-22 14:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-16 11:31 - 2015-06-16 11:31 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-16 11:30 - 2015-06-28 22:35 - 00001024 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2356967475-77043003-3432433322-1000UA.job
2015-06-16 11:30 - 2015-06-25 11:35 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2356967475-77043003-3432433322-1000Core.job
2015-06-16 11:30 - 2015-06-16 11:30 - 00003994 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2356967475-77043003-3432433322-1000UA
2015-06-16 11:30 - 2015-06-16 11:30 - 00003598 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2356967475-77043003-3432433322-1000Core
2015-06-16 11:30 - 2015-06-16 11:30 - 00000000 ____D C:\Users\Leroy\AppData\Local\Dropbox
2015-06-16 11:30 - 2015-06-16 11:30 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-08 01:45 - 2015-06-28 12:45 - 00000000 ____D C:\Users\Leroy\Documents\The Witcher 3
2015-06-08 01:37 - 2015-06-08 01:37 - 00001050 _____ C:\Users\Public\Desktop\The Witcher® 3 - Wild Hunt.lnk
2015-06-08 01:37 - 2015-06-08 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-06-07 21:44 - 2015-06-28 21:08 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 21:43 - 2015-06-27 18:41 - 00000792 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-07 21:43 - 2015-06-27 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-07 21:43 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-07 21:43 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-07 21:43 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-07 21:43 - 2015-06-07 21:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-07 21:15 - 2015-06-07 21:16 - 00000000 ____D C:\Program Files (x86)\Indiloop
2015-06-07 21:15 - 2015-06-07 21:15 - 00000000 ____D C:\ProgramData\4955255339739151491
2015-06-07 12:09 - 2015-06-07 12:09 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-06-05 11:44 - 2015-06-05 11:44 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-06-05 11:44 - 2015-06-05 11:44 - 00000000 ____D C:\Windows\system32\NV
2015-06-05 11:43 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-05 11:43 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-05 11:43 - 2015-05-28 09:04 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-06-05 11:22 - 2015-06-05 11:22 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\Steam
2015-06-05 11:21 - 2015-06-22 10:42 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\MedievalEngineers
2015-06-05 01:44 - 2015-06-05 01:44 - 00000000 ____D C:\Users\Leroy\Documents\ComboKey
2015-06-04 22:42 - 2015-06-04 22:42 - 00000000 ____D C:\Users\Leroy\AppData\Local\Skyrim
2015-06-04 22:40 - 2015-06-04 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2015-06-04 16:04 - 2015-06-04 16:04 - 00000000 ____D C:\Users\Leroy\AppData\Local\Sniper Elite Nazi Zombie Army
2015-06-03 14:25 - 2015-06-03 14:26 - 00522272 _____ C:\Windows\system32\Drivers\fwdump_ar6320v2_reg.log
2015-06-03 14:25 - 2015-06-03 14:26 - 00458752 _____ C:\Windows\system32\Drivers\fwdump_ar6320v2_dram.log
2015-06-03 14:25 - 2015-06-03 14:26 - 00456350 _____ C:\Windows\system32\Drivers\dump_event_history.log
2015-06-03 14:25 - 2015-06-03 14:26 - 00137823 _____ C:\Windows\system32\Drivers\dump_cmd_history.log
2015-06-03 14:25 - 2015-06-03 14:26 - 00098304 _____ C:\Windows\system32\Drivers\fwdump_ar6320v2_axi.log
2015-06-03 14:25 - 2015-06-03 14:26 - 00003927 _____ C:\Windows\system32\Drivers\fwdump_ce_reg.log
2015-06-03 14:25 - 2015-06-03 14:25 - 00001107 _____ C:\Windows\system32\Drivers\firmware_assert.log
2015-06-03 14:25 - 2015-06-03 14:25 - 00000240 _____ C:\Windows\system32\Drivers\fwdump_cpu_ctx.log
2015-06-03 12:17 - 2015-06-03 12:17 - 00000012 _____ C:\Users\Leroy\Desktop\train.txt
2015-06-03 10:47 - 2015-06-03 10:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2015-06-03 10:42 - 2015-06-03 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-06-03 10:42 - 2015-06-03 10:42 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-06-03 00:46 - 2015-06-03 00:46 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\MK10
2015-06-02 23:41 - 2015-06-02 23:41 - 00001103 _____ C:\Users\Leroy\Desktop\Mortal Kombat X.lnk
2015-06-02 23:41 - 2015-06-02 23:41 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\Mortal Kombat X
2015-06-02 23:41 - 2015-06-02 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-02 21:19 - 2015-06-02 21:19 - 00000029 _____ C:\Users\Leroy\Desktop\key.txt
2015-06-02 17:28 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-06-02 17:28 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-06-01 00:54 - 2015-06-01 00:54 - 00000000 ____D C:\Users\Leroy\AppData\Local\Creative
2015-06-01 00:54 - 2015-06-01 00:54 - 00000000 ____D C:\ProgramData\Creative
2015-06-01 00:52 - 2015-06-01 00:52 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-06-01 00:52 - 2015-06-01 00:52 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-06-01 00:52 - 2015-06-01 00:52 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-06-01 00:52 - 2015-06-01 00:52 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-06-01 00:52 - 2015-06-01 00:52 - 00000159 ___RH C:\Windows\ctfile.rfc
