Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to download any files


  • This topic is locked This topic is locked
31 replies to this topic

#1 mipstien

mipstien

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 26 July 2015 - 07:45 PM

I am unable to download any files in IE saying it contained a virus and was deleted. I had to get the scanner tool from another pc. I was having Chrome apps like "RandomApp" and "Ad Remover." I had chrome but it was the main problem. after I attempted clean up it was fine for about a week and then it popped back up. I uninstalled and then chrome wouldn't download again in IE. Now here I am. Also I can not install chrome no matter what I attempt currently. I have the standalone installer and it errors out as well.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
Ran by mipstien (administrator) on MIPSTIEN-PC (26-07-2015 20:36:34)
Running from K:\Users\mipstien\Desktop\frst
Loaded Profiles: mipstien (Available Profiles: mipstien)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) K:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) K:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) K:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) K:\Windows\System32\nvvsvc.exe
(Apple Inc.) K:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\BubbleUPnP Server\BubbleUPnPServer.exe
(NVIDIA Corporation) K:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent Inc.) K:\Users\mipstien\AppData\Roaming\uTorrent\uTorrent.exe
() K:\Program Files (x86)\No-IP\DUC40.exe
(Dropbox, Inc.) K:\Users\mipstien\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mega Limited) K:\ProgramData\MEGAsync\MEGAsync.exe
(NVIDIA Corporation) K:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) K:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() K:\Windows\SysWOW64\PnkBstrA.exe
(Tanuki Software, Ltd.) K:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
(Splashtop Inc.) K:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) K:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Splashtop Inc.) K:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(StarWind Software) K:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() K:\ProgramData\TVersity\Media Server\MediaServer.exe
(Oracle Corporation) K:\Windows\SysWOW64\java.exe
(NVIDIA Corporation) K:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Splashtop Inc.) K:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(The Chromium Authors) K:\ProgramData\TVersity\Media Server\berkelium.exe
(NVIDIA Corporation) K:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) K:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) K:\Windows\System32\UI0Detect.exe
(Panasonic Corporation) K:\Program Files (x86)\Panasonic\bnsdusb\bnsdusb.exe
(Microsoft Corporation) K:\Windows\System32\GWX\GWX.exe
(Valve Corporation) K:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) K:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) K:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) K:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() K:\Program Files (x86)\No-IP\ducservice.exe
(Microsoft Corporation) K:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) K:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) K:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe
(Microsoft Corporation) K:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) K:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => K:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => K:\Windows\system32\rundll32.exe K:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\...\Run: [Steam] => K:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-23] (Valve Corporation)
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\...\Run: [DAEMON Tools Lite] => K:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\...\Run: [EADM] => g:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-05] (Electronic Arts)
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\...\Run: [uTorrent] => K:\Users\mipstien\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.)
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\...\Run: [AlcoholAutomount] => K:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\...\Run: [NoIPDUCv4] => K:\Program Files (x86)\No-IP\DUC40.exe [346624 2014-05-02] ()
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\...\Run: [Dropbox Update] => K:\Users\mipstien\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
Startup: K:\Users\mipstien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-28]
ShortcutTarget: Dropbox.lnk -> K:\Users\mipstien\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: K:\Users\mipstien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2014-09-02]
ShortcutTarget: MEGAsync.lnk -> K:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: K:\Users\mipstien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk [2013-08-28]
ShortcutTarget: Serviio.lnk -> K:\Program Files\Serviio\bin\ServiioConsole.exe ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => K:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => K:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => K:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => K:\Users\mipstien\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => K:\Users\mipstien\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => K:\Users\mipstien\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => K:\Users\mipstien\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => K:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => K:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => K:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => K:\Users\mipstien\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => K:\Users\mipstien\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => K:\Users\mipstien\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?PC=AV01
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4175700417-2625130506-3875332652-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> K:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> K:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-02] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> K:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> K:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-02] (Oracle Corporation)
Tcpip\..\Interfaces\{1EA92238-8A4B-4363-942E-7DB8097E5763}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> K:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> K:\Windows\system32\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> K:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> K:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> K:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> K:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> K:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> K:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> K:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> K:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> K:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> K:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> K:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> K:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> K:\Users\mipstien\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2013-03-30] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> K:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> K:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> K:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> K:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; K:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AxAutoMntSrv; K:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 BubbleUPnP Server; c:\Program Files (x86)\BubbleUPnP Server\BubbleUPnPServer.exe [420352 2014-07-24] () [File not signed]
S2 MBAMService; K:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NoIPDUCService4; K:\Program Files (x86)\No-IP\ducservice.exe [11776 2014-05-02] () [File not signed]
R2 NvNetworkService; K:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; K:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-05] (Electronic Arts)
R2 PnkBstrA; K:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-31] ()
R2 PS3 Media Server; K:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [366872 2011-05-17] (Tanuki Software, Ltd.)
S2 Serviio; K:\Program Files\Serviio\bin\ServiioService.exe [359936 2013-08-07] () [File not signed]
R2 StarWindServiceAE; K:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TVersityMediaServer; K:\ProgramData\TVersity\Media Server\MediaServer.exe [5279528 2012-08-10] ()
S2 WinDefend; K:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "K:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "K:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL001; K:\Windows\System32\DRIVERS\l160x64.sys [58368 2009-06-24] (Atheros Communications, Inc.)
S3 bnsdusb; K:\Windows\System32\DRIVERS\bnsdusb.sys [26776 2011-05-10] (Panasonic Corporation)
R1 dtsoftbus01; K:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-27] (DT Soft Ltd)
R3 MBAMProtector; K:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; K:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; K:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NvStreamKms; K:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; K:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Rockusb; K:\Windows\System32\DRIVERS\rockusb.sys [65688 2013-03-12] (Fuzhou Rockchip Electronics Co,Ltd.)
R0 sptd; K:\Windows\System32\Drivers\sptd.sys [564824 2014-01-01] (Duplex Secure Ltd.)
S3 taphss6; K:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-08-12] (Anchorfree Inc.)
U3 a0jdk2t0; K:\Windows\System32\Drivers\a0jdk2t0.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 ax1ywohw; K:\Windows\System32\Drivers\ax1ywohw.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\K:\bacon\catchme.sys [X]
S3 DisplayLinkUsbIo_x64; system32\DRIVERS\DisplayLinkUsbIo_x64_7.5.54609.0.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tbupddsu; system32\DRIVERS\tbupddsu.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 upddvh; system32\DRIVERS\upddvh.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-26 20:36 - 2015-07-26 20:36 - 00000000 ____D K:\Users\mipstien\Desktop\frst
