Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lots of pop ups, redirects, and adware links on websites [Solved]

Started by Louie C , May 13 2015 10:34 AM

  • This topic is locked This topic is locked

#1
Louie C
Posted 13 May 2015 - 10:34 AM

Louie C

    Member

  • Member
  • PipPip
  • 14 posts
 

Hello! My computer is loaded with adware. There are lots of pop ups, I get redirected whenever I open a new tab, or click on a link within a site, and there are tons of ad links on every site I visit. I went through and manually removed any programs that I thought would be the culprit, but the problems still persitst. I also believe it is keeping me from posting on this site because I have tried numerous times, and I keep getting a fatal error which states that there is something wrong with your servers, but yet I see recent posts from other users. Thank you so much in advance.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Jamie_2 (administrator) on PC on 13-05-2015 02:49:09
Running from C:\Users\Jamie_2\Desktop
Loaded Profiles: Jamie_2 (Available profiles: Jamie & Connor & Jamie_2 & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\pcreg\pcreg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Buca Apps) C:\Program Files (x86)\HD4Good\2868b340-25ee-450f-8a02-203abb110ea5-1-6.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Buca Apps) C:\Program Files (x86)\HD4Good\2868b340-25ee-450f-8a02-203abb110ea5-64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Pokki) C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Pokki) C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppService.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Pokki) C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Pokki) C:\Users\Jamie_2\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Recovery Management\Notification\Notification.exe
() C:\Program Files (x86)\Number Ascend\bin\utilNumberAscend.exe
() C:\Program Files (x86)\Number Ascend\bin\NumberAscend.expext.exe
() C:\Program Files (x86)\Number Ascend\updateNumberAscend.exe
() C:\Program Files (x86)\Number Ascend\bin\NumberAscend.PurBrowse64.exe
() C:\Program Files (x86)\Number Ascend\bin\NumberAscend.BrowserAdapter.exe
() C:\Program Files (x86)\Number Ascend\bin\NumberAscend.BrowserAdapter64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.24-delta.exe
(Microsoft Corporation) C:\2f9ad60fc6e595eadf68f96cd1dae4ff\mrtstub.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated)
HKLM-x32\...\Run: [ospd_us_64] => [X]
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-09] (Avast Software s.r.o.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-06] (Acer)
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-13] (Valve Corporation)
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #0] => C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppService.exe [7853056 2015-05-05] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-05-12]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Jamie_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-05-12]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{b3d2ff90-f737-7b6d-b3d2-2ff90f73fe43}\hqghumeaylnlf.exe (PC Utilities Software Limited)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...&D=051215&SSPV=
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {07930CDF-D307-11E4-829E-40F02F6F3BE6} URL = http://us.yhs4.searc...5_14&os=Windows 8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {2885A96B-EBC2-47AB-AEBC-A2129EE460D9} URL =
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {6218AA4E-F6A4-11E4-82A8-40F02F6F3BE6} URL = http://search.homepa...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = http://search.homepa...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-09] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-09] (Avast Software s.r.o.)
BHO-x32: Number Ascend 1.0.0.7 -> {a9b18713-5e57-49f4-9c54-51ba9ce5b104} -> C:\Program Files (x86)\Number Ascend\NumberAscendbho.dll [2015-05-08] (Number Ascend)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0EB6E4AE-2B50-40E3-B121-E216199632CF}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{1CE6E3AA-E5A9-4511-B401-133D18BE5FC4}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{6724111F-1704-44C9-BD62-18FDEC078630}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{76141382-406D-420C-8269-8B0E29743EDF}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 208.69.150.252,208.69.150.250