2015-06-01 00:52 - 2015-06-01 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-06-01 00:52 - 2015-06-01 00:52 - 00000000 ____D C:\Program Files\Creative
2015-06-01 00:52 - 2013-07-03 14:11 - 00038528 ____N (Creative Technology Ltd.) C:\Windows\system32\MBCfg64.dll
2015-06-01 00:52 - 2013-07-03 14:11 - 00035456 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\MBCfg32.dll
2015-06-01 00:52 - 2013-04-23 10:54 - 00332928 ____N (Creative Technology Ltd.) C:\Windows\system32\ChezSC64.DLL
2015-06-01 00:52 - 2013-04-23 10:54 - 00288896 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ChezSC32.DLL
2015-06-01 00:52 - 2013-04-23 10:54 - 00148096 ____N (Creative Technology Ltd.) C:\Windows\system32\MBCfg64.exe
2015-06-01 00:52 - 2013-04-23 10:53 - 00138880 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\MBCfg32.exe
2015-06-01 00:52 - 2013-04-23 10:53 - 00015488 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ResDefA.exe
2015-06-01 00:52 - 2013-03-27 11:59 - 01903104 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2015-06-01 00:52 - 2013-03-27 11:56 - 02906589 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2015-06-01 00:52 - 2013-03-26 10:43 - 00004914 ____N C:\Windows\MBCfg_SP_APOIM.ini
2015-06-01 00:52 - 2013-03-26 10:43 - 00004862 ____N C:\Windows\MBCfg_APOIM.ini
2015-06-01 00:52 - 2013-03-26 10:43 - 00004821 ____N C:\Windows\MBCfg_HP_APOIM.ini
2015-06-01 00:52 - 2013-03-26 10:43 - 00001165 ____N C:\Windows\MBCfg_Capture_APOIM.ini
2015-06-01 00:52 - 2013-03-26 10:42 - 00013194 ____N C:\Windows\SysWOW64\MBCfg32.ini
2015-06-01 00:52 - 2013-03-26 10:42 - 00013194 ____N C:\Windows\system32\MBCfg64.ini
2015-06-01 00:52 - 2013-01-25 11:08 - 00089600 _____ C:\Windows\system32\CmdRtr64.DLL
2015-06-01 00:52 - 2013-01-25 11:07 - 00074240 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2015-06-01 00:52 - 2013-01-25 11:06 - 00328704 _____ C:\Windows\system32\APOMgr64.DLL
2015-06-01 00:52 - 2013-01-25 11:04 - 00248320 _____ C:\Windows\SysWOW64\APOMngr.DLL
2015-06-01 00:52 - 2013-01-08 10:13 - 00006968 ____N C:\Windows\system32\MBCfgUninstall64.ini
2015-06-01 00:52 - 2013-01-08 10:12 - 00006968 ____N C:\Windows\SysWOW64\MBCfgUninstall32.ini
2015-06-01 00:52 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2015-06-01 00:51 - 2015-06-01 00:52 - 00000000 ____D C:\Program Files (x86)\Creative
2015-06-01 00:50 - 2015-06-01 00:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_EGISFP_01_09_00.Wdf
2015-06-01 00:50 - 2015-06-01 00:50 - 00000000 ____D C:\Users\Leroy\AppData\Local\Downloaded Installations
2015-05-30 20:44 - 2014-10-14 13:20 - 04243288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-30 20:44 - 2014-10-14 08:45 - 00959192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-30 20:44 - 2014-10-14 07:43 - 02855128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-05-30 20:44 - 2014-10-13 08:07 - 01433335 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-30 20:44 - 2014-10-08 08:09 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-05-30 20:44 - 2014-09-30 11:06 - 02000128 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-05-30 20:44 - 2014-09-30 11:06 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-05-30 20:44 - 2014-09-12 07:34 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-30 20:44 - 2014-08-06 07:43 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-30 20:44 - 2014-06-17 07:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-30 20:44 - 2014-06-09 04:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-30 20:44 - 2014-04-10 06:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-05-30 20:44 - 2014-03-06 10:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-30 20:44 - 2014-02-18 11:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-30 20:44 - 2014-01-08 09:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-05-30 20:44 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-05-30 20:44 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-30 20:44 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-30 20:44 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-05-30 20:44 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-30 20:44 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-30 20:44 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-30 20:44 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-30 20:44 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-30 20:44 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-30 20:44 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-30 20:44 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-30 20:44 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-30 20:44 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-30 20:44 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-30 20:44 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-30 20:44 - 2009-11-18 01:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2015-05-30 20:38 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-30 20:38 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-30 20:34 - 2015-05-30 20:35 - 00000000 ____D C:\Users\Leroy\AppData\Local\NVIDIA