2015-07-26 20:36 - 2015-07-26 20:36 - 00000000 ____D K:\FRST
2015-07-26 18:01 - 2015-07-26 18:01 - 00001182 _____ K:\Users\mipstien\Desktop\JRT.txt
2015-07-26 17:32 - 2015-07-26 17:32 - 00036120 _____ K:\ComboFix.txt
2015-07-26 10:23 - 2015-07-26 10:23 - 44392528 _____ (Google Inc.) K:\Users\mipstien\Downloads\ChromeStandaloneSetup.exe
2015-07-26 09:52 - 2015-07-26 09:52 - 00013240 _____ K:\Users\mipstien\Desktop\backupchrome.reg
2015-07-26 09:46 - 2015-07-26 10:19 - 00000000 ____D K:\AdwCleaner
2015-07-26 09:43 - 2015-07-26 09:43 - 02248704 _____ K:\Users\mipstien\Desktop\adwcleaner_4.208 (1).exe
2015-07-26 09:41 - 2015-07-26 09:41 - 02953520 _____ (AVAST Software) K:\Users\mipstien\Desktop\avast-browser-cleanup.exe
2015-07-25 22:49 - 2015-07-25 22:49 - 00015347 _____ K:\Users\mipstien\Downloads\[kat.cr]home.2015.1080p.brrip.x264.yify.torrent
2015-07-22 22:08 - 2015-07-23 08:22 - 00000000 ____D K:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-22 22:08 - 2015-07-22 22:08 - 16502728 _____ (Malwarebytes Corp.) K:\Users\mipstien\Downloads\mbar-1.09.1.1004.exe
2015-07-22 21:28 - 2015-07-22 21:28 - 00007020 _____ K:\Users\mipstien\Downloads\rxcode.bin
2015-07-22 21:27 - 2015-07-22 21:27 - 00003160 _____ K:\Users\mipstien\Downloads\spiderprof.zip
2015-07-22 18:44 - 2015-07-22 18:44 - 15124038 _____ K:\Users\mipstien\Downloads\rxTools-v3.0-Beta7-preAlpha1_2015-07-20_Gadorach&nastys-build.7z
2015-07-21 23:21 - 2015-07-21 23:22 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-21 00:07 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) K:\Windows\system32\fontsub.dll
2015-07-21 00:07 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) K:\Windows\system32\atmlib.dll
2015-07-21 00:07 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) K:\Windows\system32\lpk.dll
2015-07-21 00:07 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) K:\Windows\system32\dciman32.dll
2015-07-21 00:07 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) K:\Windows\SysWOW64\fontsub.dll
2015-07-21 00:07 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) K:\Windows\SysWOW64\atmlib.dll
2015-07-21 00:07 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) K:\Windows\SysWOW64\dciman32.dll
2015-07-21 00:07 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) K:\Windows\SysWOW64\lpk.dll
2015-07-21 00:07 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) K:\Windows\system32\atmfd.dll
2015-07-21 00:07 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) K:\Windows\SysWOW64\atmfd.dll
2015-07-18 10:12 - 2015-07-18 10:12 - 00291936 _____ K:\Windows\Minidump\071815-12012-01.dmp
2015-07-15 22:58 - 2015-07-15 22:58 - 00931408 _____ (Google Inc.) K:\Users\mipstien\Downloads\ChromeSetup.exe
2015-07-15 22:37 - 2015-07-15 22:37 - 00000276 _____ K:\Users\mipstien\Downloads\debug.log
2015-07-15 22:29 - 2015-07-15 22:29 - 02248704 _____ K:\Users\mipstien\Downloads\adwcleaner_4.208.exe
2015-07-15 21:17 - 2015-07-15 21:17 - 09620767 _____ (Snoop05) K:\Users\mipstien\Downloads\adb-setup-1.4.2.exe
2015-07-15 21:17 - 2015-07-15 21:17 - 00000000 ____D K:\Program Files\DIFX
2015-07-15 21:17 - 2015-07-15 21:17 - 00000000 ____D K:\adb
2015-07-15 11:22 - 2015-07-15 11:22 - 00002954 _____ K:\Windows\System32\Tasks\{1C318F27-3BC1-4CC3-86CE-2FCF21A5F65A}
2015-07-15 03:01 - 2015-07-15 03:01 - 00002697 _____ K:\Users\Public\Desktop\Skype.lnk
2015-07-15 03:01 - 2015-07-15 03:01 - 00000000 ___RD K:\Program Files (x86)\Skype
2015-07-15 03:01 - 2015-07-15 03:01 - 00000000 ____D K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-15 02:01 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) K:\Windows\SysWOW64\mshtml.dll
2015-07-15 02:01 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) K:\Windows\SysWOW64\mshtml.tlb
2015-07-15 02:01 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) K:\Windows\SysWOW64\iertutil.dll
2015-07-15 02:01 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) K:\Windows\system32\mshtml.dll
2015-07-15 02:01 - 2015-07-02 16:46 - 00479232 _____ (Microsoft Corporation) K:\Windows\SysWOW64\ieui.dll
2015-07-15 02:01 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) K:\Windows\system32\mshtml.tlb
2015-07-15 02:01 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) K:\Windows\system32\iertutil.dll
2015-07-15 02:01 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) K:\Windows\SysWOW64\ieframe.dll
2015-07-15 02:01 - 2015-07-02 16:12 - 00615936 _____ (Microsoft Corporation) K:\Windows\system32\ieui.dll
2015-07-15 02:01 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) K:\Windows\SysWOW64\urlmon.dll
2015-07-15 02:01 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) K:\Windows\system32\ieframe.dll
2015-07-15 02:01 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) K:\Windows\system32\urlmon.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 03154944 _____ (Microsoft Corporation) K:\Windows\system32\wucltux.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 02603008 _____ (Microsoft Corporation) K:\Windows\system32\wuaueng.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 00696320 _____ (Microsoft Corporation) K:\Windows\system32\wuapi.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 00192000 _____ (Microsoft Corporation) K:\Windows\system32\wuwebv.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 00139776 _____ (Microsoft Corporation) K:\Windows\system32\wuauclt.exe
2015-07-15 02:00 - 2015-07-09 13:58 - 00098304 _____ (Microsoft Corporation) K:\Windows\system32\wudriver.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 00091136 _____ (Microsoft Corporation) K:\Windows\system32\WinSetupUI.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 00037888 _____ (Microsoft Corporation) K:\Windows\system32\wups2.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 00037376 _____ (Microsoft Corporation) K:\Windows\system32\wuapp.exe
2015-07-15 02:00 - 2015-07-09 13:58 - 00036864 _____ (Microsoft Corporation) K:\Windows\system32\wups.dll
2015-07-15 02:00 - 2015-07-09 13:58 - 00012288 _____ (Microsoft Corporation) K:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 02:00 - 2015-07-09 13:43 - 00566784 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wuapi.dll
2015-07-15 02:00 - 2015-07-09 13:43 - 00173056 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wuwebv.dll
2015-07-15 02:00 - 2015-07-09 13:43 - 00093184 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wudriver.dll
2015-07-15 02:00 - 2015-07-09 13:43 - 00030208 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wups.dll
2015-07-15 02:00 - 2015-07-09 13:42 - 00034816 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wuapp.exe
2015-07-15 02:00 - 2015-06-26 22:47 - 00814080 _____ (Microsoft Corporation) K:\Windows\system32\jscript9diag.dll
2015-07-15 02:00 - 2015-06-26 22:43 - 05923840 _____ (Microsoft Corporation) K:\Windows\system32\jscript9.dll
2015-07-15 02:00 - 2015-06-26 21:58 - 00620032 _____ (Microsoft Corporation) K:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 02:00 - 2015-06-26 21:39 - 04520448 _____ (Microsoft Corporation) K:\Windows\SysWOW64\jscript9.dll
2015-07-15 02:00 - 2015-06-25 14:09 - 00389832 _____ (Microsoft Corporation) K:\Windows\system32\iedkcs32.dll
2015-07-15 02:00 - 2015-06-25 13:43 - 00342736 _____ (Microsoft Corporation) K:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 02:00 - 2015-06-25 04:57 - 03207168 _____ (Microsoft Corporation) K:\Windows\system32\win32k.sys
2015-07-15 02:00 - 2015-06-20 16:06 - 00004096 _____ (Microsoft Corporation) K:\Windows\system32\ieetwcollectorres.dll
2015-07-15 02:00 - 2015-06-20 15:50 - 00066560 _____ (Microsoft Corporation) K:\Windows\system32\iesetup.dll
2015-07-15 02:00 - 2015-06-20 15:49 - 00584192 _____ (Microsoft Corporation) K:\Windows\system32\vbscript.dll
2015-07-15 02:00 - 2015-06-20 15:49 - 00048640 _____ (Microsoft Corporation) K:\Windows\system32\ieetwproxystub.dll
2015-07-15 02:00 - 2015-06-20 15:40 - 00054784 _____ (Microsoft Corporation) K:\Windows\system32\jsproxy.dll
2015-07-15 02:00 - 2015-06-20 15:39 - 00034304 _____ (Microsoft Corporation) K:\Windows\system32\iernonce.dll
2015-07-15 02:00 - 2015-06-20 15:34 - 00144384 _____ (Microsoft Corporation) K:\Windows\system32\ieUnatt.exe
2015-07-15 02:00 - 2015-06-20 15:34 - 00114688 _____ (Microsoft Corporation) K:\Windows\system32\ieetwcollector.exe
2015-07-15 02:00 - 2015-06-20 15:25 - 00968704 _____ (Microsoft Corporation) K:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 02:00 - 2015-06-20 15:21 - 00490496 _____ (Microsoft Corporation) K:\Windows\system32\dxtmsft.dll
2015-07-15 02:00 - 2015-06-20 15:13 - 00077824 _____ (Microsoft Corporation) K:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 02:00 - 2015-06-20 15:07 - 00092160 _____ (Microsoft Corporation) K:\Windows\system32\mshtmled.dll
2015-07-15 02:00 - 2015-06-20 15:05 - 00316928 _____ (Microsoft Corporation) K:\Windows\system32\dxtrans.dll
2015-07-15 02:00 - 2015-06-20 14:48 - 00801280 _____ (Microsoft Corporation) K:\Windows\system32\msfeeds.dll
2015-07-15 02:00 - 2015-06-20 14:48 - 00720384 _____ (Microsoft Corporation) K:\Windows\system32\ie4uinit.exe
2015-07-15 02:00 - 2015-06-20 14:46 - 02125824 _____ (Microsoft Corporation) K:\Windows\system32\inetcpl.cpl
2015-07-15 02:00 - 2015-06-20 14:46 - 01359360 _____ (Microsoft Corporation) K:\Windows\system32\mshtmlmedia.dll
2015-07-15 02:00 - 2015-06-20 14:02 - 00800768 _____ (Microsoft Corporation) K:\Windows\system32\ieapfltr.dll
2015-07-15 02:00 - 2015-06-19 14:25 - 00504320 _____ (Microsoft Corporation) K:\Windows\SysWOW64\vbscript.dll
2015-07-15 02:00 - 2015-06-19 14:25 - 00062464 _____ (Microsoft Corporation) K:\Windows\SysWOW64\iesetup.dll
2015-07-15 02:00 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) K:\Windows\SysWOW64\html.iec
2015-07-15 02:00 - 2015-06-19 14:24 - 00047616 _____ (Microsoft Corporation) K:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 02:00 - 2015-06-19 14:23 - 00064000 _____ (Microsoft Corporation) K:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 02:00 - 2015-06-19 14:17 - 00047104 _____ (Microsoft Corporation) K:\Windows\SysWOW64\jsproxy.dll