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.c...?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.c...?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-05-12] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-05-12] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-02] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2015-03-03] ()
FF Plugin HKU\S-1-5-21-3151930542-3110385303-2721579357-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jamie_2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\user.js [2015-05-12]
FF SearchPlugin: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\searchplugins\ask-search.xml [2015-03-31]
FF SearchPlugin: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\searchplugins\google-avast.xml [2015-05-09]
FF SearchPlugin: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\searchplugins\search-provided-by-yahoo.xml [2015-04-05]
FF SearchPlugin: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\searchplugins\Web Search.xml [2015-05-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml [2014-05-07]
FF Extension: oofferrsaulea - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\[email protected] [2015-04-26]
FF Extension: HD4Good - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\f04aefc8-8ba0-4db5-9173-75513b63d276@1c0acb40-234c-4912-b8ce-35e3901228ad.com [2015-05-12]
FF Extension: cheap-o - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\[email protected] [2015-05-05]
FF Extension: Number Ascend 1.0.1 - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\{04eb7c5c-912f-482b-99bf-f44af9051646}.xpi [2015-05-12]
FF Extension: Adblock Plus - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2015-05-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-09]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_omxmedia_15_14&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0A0CyDtD0CyD0EtAzzzytN0D0Tzu0StCtCzytDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtB0A0EyByCyDtCtG0BtC0F0DtG0ByEtB0DtG0C0B0BtCtGyBzyyDtBzytA0ByB0AzytCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyE0FyB0D0B0C0DtG0CtB0CtAtGyE0E0F0FtGzzzytCyCtGyEyD0CyC0EyC0C0F0BtDtCtA2QtN0A0LzuyE%26cr%3D240621761%26a%3Dwny_omxmedia_15_14%26os%3DWindows 8.1
CHR StartupUrls: Default -> "hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_omxmedia_15_14&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0A0CyDtD0CyD0EtAzzzytN0D0Tzu0StCtCzytDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtB0A0EyByCyDtCtG0BtC0F0DtG0ByEtB0DtG0C0B0BtCtGyBzyyDtBzytA0ByB0AzytCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyE0FyB0D0B0C0DtG0CtB0CtAtGyE0E0F0FtGzzzytCyCtGyEyD0CyC0EyC0C0F0BtDtCtA2QtN0A0LzuyE%26cr%3D240621761%26a%3Dwny_omxmedia_15_14%26os%3DWindows 8.1", "hxxp://homepage-web.com/?s=acer&m=start"
CHR DefaultSearchKeyword: Default -> search provided by yahoo.com
CHR DefaultSearchURL: Default -> http://us.yhs4.searc...5_14&os=Windows 8.1&p={searchTerms}
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-02]
CHR Extension: (Google Drive) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-02]
CHR Extension: (YouTube) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-02]
CHR Extension: (Google Search) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-02]
CHR Extension: (Avast Online Security) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-30]
CHR Extension: (Norton Security Toolbar) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-03-03]
CHR Extension: (Faster Chrome Pro) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfebkjhppaffifdkonhpmgeijcjleln [2015-04-26]
CHR Extension: (Google Wallet) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-05]
CHR Extension: (Gmail) - C:\Users\Jamie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-02]
CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows ® Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-05] (Acer Incorporated)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-05] (Comodo Security Solutions, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-05-06] (WildTangent)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-12] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-12] (globalUpdate) [File not signed] <==== ATTENTION
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4362056 2014-11-18] (Symantec Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 Update Number Ascend; C:\Program Files (x86)\Number Ascend\updateNumberAscend.exe [657656 2015-05-13] ()