2015-05-30 20:34 - 2015-05-30 20:34 - 00001350 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-30 20:34 - 2015-05-30 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-30 20:34 - 2015-05-28 06:15 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-30 20:34 - 2015-05-28 06:15 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-30 20:34 - 2015-05-28 06:15 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-30 20:34 - 2015-05-28 06:15 - 01059472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-05-30 20:34 - 2015-05-28 06:15 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-30 20:34 - 2015-05-28 06:15 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-30 20:34 - 2015-05-28 06:15 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-05-30 20:34 - 2015-05-28 06:15 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-30 20:34 - 2015-05-27 12:48 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-30 20:34 - 2014-09-08 13:48 - 02799272 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-30 20:34 - 2014-09-08 13:48 - 02193560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-30 20:34 - 2014-09-08 13:48 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-30 20:34 - 2014-09-08 13:48 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-30 20:33 - 2015-05-28 09:04 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-30 20:33 - 2015-05-28 09:04 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-30 20:33 - 2014-09-05 17:42 - 01876312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434400.dll
2015-05-30 20:33 - 2014-09-05 17:42 - 01541448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434400.dll
2015-05-30 20:33 - 2014-09-04 06:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-30 20:33 - 2014-09-04 06:14 - 00034976 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-05-30 20:33 - 2014-09-04 06:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-05-30 20:30 - 2015-05-30 20:30 - 00001173 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.0.lnk
2015-05-30 20:30 - 2015-05-30 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-05-30 20:30 - 2015-05-30 20:30 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2015-05-30 19:48 - 2012-02-19 20:16 - 00252712 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2015-05-30 17:39 - 2015-05-30 17:39 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-05-30 00:07 - 2015-05-30 00:07 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-29 23:51 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-29 23:51 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-29 23:51 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-29 23:51 - 2015-05-28 09:04 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-29 23:51 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-29 23:51 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-29 23:32 - 2015-05-30 20:32 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-29 23:30 - 2015-05-30 20:31 - 00000700 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2015-05-29 23:29 - 2015-05-29 23:29 - 00000000 ____D C:\ProgramData\IntelDLM
2015-05-29 23:29 - 2015-03-20 17:18 - 24806000 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 24007768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 17765456 _____ C:\Windows\system32\igd11dxva64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 17289048 _____ C:\Windows\SysWOW64\igd11dxva32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 15980032 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 10850816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 09505280 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 09414176 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 08622624 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 07481344 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 06710542 _____ C:\Windows\system32\igdclbif.bin
2015-05-29 23:29 - 2015-03-20 17:18 - 06080608 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 04888368 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-05-29 23:29 - 2015-03-20 17:18 - 04788464 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 03583488 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 03318272 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2015-05-29 23:29 - 2015-03-20 17:18 - 02024960 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01637200 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01402336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01399240 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01369088 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01269960 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01063936 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 01029736 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 01026152 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00696832 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00641530 _____ C:\Windows\system32\FilmModeDetection.wmv