2015-07-15 02:00 - 2015-06-19 14:16 - 00030720 _____ (Microsoft Corporation) K:\Windows\SysWOW64\iernonce.dll
2015-07-15 02:00 - 2015-06-19 14:13 - 00664064 _____ (Microsoft Corporation) K:\Windows\SysWOW64\jscript.dll
2015-07-15 02:00 - 2015-06-19 14:13 - 00115712 _____ (Microsoft Corporation) K:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 02:00 - 2015-06-19 14:03 - 00418304 _____ (Microsoft Corporation) K:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 02:00 - 2015-06-19 13:57 - 00060416 _____ (Microsoft Corporation) K:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 02:00 - 2015-06-19 13:53 - 00168960 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msrating.dll
2015-07-15 02:00 - 2015-06-19 13:52 - 00076288 _____ (Microsoft Corporation) K:\Windows\SysWOW64\mshtmled.dll
2015-07-15 02:00 - 2015-06-19 13:51 - 00285696 _____ (Microsoft Corporation) K:\Windows\SysWOW64\dxtrans.dll
2015-07-15 02:00 - 2015-06-19 13:40 - 02052608 _____ (Microsoft Corporation) K:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 02:00 - 2015-06-19 13:40 - 00689152 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msfeeds.dll
2015-07-15 02:00 - 2015-06-19 13:39 - 01155072 _____ (Microsoft Corporation) K:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 02:00 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wininet.dll
2015-07-15 02:00 - 2015-06-19 13:11 - 00710144 _____ (Microsoft Corporation) K:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 02:00 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) K:\Windows\system32\gdi32.dll
2015-07-15 02:00 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) K:\Windows\SysWOW64\gdi32.dll
2015-07-15 02:00 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) K:\Windows\system32\cewmdm.dll
2015-07-15 02:00 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) K:\Windows\SysWOW64\cewmdm.dll
2015-07-15 01:59 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) K:\Windows\system32\html.iec
2015-07-15 01:59 - 2015-06-20 15:48 - 00088064 _____ (Microsoft Corporation) K:\Windows\system32\MshtmlDac.dll
2015-07-15 01:59 - 2015-06-20 15:34 - 00816640 _____ (Microsoft Corporation) K:\Windows\system32\jscript.dll
2015-07-15 01:59 - 2015-06-20 15:08 - 00199680 _____ (Microsoft Corporation) K:\Windows\system32\msrating.dll
2015-07-15 01:59 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) K:\Windows\system32\wininet.dll
2015-07-15 01:58 - 2015-07-09 13:59 - 00017856 _____ (Microsoft Corporation) K:\Windows\system32\CompatTelRunner.exe
2015-07-15 01:58 - 2015-07-09 13:58 - 01085440 _____ (Microsoft Corporation) K:\Windows\system32\appraiser.dll
2015-07-15 01:58 - 2015-07-09 13:58 - 00765440 _____ (Microsoft Corporation) K:\Windows\system32\invagent.dll
2015-07-15 01:58 - 2015-07-09 13:58 - 00726528 _____ (Microsoft Corporation) K:\Windows\system32\generaltel.dll
2015-07-15 01:58 - 2015-07-09 13:58 - 00433664 _____ (Microsoft Corporation) K:\Windows\system32\devinv.dll
2015-07-15 01:58 - 2015-07-09 13:58 - 00227328 _____ (Microsoft Corporation) K:\Windows\system32\aepdu.dll
2015-07-15 01:58 - 2015-07-09 13:58 - 00067584 _____ (Microsoft Corporation) K:\Windows\system32\acmigration.dll
2015-07-15 01:58 - 2015-07-09 13:50 - 01145856 _____ (Microsoft Corporation) K:\Windows\system32\aeinv.dll
2015-07-15 01:58 - 2015-07-01 16:56 - 00155584 _____ (Microsoft Corporation) K:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 01:58 - 2015-07-01 16:56 - 00095680 _____ (Microsoft Corporation) K:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 01:58 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) K:\Windows\system32\lsasrv.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) K:\Windows\system32\rpcrt4.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) K:\Windows\system32\kerberos.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) K:\Windows\system32\schannel.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) K:\Windows\system32\msv1_0.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) K:\Windows\system32\ncrypt.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) K:\Windows\system32\wdigest.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) K:\Windows\system32\sspicli.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) K:\Windows\system32\TSpkg.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) K:\Windows\system32\sspisrv.dll
2015-07-15 01:58 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) K:\Windows\system32\secur32.dll
2015-07-15 01:58 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) K:\Windows\system32\cryptbase.dll
2015-07-15 01:58 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) K:\Windows\system32\credssp.dll
2015-07-15 01:58 - 2015-07-01 16:47 - 00064000 _____ (Microsoft Corporation) K:\Windows\system32\auditpol.exe
2015-07-15 01:58 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) K:\Windows\system32\lsass.exe
2015-07-15 01:58 - 2015-07-01 16:43 - 00146432 _____ (Microsoft Corporation) K:\Windows\system32\msaudite.dll
2015-07-15 01:58 - 2015-07-01 16:43 - 00060416 _____ (Microsoft Corporation) K:\Windows\system32\msobjs.dll
2015-07-15 01:58 - 2015-07-01 16:39 - 00686080 _____ (Microsoft Corporation) K:\Windows\system32\adtschema.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00552960 _____ (Microsoft Corporation) K:\Windows\SysWOW64\kerberos.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00259584 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msv1_0.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00248832 _____ (Microsoft Corporation) K:\Windows\SysWOW64\schannel.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00221184 _____ (Microsoft Corporation) K:\Windows\SysWOW64\ncrypt.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00172032 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wdigest.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00065536 _____ (Microsoft Corporation) K:\Windows\SysWOW64\TSpkg.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) K:\Windows\SysWOW64\cryptbase.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00022016 _____ (Microsoft Corporation) K:\Windows\SysWOW64\secur32.dll
2015-07-15 01:58 - 2015-07-01 16:30 - 00017408 _____ (Microsoft Corporation) K:\Windows\SysWOW64\credssp.dll
2015-07-15 01:58 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) K:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 01:58 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) K:\Windows\SysWOW64\sspicli.dll
2015-07-15 01:58 - 2015-07-01 16:29 - 00050176 _____ (Microsoft Corporation) K:\Windows\SysWOW64\auditpol.exe
2015-07-15 01:58 - 2015-07-01 16:27 - 00060416 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msobjs.dll
2015-07-15 01:58 - 2015-07-01 16:26 - 00146432 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msaudite.dll
2015-07-15 01:58 - 2015-07-01 16:24 - 00686080 _____ (Microsoft Corporation) K:\Windows\SysWOW64\adtschema.dll
2015-07-15 01:58 - 2015-07-01 15:27 - 00159232 _____ (Microsoft Corporation) K:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 01:58 - 2015-07-01 15:26 - 00290816 _____ (Microsoft Corporation) K:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 01:58 - 2015-07-01 15:26 - 00129024 _____ (Microsoft Corporation) K:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 01:58 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) K:\Windows\system32\consent.exe
2015-07-15 01:58 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) K:\Windows\system32\msi.dll
2015-07-15 01:58 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) K:\Windows\system32\authui.dll
2015-07-15 01:58 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) K:\Windows\system32\msihnd.dll
2015-07-15 01:58 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) K:\Windows\system32\appinfo.dll
2015-07-15 01:58 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) K:\Windows\system32\msiexec.exe
2015-07-15 01:58 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msi.dll
2015-07-15 01:58 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) K:\Windows\SysWOW64\authui.dll
2015-07-15 01:58 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msihnd.dll
2015-07-15 01:58 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msiexec.exe
2015-07-15 01:58 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) K:\Windows\system32\msimsg.dll
2015-07-15 01:58 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) K:\Windows\SysWOW64\msimsg.dll
2015-07-15 01:58 - 2015-06-11 13:56 - 01112576 _____ (Microsoft Corporation) K:\Windows\system32\rdpcorets.dll
2015-07-15 01:58 - 2015-06-11 13:16 - 00162816 _____ (Microsoft Corporation) K:\Windows\system32\rdpudd.dll
2015-07-15 01:58 - 2015-06-11 13:15 - 00020992 _____ (Microsoft Corporation) K:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-15 01:58 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) K:\Windows\system32\crypt32.dll
2015-07-15 01:58 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) K:\Windows\system32\wintrust.dll
2015-07-15 01:58 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) K:\Windows\system32\cryptsvc.dll
2015-07-15 01:58 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) K:\Windows\system32\cryptnet.dll
2015-07-15 01:58 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) K:\Windows\SysWOW64\wintrust.dll
2015-07-15 01:58 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) K:\Windows\SysWOW64\crypt32.dll
2015-07-15 01:58 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) K:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 01:58 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) K:\Windows\SysWOW64\cryptnet.dll
2015-07-15 01:57 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) K:\Windows\system32\ole32.dll
2015-07-15 01:57 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) K:\Windows\SysWOW64\ole32.dll
2015-07-14 19:43 - 2015-07-14 19:43 - 47225760 _____ K:\Users\mipstien\Downloads\BDPUARLauncher.exe
2015-07-14 19:35 - 2015-07-14 19:35 - 00000207 _____ K:\Windows\tweaking.com-regbackup-MIPSTIEN-PC-Windows-7-Ultimate-(64-bit).dat
2015-07-14 19:35 - 2015-07-14 19:35 - 00000000 ____D K:\RegBackup
2015-07-14 19:34 - 2015-07-14 19:34 - 03034989 _____ (Malwarebytes Corporation) K:\Users\mipstien\Desktop\JRT.exe