2015-05-29 23:29 - 2015-03-20 17:18 - 00623616 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00460048 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2015-05-29 23:29 - 2015-03-20 17:18 - 00448104 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00403671 _____ C:\Windows\system32\ImageStabilization.wmv
2015-05-29 23:29 - 2015-03-20 17:18 - 00398848 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00391784 _____ C:\Windows\system32\igfxTray.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00385024 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00375173 _____ C:\Windows\system32\ColorImageEnhancement.wmv
2015-05-29 23:29 - 2015-03-20 17:18 - 00355328 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00350720 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00344168 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00338536 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00338024 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00313448 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00282696 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00263120 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00255488 _____ C:\Windows\system32\igfxCPL.cpl
2015-05-29 23:29 - 2015-03-20 17:18 - 00248424 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00229888 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00227328 _____ C:\Windows\system32\igdde64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00217704 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00213504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00211656 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00187904 _____ C:\Windows\SysWOW64\igdde32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00183296 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4170.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00178672 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00178176 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00169984 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00156264 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2015-05-29 23:29 - 2015-03-20 17:18 - 00152064 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00086528 _____ C:\Windows\system32\igfxCUIServicePS.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00086528 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00060416 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2015-05-29 23:29 - 2015-03-20 17:18 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2015-05-29 23:29 - 2015-03-20 17:18 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2015-05-29 23:29 - 2015-03-20 17:18 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2015-05-29 23:29 - 2015-03-20 17:18 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2015-05-29 23:29 - 2015-03-20 17:18 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2015-05-29 23:29 - 2015-03-20 17:18 - 00035328 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2015-05-29 23:29 - 2015-03-20 17:18 - 00004016 _____ C:\Windows\system32\iglhxs64.vp
2015-05-29 23:29 - 2015-03-20 17:18 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2015-05-29 23:28 - 2015-05-29 23:28 - 00000000 ____D C:\Users\Leroy\AppData\Local\Intel
2015-05-29 23:25 - 2015-05-30 20:35 - 00000000 ____D C:\Users\Leroy\AppData\Local\NVIDIA Corporation
2015-05-29 23:24 - 2015-06-05 11:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-05-29 23:24 - 2015-06-05 11:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-05-29 23:23 - 2015-06-05 11:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-29 23:21 - 2015-05-29 23:21 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-05-29 23:21 - 2015-05-29 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-29 23:21 - 2015-05-29 23:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-05-29 23:15 - 2015-05-30 19:53 - 00000000 ____D C:\Windows\system32\appmgmt
2015-05-29 23:15 - 2015-05-29 23:15 - 00000000 _____ C:\Windows\SysWOW64\RENF68E.tmp
2015-05-29 23:14 - 2015-05-29 23:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-05-29 23:13 - 2015-05-29 23:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-05-29 23:13 - 2015-05-29 23:13 - 00000000 ____D C:\Program Files\Synaptics
2015-05-29 22:57 - 2015-05-29 23:04 - 00000000 ____D C:\ProgramData\Qualcomm
2015-05-29 22:57 - 2015-05-29 22:57 - 00002783 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk
2015-05-29 22:57 - 2015-05-29 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2015-05-29 22:56 - 2015-05-29 22:56 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-05-29 22:56 - 2015-05-29 22:56 - 00000000 ____D C:\Program Files\Qualcomm Atheros
2015-05-29 22:56 - 2015-05-29 22:56 - 00000000 _____ C:\Users\Leroy\AppData\Local\Driver_11ACPresent.flag
2015-05-29 22:56 - 2014-08-27 11:48 - 02216960 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\Qcamain7x64.sys
2015-05-29 22:56 - 2014-07-29 16:37 - 00008124 _____ C:\Windows\system32\Drivers\eeprom_ar6320_2p1_NFA344i.bin
2015-05-29 22:55 - 2015-05-30 20:21 - 00014985 _____ C:\Windows\SysWOW64\Gms.log
2015-05-29 22:55 - 2014-09-24 16:08 - 00041160 _____ (Insyde Software Corp.) C:\Windows\system32\Drivers\HKKbdFltr.sys
2015-05-29 22:55 - 2014-09-24 16:08 - 00040136 _____ (Insyde Software Corp.) C:\Windows\system32\Drivers\HKMouFltr.sys
2015-05-29 22:54 - 2015-05-29 22:55 - 00000000 ____D C:\Program Files (x86)\Hotkey
2015-05-29 22:54 - 2015-05-29 22:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-05-29 22:54 - 2015-05-29 22:54 - 00000000 ____D C:\Users\Leroy\Intel
2015-05-29 22:54 - 2014-05-28 10:16 - 00012288 _____ (Windows ® 2000 DDK provider) C:\Windows\SysWOW64\CLEVOMOF.dll
2015-05-29 22:54 - 2013-07-31 16:55 - 00010752 _____ (Microsoft) C:\Windows\SysWOW64\BTControl.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 22:45 - 2015-04-17 16:21 - 01479690 _____ C:\Windows\WindowsUpdate.log
2015-06-28 22:32 - 2015-04-17 17:20 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-28 20:53 - 2015-04-18 21:10 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\vlc
2015-06-28 20:43 - 2011-04-12 14:12 - 00745998 _____ C:\Windows\system32\perfh013.dat
2015-06-28 20:43 - 2011-04-12 14:12 - 00153918 _____ C:\Windows\system32\perfc013.dat
2015-06-28 20:43 - 2009-07-14 07:12 - 01670888 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-28 20:37 - 2009-07-14 06:50 - 00021360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-28 20:37 - 2009-07-14 06:50 - 00021360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-28 20:30 - 2015-04-17 22:07 - 00000000 ___RD C:\Users\Leroy\Dropbox
2015-06-28 20:30 - 2015-04-17 22:06 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\Dropbox
2015-06-28 20:30 - 2015-04-17 17:20 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-28 20:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-28 20:29 - 2009-07-14 07:38 - 00000000 ____D C:\Windows\Offline Web Pages
2015-06-28 18:48 - 2015-04-17 16:21 - 00000000 ____D C:\Users\Leroy
2015-06-28 15:45 - 2015-04-17 16:46 - 00003232 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-06-28 15:42 - 2015-04-17 22:20 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-28 15:42 - 2015-04-17 17:15 - 00000000 ____D C:\Windows\Panther
2015-06-28 15:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-06-25 18:13 - 2015-04-30 15:09 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\Spotify
2015-06-25 13:47 - 2015-05-27 18:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 13:27 - 2015-04-30 15:09 - 00000000 ____D C:\Users\Leroy\AppData\Local\Spotify
2015-06-24 10:36 - 2015-04-17 21:46 - 00000000 ____D C:\ProgramData\BDLogging
2015-06-24 10:03 - 2009-07-14 06:50 - 00263952 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-24 10:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-23 15:37 - 2015-04-17 23:03 - 00160032 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-06-23 15:37 - 2015-04-17 21:46 - 00747120 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-06-23 15:36 - 2015-04-17 21:46 - 01369288 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-06-23 11:06 - 2015-05-08 13:32 - 00000000 ____D C:\Program Files (x86)\AirDroid
2015-06-23 11:05 - 2015-05-08 13:32 - 00000000 ____D C:\Users\Leroy\Documents\AirDroid
2015-06-08 01:45 - 2015-04-22 13:25 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\NVIDIA
2015-06-08 01:37 - 2009-07-14 07:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-05 01:45 - 2009-07-14 07:38 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2015-06-03 03:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-03 02:28 - 2015-04-17 16:53 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-06-03 02:28 - 2015-04-17 16:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-02 23:41 - 2015-04-22 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-02 21:20 - 2015-04-17 16:39 - 00058008 _____ C:\Users\Leroy\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-02 18:32 - 2015-05-19 19:21 - 00000000 ____D C:\Program Files (x86)\Razer
2015-06-01 00:50 - 2009-07-14 07:38 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-05-30 20:45 - 2015-04-17 16:54 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-05-30 20:45 - 2015-04-17 16:53 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-05-30 20:39 - 2015-04-17 17:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-05-30 20:39 - 2015-04-17 16:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-30 20:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-05-30 20:32 - 2015-04-17 17:02 - 00018484 _____ C:\Windows\system32\results.xml
2015-05-30 20:31 - 2015-04-17 16:54 - 00000000 ____D C:\Intel
2015-05-30 20:25 - 2015-04-17 16:55 - 00000000 ____D C:\Program Files (x86)\Intel
2015-05-30 20:22 - 2015-04-17 17:11 - 00000000 ____D C:\ProgramData\Intel
2015-05-30 20:22 - 2015-04-17 17:09 - 00000000 ____D C:\Program Files\Intel
2015-05-30 19:56 - 2015-04-17 16:33 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-05-30 19:55 - 2015-04-17 16:35 - 00000000 ____D C:\Users\Leroy\AppData\Roaming\ASUS
2015-05-30 19:53 - 2015-04-17 16:47 - 00000000 ____D C:\Program Files\ASUS
2015-05-29 22:17 - 2015-04-17 16:21 - 00000000 ____D C:\Users\Leroy\AppData\Local\VirtualStore
2015-05-29 22:16 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