2015-07-13 08:21 - 2015-07-13 08:21 - 00000000 ____D K:\Program Files (x86)\Anvisoft
2015-07-13 08:20 - 2015-07-13 08:20 - 01381864 _____ (Anvisoft Corporation) K:\Users\mipstien\Downloads\AnviUnIns.exe
2015-07-12 16:48 - 2015-07-12 16:48 - 00000000 _____ K:\autoexec.bat
2015-07-12 16:47 - 2015-07-12 16:47 - 03237248 _____ (Enigma Software Group USA, LLC.) K:\Users\mipstien\Downloads\SpyHunter-Installer.exe
2015-07-12 16:36 - 2015-07-12 16:36 - 00001908 _____ K:\Users\Public\Desktop\HitmanPro.lnk
2015-07-12 16:36 - 2015-07-12 16:36 - 00000000 ____D K:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-07-12 16:35 - 2015-07-12 16:36 - 00000000 ____D K:\Program Files\HitmanPro
2015-07-12 11:30 - 2015-07-12 11:30 - 00004962 _____ K:\Windows\system32\.crusader
2015-07-12 11:26 - 2015-07-12 16:39 - 00000000 ____D K:\ProgramData\HitmanPro
2015-07-12 11:14 - 2015-07-12 11:14 - 11032736 _____ (SurfRight B.V.) K:\Users\mipstien\Downloads\HitmanPro_x64.exe
2015-07-12 10:42 - 2015-07-26 17:33 - 00000000 ____D K:\Qoobox
2015-07-12 10:42 - 2015-07-12 11:05 - 00000000 ____D K:\Windows\erdnt
2015-07-12 10:42 - 2011-06-26 02:45 - 00256000 _____ K:\Windows\PEV.exe
2015-07-12 10:42 - 2010-11-07 13:20 - 00208896 _____ K:\Windows\MBR.exe
2015-07-12 10:42 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) K:\Windows\NIRCMD.exe
2015-07-12 10:42 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) K:\Windows\SWREG.exe
2015-07-12 10:42 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) K:\Windows\SWSC.exe
2015-07-12 10:42 - 2000-08-30 20:00 - 00098816 _____ K:\Windows\sed.exe
2015-07-12 10:42 - 2000-08-30 20:00 - 00080412 _____ K:\Windows\grep.exe
2015-07-12 10:42 - 2000-08-30 20:00 - 00068096 _____ K:\Windows\zip.exe
2015-07-12 10:33 - 2015-07-25 15:07 - 05633622 ____R (Swearware) K:\Users\mipstien\Desktop\bacon.exe
2015-07-11 09:24 - 2015-07-11 09:24 - 00000000 ____D K:\Users\mipstien\AppData\Local\CEF
2015-07-10 19:46 - 2015-07-26 10:31 - 00113880 _____ (Malwarebytes Corporation) K:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-10 19:46 - 2015-07-22 22:08 - 00107736 _____ (Malwarebytes Corporation) K:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-10 19:46 - 2015-07-10 19:46 - 00000000 ____D K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-10 19:46 - 2015-07-10 19:46 - 00000000 ____D K:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-10 19:46 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) K:\Windows\system32\Drivers\mwac.sys
2015-07-09 12:10 - 2015-07-26 17:06 - 00000000 ____D K:\Program Files (x86)\Depraved Path
2015-07-05 20:32 - 2015-07-05 20:32 - 00000000 _____ K:\Users\mipstien\Desktop\New Text Document.txt
2015-07-05 19:45 - 2015-07-05 16:17 - 03568640 _____ K:\Users\mipstien\Desktop\firmware.bin
2015-07-05 19:45 - 2015-06-29 17:23 - 04194304 _____ K:\Users\mipstien\Desktop\rxTools.dat
2015-07-05 16:17 - 2015-07-05 16:17 - 00000000 ____D K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-07-05 16:13 - 2015-07-05 16:13 - 00000000 ____D K:\Users\mipstien\.idlerc
2015-07-05 16:12 - 2015-07-05 16:16 - 00000000 ____D K:\Users\mipstien\AppData\Local\pip
2015-07-05 15:43 - 2015-07-05 15:44 - 988807168 _____ K:\Users\mipstien\Documents\emuNAND.bin
2015-07-05 12:41 - 2015-07-05 12:42 - 00000000 ____D K:\Users\mipstien\Desktop\nnnnnn
2015-07-05 10:28 - 2015-07-05 10:28 - 08639424 _____ K:\Users\mipstien\Downloads\3D Sonic The Hedgehog USA RF.cia
2015-07-04 15:03 - 2015-07-10 19:58 - 00000000 ____D K:\Program Files (x86)\Adguard AdBlocker
2015-07-04 12:41 - 2015-07-04 12:41 - 00862132 _____ K:\Users\mipstien\Downloads\blargSnes_1.3.zip
2015-06-30 09:09 - 2015-07-26 20:20 - 00000930 _____ K:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4175700417-2625130506-3875332652-1000UA.job
2015-06-30 09:09 - 2015-07-25 22:20 - 00000878 _____ K:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4175700417-2625130506-3875332652-1000Core.job
2015-06-30 09:09 - 2015-07-16 22:15 - 00003906 _____ K:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4175700417-2625130506-3875332652-1000UA
2015-06-30 09:09 - 2015-07-16 22:15 - 00003510 _____ K:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4175700417-2625130506-3875332652-1000Core
2015-06-30 09:09 - 2015-06-30 09:09 - 00000000 ____D K:\Users\mipstien\AppData\Local\Dropbox
2015-06-30 09:09 - 2015-06-30 09:09 - 00000000 ____D K:\ProgramData\Dropbox
2015-06-28 11:30 - 2015-02-28 17:53 - 00026112 _____ K:\Users\mipstien\Desktop\slot0x25KeyX Generator v1.2.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-26 20:32 - 2013-04-27 20:36 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\uTorrent
2015-07-26 20:27 - 2013-04-24 09:37 - 00003950 _____ K:\Windows\System32\Tasks\User_Feed_Synchronization-{76E971C1-42FE-4F17-AE60-8EF5BB25C86F}
2015-07-26 20:15 - 2013-04-24 00:09 - 01594338 _____ K:\Windows\WindowsUpdate.log
2015-07-26 19:53 - 2013-04-24 10:42 - 00000830 _____ K:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-26 18:28 - 2009-07-14 00:45 - 00020512 ____H K:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-26 18:28 - 2009-07-14 00:45 - 00020512 ____H K:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-26 18:26 - 2009-07-14 01:13 - 00782470 _____ K:\Windows\system32\PerfStringBackup.INI
2015-07-26 18:21 - 2013-04-24 00:14 - 00000000 ____D K:\Program Files (x86)\Steam
2015-07-26 18:20 - 2013-07-27 23:12 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\Dropbox
2015-07-26 18:20 - 2013-05-27 23:55 - 00859444 _____ K:\Windows\SysWOW64\TVersityMediaServer.log
2015-07-26 18:20 - 2013-05-27 23:55 - 00000000 _____ K:\Windows\SysWOW64\chrome.log
2015-07-26 18:20 - 2013-05-25 22:08 - 00000000 ____D K:\Program Files (x86)\PS3 Media Server
2015-07-26 18:20 - 2013-04-24 00:18 - 00000000 ____D K:\ProgramData\NVIDIA
2015-07-26 18:20 - 2009-07-14 01:08 - 00000006 ____H K:\Windows\Tasks\SA.DAT
2015-07-26 18:20 - 2009-07-14 00:51 - 00023929 _____ K:\Windows\setupact.log
2015-07-26 18:04 - 2013-04-24 00:31 - 00072574 _____ K:\Windows\PFRO.log
2015-07-26 17:33 - 2013-04-24 00:12 - 00000000 ____D K:\Users\mipstien\AppData\Local\Apps\2.0
2015-07-26 17:19 - 2009-07-13 22:34 - 00000215 _____ K:\Windows\system.ini
2015-07-26 17:17 - 2013-08-15 03:01 - 00000000 ____D K:\Windows\system32\MRT
2015-07-26 15:11 - 2009-07-14 01:32 - 00000000 ____D K:\Program Files\Windows Defender
2015-07-26 09:53 - 2013-04-24 11:04 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\vlc
2015-07-26 09:50 - 2013-04-24 00:12 - 00000000 ____D K:\Users\mipstien\AppData\Local\Deployment
2015-07-26 09:39 - 2013-04-24 00:12 - 00000000 ____D K:\Users\mipstien\AppData\Local\Google
2015-07-25 20:57 - 2013-05-27 23:55 - 01024048 _____ K:\Windows\SysWOW64\TVersityMediaServer.log.1
2015-07-25 07:42 - 2015-04-05 03:00 - 00000000 ___SD K:\Windows\system32\GWX
2015-07-24 23:52 - 2014-09-02 07:38 - 00000000 ____D K:\ProgramData\MEGAsync
2015-07-21 03:17 - 2009-07-14 00:45 - 00280784 _____ K:\Windows\system32\FNTCACHE.DAT
2015-07-19 11:37 - 2015-06-13 10:58 - 00001956 _____ K:\Users\mipstien\unicentaopos.properties
2015-07-19 09:11 - 2015-06-13 10:55 - 00000000 ____D K:\Users\mipstien\unicentaopos-database
2015-07-18 10:12 - 2015-01-08 09:49 - 868982189 _____ K:\Windows\MEMORY.DMP
2015-07-18 10:12 - 2013-05-07 13:49 - 00000000 ____D K:\Windows\Minidump
2015-07-18 03:01 - 2013-05-18 00:05 - 00000000 ____D K:\ProgramData\Skype
2015-07-16 03:01 - 2015-04-05 03:00 - 00000000 ___SD K:\Windows\SysWOW64\GWX
2015-07-15 22:59 - 2013-04-24 00:12 - 00000000 ____D K:\Program Files (x86)\Google
2015-07-15 21:18 - 2013-12-08 20:19 - 00009722 _____ K:\Windows\DPINST.LOG
2015-07-15 03:58 - 2009-07-13 23:20 - 00000000 ____D K:\Windows\rescache
2015-07-15 03:19 - 2014-12-10 04:21 - 00000000 ____D K:\Windows\system32\appraiser
2015-07-15 03:19 - 2014-05-07 03:01 - 00000000 ___SD K:\Windows\system32\CompatTel
2015-07-15 03:19 - 2009-07-13 23:20 - 00000000 ____D K:\Windows\PolicyDefinitions
2015-07-15 03:02 - 2013-05-26 18:26 - 00000000 ____D K:\ProgramData\Microsoft Help
2015-07-14 20:53 - 2013-04-24 10:42 - 00778416 _____ (Adobe Systems Incorporated) K:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 20:53 - 2013-04-24 10:42 - 00142512 _____ (Adobe Systems Incorporated) K:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 20:53 - 2013-04-24 10:42 - 00003768 _____ K:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 12:02 - 2013-06-24 08:38 - 00002441 _____ K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 12:01 - 2014-12-24 13:03 - 00003886 _____ K:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-13 08:37 - 2015-01-07 21:01 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\JAM Software
2015-07-12 11:09 - 2009-07-13 23:20 - 00000000 __RHD K:\Users\Default
2015-07-12 10:38 - 2015-03-13 14:54 - 00000000 ____D K:\Users\mipstien\Desktop\892ZLWLR
2015-07-12 10:37 - 2015-06-20 11:43 - 00001929 _____ K:\Users\mipstien\Desktop\DVD Flick.lnk
2015-07-12 10:37 - 2015-06-20 11:43 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\DVD Flick
2015-07-12 10:37 - 2015-06-20 11:43 - 00000000 ____D K:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
2015-07-12 10:37 - 2015-06-20 11:43 - 00000000 ____D K:\Program Files (x86)\DVD Flick
2015-07-12 10:30 - 2013-05-18 00:05 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\Skype
2015-07-11 09:23 - 2009-07-14 00:45 - 00000000 ____D K:\Windows\Setup
2015-07-10 23:08 - 2013-05-27 23:55 - 01024005 _____ K:\Windows\SysWOW64\TVersityMediaServer.log.2
2015-07-10 19:46 - 2013-05-17 09:42 - 00001117 _____ K:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-10 19:46 - 2013-05-17 09:42 - 00000000 ____D K:\Users\mipstien\AppData\Roaming\Malwarebytes
2015-07-10 19:46 - 2013-05-17 09:42 - 00000000 ____D K:\ProgramData\Malwarebytes
2015-07-05 16:13 - 2013-04-24 00:09 - 00000000 ____D K:\Users\mipstien
2015-07-04 11:43 - 2014-11-24 09:27 - 00000000 __SHD K:\Users\mipstien\AppData\Local\EmieBrowserModeList
2015-07-04 11:43 - 2014-05-11 10:24 - 00000000 __SHD K:\Users\mipstien\AppData\Local\EmieUserList
2015-07-04 11:43 - 2014-05-11 10:24 - 00000000 __SHD K:\Users\mipstien\AppData\Local\EmieSiteList
2015-07-03 08:43 - 2013-04-24 01:28 - 130333168 _____ (Microsoft Corporation) K:\Windows\system32\MRT.exe
2015-06-29 08:14 - 2013-08-18 10:14 - 00000000 ____D K:\ProgramData\Origin

==================== Files in the root of some directories =======

2013-11-24 12:17 - 2013-11-24 12:17 - 0000540 _____ () K:\Users\mipstien\AppData\Roaming\AutoGK.ini
2014-04-13 10:48 - 2014-04-13 11:11 - 0000600 _____ () K:\Users\mipstien\AppData\Roaming\winscp.rnd
2013-05-07 22:45 - 2014-04-13 10:25 - 0014848 _____ () K:\Users\mipstien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-06 15:06 - 2013-07-06 15:06 - 0000001 _____ () K:\Users\mipstien\AppData\Local\llftool.4.30.agreement
2015-01-07 09:35 - 2015-01-07 09:35 - 0000000 ___SH () K:\Users\mipstien\AppData\Local\LumaEmu
2013-04-24 00:10 - 2014-06-29 17:42 - 0007605 _____ () K:\Users\mipstien\AppData\Local\resmon.resmoncfg
2015-07-05 10:41 - 2015-07-05 10:47 - 0053599 _____ () K:\Users\mipstien\AppData\Local\Tempnopic.png

Some files in TEMP:
====================
K:\Users\mipstien\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmm7cpr.dll

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

K:\Windows\System32\winlogon.exe => File is digitally signed
K:\Windows\System32\wininit.exe => File is digitally signed
K:\Windows\SysWOW64\wininit.exe => File is digitally signed
K:\Windows\explorer.exe => File is digitally signed
K:\Windows\SysWOW64\explorer.exe => File is digitally signed
K:\Windows\System32\svchost.exe => File is digitally signed
K:\Windows\SysWOW64\svchost.exe => File is digitally signed
K:\Windows\System32\services.exe => File is digitally signed
K:\Windows\System32\User32.dll => File is digitally signed
K:\Windows\SysWOW64\User32.dll => File is digitally signed
K:\Windows\System32\userinit.exe => File is digitally signed
K:\Windows\SysWOW64\userinit.exe => File is digitally signed
K:\Windows\System32\rpcss.dll => File is digitally signed
K:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!

LastRegBack: 2015-07-23 00:05

==================== End of log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:34 PM

Posted 26 July 2015 - 09:38 PM

Hello and welcome to Bleeping Computer.
 
Please run the following:
 



Download Malwarebytes Anti-Rootkit (MBAR) from the following link and save it to your desktop.
http://downloads.malwarebytes.org/file/mbar
 
Next...Double click on the MBAR file you downloaded.
Approve the UAC prompt in Vista and newer operating systems.
Click OK on the next screen, to allow the package to extract the contents of the file to it's own folder, mbar.
By default, this will be on your desktop, though you can choose another location if you wish. We advise using the default location for simplicity.
mbar.exe will launch automatically. On some systems, this may take a few extra seconds. Please be patient and wait for the program to open.
After reading the Introduction, click 'Next' if you agree.
On the Update Database screen, click on the 'Update' button.
Once you see 'Success: Database was successfully updated' click on 'Next'.
Click the 'Scan' button.
 
A.With some infections, you may see two messages boxes.
1.'Could not load protection driver'. Click 'OK'.
2.'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
 
If malware is found, press the Cleanup button when the scan completes.
Then, please send the following logs as attachments to your reply. These logs are located in the mbar folder on your desktop where the tool extracted itself to.
 
mbar-log-2014-xx-xx(xx-xx-xx).txt (where xx-xx(xx-xx-xx) is the date and time of the scan)
system-log.txt

Edited by CatByte, 28 July 2015 - 10:13 AM.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 mipstien

mipstien
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 26 July 2015 - 10:41 PM

mbar scan done

Attached Files



#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:34 PM

Posted 27 July 2015 - 10:57 AM

Please do the following:

Download the attached fixlist.txt file and save it to the Desktop/Frst folder, where FRST64.exe is saved.

 

Attached File  FixList.txt   724bytes   25 downloads

NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

Run FRST64 and press the Fix button just once and wait.
The tool will make a log in the same folder as where FRST is saved. (Fixlog.txt).
Please attach it to your reply.

(note: sometimes the program will need to reboot - please allow it to do so)

NEXT

Temporarily disable your Antivirus protection - if you don't know how to do that, please consult the article below.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Please download ZOEK and save it to your desktop (preferred version is the *.exe one - upper left corner).

http://hijackthis.nl/smeenk/

Attached to this message you will find a file called zoekscript

 

Attached File  zoekscript.txt   125bytes   9 downloads

Download it too and save to your desktop - _it needs to be in the same location as the ZOEK tool

Drag zoekscript file and drop it onto ZOEK icon - this should launch the program:

The scan may take a while and may need a reboot.
Upon completion a file zoek-results should appear.
Attach it for my review.


Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 mipstien

mipstien
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 27 July 2015 - 06:39 PM

the last few lines of the zoek results.log. restart box didn't show up for a long time apparently.

 

==== After Reboot ======================

==== Empty Temp Folders ======================

K:\Windows\Temp successfully emptied
K:\Users\mipstien\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

K:\$RECYCLE.BIN successfully emptied

==== EOF on Mon 07/27/2015 at 19:41:14.28 ======================

Attached Files


Edited by mipstien, 27 July 2015 - 06:44 PM.


#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:34 PM

Posted 27 July 2015 - 07:57 PM

Please do the following:

Press the WinKey + r to open a run box > type in:

inetcpl.cpl

Press enter > click on the Security tab > click the "Reset all zones to default levels" button.



Please advise how the PC is running now and if there are any outstanding issues.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 mipstien

mipstien
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 27 July 2015 - 09:02 PM

no changes. IE is still saying it can't download the file because of a virus and chrome is still not installing from the 'get chrome' button on google.com.



#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:34 PM

Posted 28 July 2015 - 10:16 AM

Please do the following:

Reset Internet Explorer settings

a. Press Windows logo + R to open the Run dialog box.

b. Type inetcpl.cpl in the run dialog box, press Enter.

c. Now click the advanced tab and then click Reset.

d. Click apply and then ok.



NEXT

Install Microsoft Security Essentials:

http://windows.microsoft.com/en-CA/windows/security-essentials-download


NEXT

Download and install Chrome manually

https://www.google.com/chrome?brand=CHMO#eula

Let me know how things are now.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 mipstien

mipstien
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 28 July 2015 - 06:29 PM

I have reset my browser many times at this point. I can not download anything still.



#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:34 PM

Posted 28 July 2015 - 08:15 PM

are you able to download Microsoft Security Essentials and Chrome to a USB stick via another computer and transfer it over?

The setting is because of a corruption in Defender, so installing and running Microsoft Security Essentials should help that:

Try this:

Click Start > Computer > Local Disk (C:) > Program Files.
Right-click the "Windows Defender" folder and select "Rename" from the context menu.
Add a unique variation to the filename, such as .old (for example, Windows Defender.old)

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 mipstien

mipstien
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 28 July 2015 - 08:59 PM

when you told me defender was corrupt I was able to figure that out. so files download but I still get chrome installer failed to start when I try to run it. it is a chrome error and not a windows error.



#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:34 PM

Posted 28 July 2015 - 09:48 PM

do you have the installer file Chromesetup.exe downloaded to the desktop?

If so > right click it and choose "Run as an Administrator" and it should install

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 mipstien

mipstien
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 29 July 2015 - 07:25 AM

The ChromeSetup.exe file gives an unknown installer error and the standalone you can download eventually gives the installer failed. the browser install from IE sometimes runs and other times doesn't but it never installs either.



#14 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:34 PM

Posted 29 July 2015 - 09:21 AM

let's do this:

Please download SystemLook from one of the links below and save it to your Desktop.
Link 1
Link 2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :filefind
    *chrome*
    :folderfind
    *chrome*
    :regfind
    chrome
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#15 mipstien

mipstien
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 29 July 2015 - 06:55 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 19:53 on 29/07/2015 by mipstien
Administrator - Elevation successful