==================== Files in the root of some directories =======

2015-06-28 20:30 - 2015-06-28 20:31 - 0000024 _____ () C:\Users\Leroy\AppData\Roaming\appdataFr25.bin
2015-05-29 22:56 - 2015-05-29 22:56 - 0000000 _____ () C:\Users\Leroy\AppData\Local\Driver_11ACPresent.flag
2015-06-24 11:06 - 2015-06-24 11:06 - 0000000 ___SH () C:\Users\Leroy\AppData\Local\LumaEmu
2015-04-17 21:46 - 2015-04-17 21:46 - 0513845 _____ () C:\ProgramData\1429299918.bdinstall.bin

Some files in TEMP:
====================
C:\Users\Leroy\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Leroy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0aabs8.dll
C:\Users\Leroy\AppData\Local\Temp\EsgInstallerx64Stub.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-23 14:57

==================== End of log ============================

Attached Files


Edited by LeroyRW, 28 June 2015 - 04:51 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:44 AM

Posted 30 June 2015 - 08:17 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
S1 ATKWMIACPIIO; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvkflt; system32\DRIVERS\nvkflt.sys [X]

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

CHR dev: Chrome dev build detected! <======= ATTENTION

Your copy of Chrome has been compromised

Re-install Chrome

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants.

Clear your Chrome cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

===

Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

If you want to save your passwords as well see here: http://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Re-install Chrome and the Bookmarks.

If you want to save all your settings refer to this page.
Follow the instructions before removing Chrome.
http://juan2geek.com/how-to-backup-and-restore-entire-google-chrome-setting/
<<<>>>

How is the computer running?

#3 LeroyRW

LeroyRW
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 30 June 2015 - 12:53 PM

Hi nasdaq,

 

I did what you told me, and after re-installing and restarting the chrome extension hasn't installed again and it's back to the regular, non dev, version. However, Malwarebytes did warn me about the appdataFR25.bin file again.

 

Here are the logs from the Farbar tool and AdwCleaner.

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015
Ran by Leroy at 2015-06-30 19:32:17 Run:1
Running from D:\BrowserDownloads
Loaded Profiles: Leroy (Available Profiles: Leroy)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
EmptyTemp:
CloseProcesses:
 
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
S1 ATKWMIACPIIO; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvkflt; system32\DRIVERS\nvkflt.sys [X]
 
End
*****************
 
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fabcmochhfpldjekobfaaggijgohadih" => key removed successfully
ATKWMIACPIIO => Service removed successfully
L1C => Service removed successfully
NVHDA => Service removed successfully
nvkflt => Service removed successfully
EmptyTemp: => 1 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 19:32:20 ====
 
 
 
 
# AdwCleaner v4.207 - Logbestand aangemaakt 30/06/2015 op 19:37:18
# Laatste update 21/06/2015 door Xplode
# Database : 2015-06-29.1 [Server]
# Besturingssysteem : Windows 7 Professional N Service Pack 1 (x64)
# Gebruikersnaam : Leroy - LEROY-LAPTOP
# Gestart vanuit : C:\Users\Leroy\Desktop\adwcleaner_4.207.exe
# Optie : Scannen
 
***** [ Services ] *****
 
Service Gevonden : BdSandBox
 
***** [ Bestanden / Mappen ] *****
 
Map Gevonden : C:\ProgramData\4955255339739151491
 
***** [ Geplande taken ] *****
 
 
***** [ Snelkoppelingen ] *****
 
 
***** [ Register ] *****
 
Sleutel Gevonden : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Sleutel Gevonden : HKLM\SOFTWARE\f29d1919-6b1c-eb34-0be1-e993441742a1
 
***** [ Webbrowsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.130
 
 
*************************
 
AdwCleaner[R0].txt - [880 bytes] - [30/06/2015 19:37:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [938 bytes] ##########
 


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:44 AM

Posted 30 June 2015 - 01:34 PM

Please run the Cleaning option with the AdwCleaner tool.

You may wish to keep this service.
Service Gevonden : BdSandBox

Read about it.
http://www.pcmag.com/article2/0,2817,2430255,00.asp

I remove the rest of the items that were found.

===

How is the computer running now?

#5 LeroyRW

LeroyRW
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 01 July 2015 - 03:40 AM

Ran it again and after the restart everything is fine.

 

Thank you very much! :)



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:44 AM

Posted 01 July 2015 - 06:31 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:44 AM

Posted 07 July 2015 - 07:45 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users