========== filefind ==========

Searching for "*chrome*"
K:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\43.0.2357.134\43.0.2357.134_chrome_installer.exe --a---- 42829392 bytes [02:59 16/07/2015] [13:00 14/07/2015] 86731DC801EDB96D804B1BA2BEBD36D5
K:\Program Files (x86)\Google\Update\Install\{03B1E888-70EA-40F1-8DA3-E8404511CDC1}\43.0.2357.130_43.0.2357.124_chrome_updater.exe --a---- 1063504 bytes [22:39 22/06/2015] [15:20 22/06/2015] C29E128D08F09C9AEAABA0B602165262
K:\Program Files (x86)\Google\Update\Install\{2268FA92-082B-41AE-BF2A-CF69D4CF20E5}\42.0.2311.135_42.0.2311.90_chrome_updater.exe --a---- 1089104 bytes [21:32 30/04/2015] [17:23 28/04/2015] 5CBF70FD73ED1498448C471F9672E17E
K:\Program Files (x86)\Google\Update\Install\{24A3BD27-66BB-4470-AA1A-1ED34F4C50AC}\43.0.2357.65_42.0.2311.152_chrome_updater.exe --a---- 6714960 bytes [04:38 22/05/2015] [15:15 19/05/2015] CCAF0DCB4BEF3FCD615E15B46B22F349
K:\Program Files (x86)\Google\Update\Install\{2C234533-0FF1-4057-B2CB-A4628AF4085B}\43.0.2357.124_43.0.2357.81_chrome_updater.exe --a---- 2212944 bytes [02:37 10/06/2015] [13:00 09/06/2015] 74D7DFE507EA48737061EA8E990157E8
K:\Program Files (x86)\Google\Update\Install\{2C52ED5B-FB0C-4B21-93A8-E3B6BDF52A72}\41.0.2272.89_40.0.2214.115_chrome_updater.exe --a---- 10033232 bytes [10:33 12/03/2015] [18:09 10/03/2015] 7DF547F2E361A6ADC8DFAF9544C6A283
K:\Program Files (x86)\Google\Update\Install\{33D15473-2366-4E69-AE61-DBF5E346BDE4}\40.0.2214.111_40.0.2214.94_chrome_updater.exe --a---- 1043024 bytes [06:31 06/02/2015] [16:41 05/02/2015] 1F9A2717F6C6D3440B1F4A59FF96C708
K:\Program Files (x86)\Google\Update\Install\{62358425-5D06-4496-93D7-DA63E5CFEFE2}\43.0.2357.134_chrome_installer.exe --a---- 42829392 bytes [02:59 16/07/2015] [13:00 14/07/2015] 86731DC801EDB96D804B1BA2BEBD36D5
K:\Program Files (x86)\Google\Update\Install\{629DD30F-7333-48E3-864B-2793E19A7779}\42.0.2311.152_42.0.2311.135_chrome_updater.exe --a---- 1044048 bytes [09:31 14/05/2015] [15:38 12/05/2015] D308FEE17FBACB94C2E27067AE2C57A6
K:\Program Files (x86)\Google\Update\Install\{75480EF5-46F5-4D5C-9495-F27F73D16664}\43.0.2357.81_43.0.2357.65_chrome_updater.exe --a---- 1106512 bytes [22:38 25/05/2015] [15:14 25/05/2015] 2D7D54B47ACFAB94671E3C97B2D2E639
K:\Program Files (x86)\Google\Update\Install\{953274CE-07C0-4522-B851-A86EF0696D94}\42.0.2311.90_41.0.2272.118_chrome_updater.exe --a---- 11017296 bytes [01:32 17/04/2015] [17:15 14/04/2015] 0D423A0CBEC984F3C08354C72E999FB1
K:\Program Files (x86)\Google\Update\Install\{9C8AB3C9-47FE-4B44-A345-BA2CD30348CD}\40.0.2214.115_40.0.2214.111_chrome_updater.exe --a---- 840272 bytes [23:31 19/02/2015] [15:47 19/02/2015] F4CC03D0A936AD6780ADA614AE81B413
K:\Program Files (x86)\Google\Update\Install\{EEF5BAB3-33EB-4EDE-B01E-BE0E2DC21BA5}\41.0.2272.101_41.0.2272.89_chrome_updater.exe --a---- 885840 bytes [17:32 20/03/2015] [21:36 19/03/2015] A38E9C48F13C11CAB641A0C91F8F12A1
K:\Program Files (x86)\Google\Update\Install\{F39A9652-C43A-483C-8CBF-FB5AE88D33D1}\41.0.2272.118_41.0.2272.101_chrome_updater.exe --a---- 864336 bytes [00:32 03/04/2015] [00:01 01/04/2015] 04A8F29E2CB7A633109E6AF1316F6E97
K:\Program Files (x86)\Google\Update\Offline\{278A5B40-C6D9-428E-AB9D-11990BB07DA9}\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.125_chrome_installer.exe --a---- 42944592 bytes [01:56 29/07/2015] [01:56 29/07/2015] 93863BFC8FBDFE732A4AC18D19FF906E
K:\Program Files (x86)\Google\Update\Offline\{8113FE48-1BC5-46AC-8C6F-598BA1A58230}\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.125_chrome_installer.exe --a---- 42944592 bytes [01:58 29/07/2015] [01:58 29/07/2015] 93863BFC8FBDFE732A4AC18D19FF906E
K:\Program Files (x86)\Google\Update\Offline\{FE94C559-F2FD-4955-97AD-B5759382BC9F}\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.107_chrome_installer.exe --a---- 42941008 bytes [14:24 26/07/2015] [14:23 26/07/2015] 5017501039D21F12342BC9D2883C94FD
K:\Program Files (x86)\Steam\bin\chromehtml.dll --a---- 704192 bytes [17:10 19/04/2013] [19:18 28/07/2015] A20116D3F7576F66B0D2149A221F12E1
K:\Program Files (x86)\Steam\resource\layout\gamespage_grid_chrome.layout --a---- 2841 bytes [16:43 16/03/2010] [18:48 11/11/2014] 31F82813F089BCB12AF17A77D4CD0CD1
K:\Program Files (x86)\Steam\SteamApps\common\ZMR\chrome.pak --a---- 656292 bytes [20:49 01/11/2014] [20:50 01/11/2014] 1434635BA0E1DBE241C1A5AD7BDB9890
K:\ProgramData\McAfee\MCLOGS\Common\chromeinstall-7u21\chromeinstall-7u21000.log --a---- 2704 bytes [13:39 24/04/2013] [13:39 24/04/2013] BB5796DCC9FDB8C12CCC7D7CB05B1396
K:\ProgramData\McAfee\MCLOGS\Common\chromeinstall-7u51\chromeinstall-7u51000.log --a---- 2704 bytes [23:08 18/01/2014] [23:08 18/01/2014] 9A5DC60840CB062C2DC7293AB2FF8E16
K:\ProgramData\TVersity\Media Server\chrome.dll --a---- 18105128 bytes [21:14 17/12/2011] [21:14 17/12/2011] 978588D18BD77836CE21F9355F53E025
K:\Qoobox\Quarantine\K\Users\mipstien\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\5.0.14_1\src\css\chrome-bootstrap.css.vir --a---- 19656 bytes [19:02 04/07/2015] [15:10 06/05/2015] 938D17691E629AC1B2956B8C35C5B4E1
K:\Qoobox\Quarantine\K\Users\mipstien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnlcjabgnpnenekpadlanbbkooimhnj_0.localstorage-journal.vir --a---- 16384 bytes [13:18 04/12/2014] [14:32 12/07/2015] 2C106C96FE14B58EFF21B02C110B15BA
K:\Qoobox\Quarantine\K\Users\mipstien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnlcjabgnpnenekpadlanbbkooimhnj_0.localstorage.vir --a---- 1003520 bytes [13:18 04/12/2014] [14:32 12/07/2015] AF8D73A3B779DD2F0467D8CB7C391CA8
K:\Qoobox\Quarantine\K\Users\mipstien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage.vir --a---- 456704 bytes [07:30 09/07/2015] [14:22 12/07/2015] FBCDB10E62FAEC8536C815EACF94288C
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\lib\ClientLibChrome.dat --a---- 1406 bytes [00:09 05/06/2015] [00:09 05/06/2015] 541BC814C88CC041B3D208F64BAA4112
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\mod_chrome.dat --a---- 21404 bytes [00:09 05/06/2015] [00:09 05/06/2015] 7738EFE95AD784E1256ED1385059ED99
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-cs_CZ.swf --a---- 19764 bytes [00:09 05/06/2015] [00:09 05/06/2015] 5AA90EC46A5E3D37C922C83187586326
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-de_DE.swf --a---- 19890 bytes [00:09 05/06/2015] [00:09 05/06/2015] 4200EB0E05232F31E6FD8332B846D5A5
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-el_GR.swf --a---- 19763 bytes [00:09 05/06/2015] [00:09 05/06/2015] DE48F609AB601CE8B91A939D2DE59B5A
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-en_AU.swf --a---- 19766 bytes [00:09 05/06/2015] [00:09 05/06/2015] 18BA1EF878D888E757B07767F13B4B7C
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-en_GB.swf --a---- 19474 bytes [00:09 05/06/2015] [00:09 05/06/2015] 0808C37BF861CC6FE28D28A55921E838
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-en_US.swf --a---- 19768 bytes [00:09 05/06/2015] [00:09 05/06/2015] 3B9041FD92B8C8D3C62AC462DFE12E91
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-es_ES.swf --a---- 19867 bytes [00:09 05/06/2015] [00:09 05/06/2015] F6CF5E22E50D10DA9736B179883FEFB5
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-fr_FR.swf --a---- 19879 bytes [00:09 05/06/2015] [00:09 05/06/2015] 665C6116D45B60D6A8530DF9F165EDA4
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-hu_HU.swf --a---- 19763 bytes [00:09 05/06/2015] [00:09 05/06/2015] 417B05D1A71D2B6331C2DE1FBD0CF1F4
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-it_IT.swf --a---- 19764 bytes [00:09 05/06/2015] [00:09 05/06/2015] 456FBC09D32AD6A9B7908D00A23CDEF8
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-ko_KR.swf --a---- 19764 bytes [00:09 05/06/2015] [00:09 05/06/2015] 65ED291EA0A239D47D524A7601495D87
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-pl_PL.swf --a---- 19475 bytes [00:09 05/06/2015] [00:09 05/06/2015] 94A89EE46559AAFD7BD6B6D265A3D7D9
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-pt_BR.swf --a---- 19763 bytes [00:09 05/06/2015] [00:09 05/06/2015] 5FEB72A824D0034FB8FAF21684411456
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-ro_RO.swf --a---- 19761 bytes [00:09 05/06/2015] [00:09 05/06/2015] 6870596FA4B9A3FF0A2C4DCF3297A29B
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-ru_RU.swf --a---- 19764 bytes [00:09 05/06/2015] [00:09 05/06/2015] 08AD83C6777E30441FDE6DA0E47E596E
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\assets\locale\Chrome-tr_TR.swf --a---- 19475 bytes [00:09 05/06/2015] [00:09 05/06/2015] 351D77975F32D514B78056C62C01C9BE
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\themes\lolBrand\chromeAssets.swf --a---- 332469 bytes [01:19 04/04/2015] [01:19 04/04/2015] 0D1F027D3891ECA7F640D10E359E22E8
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome\themes\parchment\chromeAssets.swf --a---- 711918 bytes [01:18 06/01/2015] [01:18 06/01/2015] 7F6466194113E5CC367661A9D46B0A48
K:\Riot Games\League of Legends\RADS\projects\lol_patcher\managedfiles\0.0.0.30\Content\Loadable\RiotClient\Release\bundle-chrome.load --a---- 5410212 bytes [00:08 05/06/2015] [00:08 05/06/2015] DA62666DAC6C9366DCF59C33DA90A330
K:\Users\All Users\McAfee\MCLOGS\Common\chromeinstall-7u21\chromeinstall-7u21000.log --a---- 2704 bytes [13:39 24/04/2013] [13:39 24/04/2013] BB5796DCC9FDB8C12CCC7D7CB05B1396
K:\Users\All Users\McAfee\MCLOGS\Common\chromeinstall-7u51\chromeinstall-7u51000.log --a---- 2704 bytes [23:08 18/01/2014] [23:08 18/01/2014] 9A5DC60840CB062C2DC7293AB2FF8E16
K:\Users\All Users\TVersity\Media Server\chrome.dll --a---- 18105128 bytes [21:14 17/12/2011] [21:14 17/12/2011] 978588D18BD77836CE21F9355F53E025
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PKVQ95KF\chrome-32[1].png --a---- 1310 bytes [22:48 28/07/2015] [22:48 28/07/2015] 89CD2ED868EB8ACB6D0A335F4489C7E6
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FRUJCKOG\chromebook-everyone[1].jpg --a---- 54615 bytes [22:48 28/07/2015] [22:48 28/07/2015] 33C3C545A22AB3F8A719382D09EC6A68
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FRUJCKOG\chrome_logo_2x[1].png --a---- 3920 bytes [22:48 28/07/2015] [22:48 28/07/2015] 84EC0A4D89CB5E6D0A2C4A07C3114653
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FRUJCKOG\kickwithchrome[1].jpg --a---- 70111 bytes [22:48 28/07/2015] [22:48 28/07/2015] 306703D8AC63AE159D47DEEC706B2A28
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVUZHCNL\chrome-new[1].jpg --a---- 68716 bytes [23:35 28/07/2015] [23:35 28/07/2015] BAB590425CFD8BD60BEA017352E1BEC2
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVUZHCNL\chromebook-everyone[1].jpg --a---- 16227 bytes [22:48 28/07/2015] [22:48 28/07/2015] DC966569824C231CC5D6AB3442E75032
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVUZHCNL\chrome[1].htm --a---- 54879 bytes [22:48 28/07/2015] [22:48 28/07/2015] BA051DF64E2F167A77DB219E59B70DEC
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVUZHCNL\chrome_throbber_fast_16[1].gif --a---- 1548 bytes [22:48 28/07/2015] [22:48 28/07/2015] 00C51A8420DEA24FEE0C97D8D836DBF3
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVUZHCNL\chrome_throbber_fast_16[2].gif --a---- 1548 bytes [23:35 28/07/2015] [23:35 28/07/2015] 00C51A8420DEA24FEE0C97D8D836DBF3
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVUZHCNL\kickwithchrome[1].jpg --a---- 10612 bytes [22:48 28/07/2015] [22:48 28/07/2015] EF3D6E4EA80DC1ED762AD17867C03A4B
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q9SULZGA\chrome.min[1].css --a---- 166375 bytes [22:48 28/07/2015] [22:48 28/07/2015] 64526B5C80457D0099624E2F41D2CAE9
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q9SULZGA\directions_chrome_empty[1].png --a---- 45686 bytes [01:44 29/07/2015] [01:44 29/07/2015] 8172540A041680529DDB2A58CCCA8997
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2KCDJ30\chrome-48[1].png --a---- 1834 bytes [01:43 29/07/2015] [01:43 29/07/2015] 3FE84B8B53D7401B32FABD0C70F211BB
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2KCDJ30\chrome-existing[1].jpg --a---- 48750 bytes [22:48 28/07/2015] [22:48 28/07/2015] 97D25056CE49C3E19B4503FBEDC3042E
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2KCDJ30\chrome-installer.min[1].js --a---- 225686 bytes [22:48 28/07/2015] [22:48 28/07/2015] FBEE4F0A73C243005E73EC57E6F16570
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2KCDJ30\chrome-title[1].png --a---- 2544 bytes [22:48 28/07/2015] [22:48 28/07/2015] 29D53264387DB0C871B41A106946B70A
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2KCDJ30\chrome.min[1].js --a---- 206188 bytes [12:17 29/07/2015] [12:17 29/07/2015] 992F263770B41DF9EBE8CE43C5B99E09
K:\Users\mipstien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2KCDJ30\chrome[1].htm --a---- 227 bytes [22:48 28/07/2015] [22:48 28/07/2015] 0F8BA3DA5EC9C4330A36CEFACDAC783F
K:\Users\mipstien\AppData\Local\Popcorn Time\src\app\images\icons\chromecast-icon.png --a---- 1161 bytes [12:52 16/02/2015] [12:52 16/02/2015] 1E89F285A64C20A33F9B31AB261F2217
K:\Users\mipstien\AppData\Local\Popcorn Time\src\app\lib\device\chromecast.js --a---- 4817 bytes [12:52 16/02/2015] [12:52 16/02/2015] 69E19FDD617DEB728D021650130C9EC0
K:\Users\mipstien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1ec0f72738fb119e\iMacros for Chrome.lnk --a---- 2636 bytes [01:55 20/02/2015] [01:55 20/02/2015] 9378CC8CB83FE9DFA14E114339C94888
K:\Users\mipstien\Desktop\backupchrome.reg --a---- 13240 bytes [13:52 26/07/2015] [13:52 26/07/2015] 9D0359EA30F92CFE844EA3CE2B2B02F5
K:\Users\mipstien\Desktop\ChromeSetup(2).exe ------- 931408 bytes [12:23 29/07/2015] [12:22 29/07/2015] C42B77A66A4B794A56DFCD2FBEA5AD01
K:\Users\mipstien\Desktop\ChromeSetup.exe --a---- 931408 bytes [12:20 29/07/2015] [18:32 28/07/2015] C42B77A66A4B794A56DFCD2FBEA5AD01
K:\Users\mipstien\Downloads\ChromeSetup.exe --a---- 931408 bytes [02:58 16/07/2015] [02:58 16/07/2015] 09A23904B50A8C0875B3F88E60C331C5
K:\Users\mipstien\Downloads\ChromeStandaloneSetup (1).exe --a---- 44395600 bytes [01:56 29/07/2015] [01:57 29/07/2015] 31A81AFFA6A49C492578C6B532F9013A
K:\Users\mipstien\Downloads\ChromeStandaloneSetup.exe --a---- 44392528 bytes [14:23 26/07/2015] [14:23 26/07/2015] 338A5F5DCB8D901E0619A4B4383E365D
K:\Users\Public\Sony Online Entertainment\Installed Games\EverQuest\Mozilla\chrome\chromelist.txt --a---- 80458 bytes [02:26 04/05/2013] [22:45 15/02/2007] C79BC2AD13647B1FBCE8BA8D8376F2BF
K:\Users\Public\Sony Online Entertainment\Installed Games\EverQuest\Mozilla\components\chrome.xpt --a---- 344 bytes [02:26 04/05/2013] [22:45 15/02/2007] 58A54C11392169799D48E7E083ABD431
K:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\chrome.browser --a---- 2107 bytes [00:29 19/03/2013] [00:29 19/03/2013] 8C54E6C4F9E0CC3274EA6D04AAE9436B
K:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\chrome.browser --a---- 2107 bytes [22:24 21/03/2013] [22:24 21/03/2013] 8C54E6C4F9E0CC3274EA6D04AAE9436B
K:\Windows\SysWOW64\chrome.log --a---- 0 bytes [03:55 28/05/2013] [01:50 29/07/2015] D41D8CD98F00B204E9800998ECF8427E

========== folderfind ==========

Searching for "*chrome*"
K:\Program Files (x86)\Google\Chrome d------ [02:59 16/07/2015]
K:\Program Files (x86)\Steam\bin\chrome.pak d------ [02:03 12/11/2013]
K:\ProgramData\McAfee\MCLOGS\Common\chromeinstall-7u21 d------ [13:39 24/04/2013]
K:\ProgramData\McAfee\MCLOGS\Common\chromeinstall-7u51 d------ [23:08 18/01/2014]
K:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_chromeinstall-8u_c3be417e9de737cc624b681250a1b77244f674_1aaa001f d----c- [13:42 08/11/2014]
K:\Qoobox\Quarantine\K\Users\mipstien\AppData\Local\Google\Chrome d------ [14:49 12/07/2015]
K:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.147\deploy\mod\chrome d------ [13:35 11/02/2014]
K:\Riot Games\League of Legends\RADS\projects\lol_patcher\managedfiles\0.0.0.11\Content\Runtime\RiotClient\Release\bundle-chrome d------ [01:17 06/01/2015]
K:\Riot Games\League of Legends\RADS\projects\lol_patcher\managedfiles\0.0.0.14\Content\Runtime\RiotClient\Release\bundle-chrome d------ [01:17 06/01/2015]
K:\Riot Games\League of Legends\RADS\projects\lol_patcher\managedfiles\0.0.0.27\Content\Runtime\RiotClient\Release\bundle-chrome d------ [00:16 15/04/2015]
K:\Riot Games\League of Legends\RADS\projects\lol_patcher\managedfiles\0.0.0.9\Content\Runtime\RiotClient\Release\bundle-chrome d------ [01:17 06/01/2015]
K:\Users\All Users\McAfee\MCLOGS\Common\chromeinstall-7u21 d------ [13:39 24/04/2013]
K:\Users\All Users\McAfee\MCLOGS\Common\chromeinstall-7u51 d------ [23:08 18/01/2014]
K:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_chromeinstall-8u_c3be417e9de737cc624b681250a1b77244f674_1aaa001f d----c- [13:42 08/11/2014]
K:\Users\mipstien\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_chrome.exe_22c2bac83f99563fb42d3afadf9294af33b9daf_13e37167 d----c- [12:18 13/02/2015]
K:\Users\mipstien\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_chrome.exe_4f4eb6b37b6e639f7fe8f637d56b9b454530f816_377ce80a d----c- [12:48 04/08/2014]
K:\Users\mipstien\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_chrome.exe_907df414c847392f6b20eea33269f2675b_05ba294c d----c- [02:03 23/07/2015]
K:\Users\mipstien\AppData\Local\Popcorn Time\node_modules\chromecast-js d------ [23:48 14/05/2015]
K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access d------ [23:41 22/07/2014]
K:\Users\mipstien\Documents\iMacros\Macros\Demo-Chrome d------ [04:30 24/04/2013]
K:\Users\Public\Sony Online Entertainment\Installed Games\EverQuest\Mozilla\chrome d------ [02:26 04/05/2013]
K:\Users\Public\Sony Online Entertainment\Installed Games\EverQuest II\chrome d------ [13:09 20/12/2014]
K:\Users\Public\Sony Online Entertainment\Installed Games\EverQuest II\mozilla\chrome d------ [03:54 18/05/2013]

========== regfind ==========

Searching for "chrome"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft\DeploymentProperties]
"deployment.browser.path"="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[HKEY_CURRENT_USER\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}]
"ap"="-dev-multi-chrome"
[HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"ap"="2.0-dev-multi-chrome"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5163BFB1001407D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5163BFB1001407D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51F05C5F000CE9D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE51F05C5F000CE9D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE520D74A1000CA7D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE520D74A1000CA7D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5218CE75000CA7D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5218CE75000CA7D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5224D150000CA7D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5224D150000CA7D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5237A3C2000CA7D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE5237A3C2000CA7D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE524CDEDB000CE3D0]
[HKEY_CURRENT_USER\Software\Microsoft\DirectInput\CHROME.EXE524CDEDB000CE3D0]
"Name"="CHROME.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IEDevTools\Options\UAString]
"Chrome"="Mozilla/5.0 (Windows NT 6.2) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.52 Safari/536.5"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apk\OpenWithList]
"b"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dmp\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\OpenWithList]
"c"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
"c"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msl\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.obb\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\OpenWithList]
"b"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithList]
"b"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\OpenWithList]
"d"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithList]
"a"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithList]
"c"="chrome.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"Inno Setup: App Path"="K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"InstallLocation"="K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access\"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"Inno Setup: Icon Group"="iMacros for Chrome File Access"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"DisplayName"="iMacros for Chrome File Access 1.0.0.805"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"UninstallString"=""K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access\unins000.exe""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"QuietUninstallString"=""K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access\unins000.exe" /SILENT"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"Progid"="ChromeHTML"
[HKEY_CURRENT_USER\Software\Mumble\Mumble\overlay]
"blacklist"="iexplore.exe ieuser.exe vlc.exe crimecraft.exe dbgview.exe opera.exe chrome.exe acrord32.exe explorer.exe wmpnscfg.exe firefox.exe thunderbird.exe instantbird.exe wlmail.exe msnmsgr.exe MovieMaker.exe WLXPhotoGallery.exe psi.exe Photoshop.exe blender.exe googleearth.exe XBMC.exe BOXEE.exe hammer.exe hlmv.exe hlfaceposer.exe LoLLauncher.exe acrobat.exe Steam.exe RzSynapse.exe IpOverUsbSvc.exe"
[HKEY_CURRENT_USER\Software\WinRAR\ArcHistory]
"3"="J:\Chrome Downloads\3DRT 432.rar"
[HKEY_CURRENT_USER\Software\Classes\ftp\DefaultIcon]
@="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe,0"
[HKEY_CURRENT_USER\Software\Classes\http\DefaultIcon]
@="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe,0"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"K:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"J:\Chrome Downloads\dvdflick_setup_1.3.0.7.exe"="DVD Flick Setup                                             "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"K:\Users\mipstien\Downloads\ChromeSetup.exe"="Google Update Setup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\53413C02A0A20854EBB8CA60CF42C35A\SourceList]
"LastUsedSource"="n;1;J:\Chrome Downloads\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\53413C02A0A20854EBB8CA60CF42C35A\SourceList\Net]
"1"="J:\Chrome Downloads\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}]
"ap"="-dev-multi-chrome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}]
"ap"="2.0-dev-multi-chrome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\IEDevTools\Options\UAString]
"Chrome"="Mozilla/5.0 (Windows NT 6.2) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.52 Safari/536.5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\chrome.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53413C02A0A20854EBB8CA60CF42C35A\InstallProperties]
"InstallSource"="J:\Chrome Downloads\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20c31435-2a0a-4580-be8b-ac06fc243ca5}]
"InstallSource"="J:\Chrome Downloads\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update]
"LastInstallerSuccessLaunchCmdLine"=""K:\Program Files (x86)\Google\Chrome\Application\chrome.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}]
"UninstallString"="K:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\setup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}]
"InstallerSuccessLaunchCmdLine"=""K:\Program Files (x86)\Google\Chrome\Application\chrome.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}]
"ap"="2.0-dev-multi-chrome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}]
"UninstallString"="K:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\setup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}]
"UninstallArguments"=" --uninstall --multi-install --chrome --system-level --verbose-logging"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}]
"LastInstallerSuccessLaunchCmdLine"=""K:\Program Files (x86)\Google\Chrome\Application\chrome.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NVIDIA Corporation\Global\Stereo3D\GameConfigs\Chrome]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment]
"Path"="%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;K:\Program Files (x86)\Google\Chrome\Application;K:\ProgramData\Oracle\Java\javapath;K:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;K:\Windows\System32\WindowsPowerShell\v1.0;K:\Program Files (x86)\Skype\Phone;K:\adb"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Session Manager\Environment]
"Path"="%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;K:\Program Files (x86)\Google\Chrome\Application;K:\ProgramData\Oracle\Java\javapath;K:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;K:\Windows\System32\WindowsPowerShell\v1.0;K:\Program Files (x86)\Skype\Phone;K:\adb"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"Path"="%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;K:\Program Files (x86)\Google\Chrome\Application;K:\ProgramData\Oracle\Java\javapath;K:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;K:\Windows\System32\WindowsPowerShell\v1.0;K:\Program Files (x86)\Skype\Phone;K:\adb"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\AppDataLow\Software\JavaSoft\DeploymentProperties]
"deployment.browser.path"="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}]
"ap"="-dev-multi-chrome"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"ap"="2.0-dev-multi-chrome"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5163BFB1001407D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5163BFB1001407D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE51D39520000CE9D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE51E03646000CE9D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE51F05C5F000CE9D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE51F05C5F000CE9D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE520D74A1000CA7D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE520D74A1000CA7D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5218CE75000CA7D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5218CE75000CA7D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5224D150000CA7D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5224D150000CA7D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5237A3C2000CA7D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE5237A3C2000CA7D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE524CDEDB000CE3D0]
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\DirectInput\CHROME.EXE524CDEDB000CE3D0]
"Name"="CHROME.EXE"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Internet Explorer\IEDevTools\Options\UAString]
"Chrome"="Mozilla/5.0 (Windows NT 6.2) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.52 Safari/536.5"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apk\OpenWithList]
"b"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dmp\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\OpenWithList]
"c"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
"c"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msl\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.obb\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\OpenWithList]
"b"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithList]
"b"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\OpenWithList]
"d"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithList]
"a"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithList]
"c"="chrome.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"Inno Setup: App Path"="K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"InstallLocation"="K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access\"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"Inno Setup: Icon Group"="iMacros for Chrome File Access"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"DisplayName"="iMacros for Chrome File Access 1.0.0.805"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"UninstallString"=""K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access\unins000.exe""
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97ABEAC7-C6E1-46F1-957B-F395EA4662B5}_is1]
"QuietUninstallString"=""K:\Users\mipstien\AppData\Local\Programs\iMacros for Chrome File Access\unins000.exe" /SILENT"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"Progid"="ChromeHTML"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Mumble\Mumble\overlay]
"blacklist"="iexplore.exe ieuser.exe vlc.exe crimecraft.exe dbgview.exe opera.exe chrome.exe acrord32.exe explorer.exe wmpnscfg.exe firefox.exe thunderbird.exe instantbird.exe wlmail.exe msnmsgr.exe MovieMaker.exe WLXPhotoGallery.exe psi.exe Photoshop.exe blender.exe googleearth.exe XBMC.exe BOXEE.exe hammer.exe hlmv.exe hlfaceposer.exe LoLLauncher.exe acrobat.exe Steam.exe RzSynapse.exe IpOverUsbSvc.exe"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\WinRAR\ArcHistory]
"3"="J:\Chrome Downloads\3DRT 432.rar"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Classes\ftp\DefaultIcon]
@="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe,0"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Classes\http\DefaultIcon]
@="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe,0"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"K:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"J:\Chrome Downloads\dvdflick_setup_1.3.0.7.exe"="DVD Flick Setup                                             "
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"K:\Users\mipstien\Downloads\ChromeSetup.exe"="Google Update Setup"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000_Classes\ftp\DefaultIcon]
@="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe,0"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000_Classes\http\DefaultIcon]
@="K:\Program Files (x86)\Google\Chrome\Application\chrome.exe,0"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"K:\Program Files (x86)\Google\Chrome\Application\chrome.exe"="Google Chrome"
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"J:\Chrome Downloads\dvdflick_setup_1.3.0.7.exe"="DVD Flick Setup                                             "
[HKEY_USERS\S-1-5-21-4175700417-2625130506-3875332652-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"K:\Users\mipstien\Downloads\ChromeSetup.exe"="Google Update Setup"

-= EOF =-






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users