R2 Util Number Ascend; C:\Program Files (x86)\Number Ascend\bin\utilNumberAscend.exe [657656 2015-05-13] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-09] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-11] (Qualcomm Atheros Communications, Inc.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows ® Win 7 DDK provider)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-03-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-03-30] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20150331.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-24] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R1 {04eb7c5c-912f-482b-99bf-f44af9051646}w64; C:\Windows\System32\drivers\{04eb7c5c-912f-482b-99bf-f44af9051646}w64.sys [48784 2015-05-12] (StdLib)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
R1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140507.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140507.008\EX64.SYS [X]
S3 PQAWRwa; \??\C:\Windows\SysWOW64\PQAWDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 02:49 - 2015-05-13 02:50 - 00032012 _____ () C:\Users\Jamie_2\Desktop\FRST.txt
2015-05-13 02:46 - 2015-05-13 02:47 - 02102784 _____ (Farbar) C:\Users\Jamie_2\Desktop\FRST64.exe
2015-05-13 02:39 - 2015-05-13 02:39 - 00000000 ____D () C:\2f9ad60fc6e595eadf68f96cd1dae4ff
2015-05-13 02:31 - 2015-05-13 02:31 - 02102784 _____ (Farbar) C:\Users\Jamie_2\Downloads\FRST64(1).exe
2015-05-13 02:24 - 2015-05-13 02:49 - 00000000 ____D () C:\FRST
2015-05-13 02:15 - 2015-05-13 02:15 - 02102784 _____ (Farbar) C:\Users\Jamie_2\Downloads\FRST64.exe
2015-05-13 00:58 - 2015-05-13 00:58 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-05-13 00:58 - 2015-05-13 00:58 - 00002031 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-05-12 16:41 - 2015-05-12 16:41 - 00001972 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-05-12 13:36 - 2015-05-12 13:36 - 00000000 ____D () C:\ProgramData\a44ab4100001cfa
2015-05-12 13:34 - 2015-05-12 03:38 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{04eb7c5c-912f-482b-99bf-f44af9051646}w64.sys
2015-05-12 13:33 - 2015-05-13 02:33 - 00003120 _____ () C:\Windows\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-1-6.job
2015-05-12 13:33 - 2015-05-13 01:33 - 00004476 _____ () C:\Windows\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-4.job
2015-05-12 13:33 - 2015-05-13 01:33 - 00003120 _____ () C:\Windows\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-1-7.job
2015-05-12 13:33 - 2015-05-13 01:33 - 00002428 _____ () C:\Windows\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-5_user.job
2015-05-12 13:33 - 2015-05-13 01:33 - 00002428 _____ () C:\Windows\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-5.job
2015-05-12 13:33 - 2015-05-12 13:33 - 00007480 _____ () C:\Windows\System32\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-4
2015-05-12 13:33 - 2015-05-12 13:33 - 00006124 _____ () C:\Windows\System32\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-1-7
2015-05-12 13:33 - 2015-05-12 13:33 - 00006124 _____ () C:\Windows\System32\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-1-6
2015-05-12 13:33 - 2015-05-12 13:33 - 00005432 _____ () C:\Windows\System32\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-5
2015-05-12 13:32 - 2015-05-13 02:49 - 00001028 _____ () C:\Windows\Tasks\lxMvF9jipq0mLqpucQERi.job
2015-05-12 13:32 - 2015-05-13 02:35 - 00000000 ____D () C:\Program Files (x86)\Number Ascend
2015-05-12 13:32 - 2015-05-13 02:32 - 00005500 _____ () C:\Windows\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-6.job
2015-05-12 13:32 - 2015-05-13 02:17 - 00001030 _____ () C:\Windows\Tasks\vXjFpdL4GLquYxcKEvoh3K.job
2015-05-12 13:32 - 2015-05-13 01:32 - 00005164 _____ () C:\Windows\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-7.job
2015-05-12 13:32 - 2015-05-12 13:33 - 00000000 ____D () C:\Program Files (x86)\HD4Good
2015-05-12 13:32 - 2015-05-12 13:33 - 00000000 ____D () C:\Program Files (x86)\1fa6a620-7db9-47a0-aaeb-52097ddd57ea
2015-05-12 13:32 - 2015-05-12 13:32 - 00008504 _____ () C:\Windows\System32\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-6
2015-05-12 13:32 - 2015-05-12 13:32 - 00008168 _____ () C:\Windows\System32\Tasks\2868b340-25ee-450f-8a02-203abb110ea5-7
2015-05-12 13:32 - 2015-05-12 13:32 - 00004030 _____ () C:\Windows\System32\Tasks\vXjFpdL4GLquYxcKEvoh3K
2015-05-12 13:32 - 2015-05-12 13:32 - 00004028 _____ () C:\Windows\System32\Tasks\lxMvF9jipq0mLqpucQERi
2015-05-12 13:32 - 2015-05-12 13:32 - 00002036 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2015-05-12 13:32 - 2015-05-12 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-05-12 13:32 - 2015-05-12 13:32 - 00000000 ____D () C:\ProgramData\COMODO
2015-05-12 13:32 - 2015-05-12 13:32 - 00000000 ____D () C:\Program Files\COMODO
2015-05-12 13:31 - 2015-05-13 01:37 - 00000936 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-12 13:31 - 2015-05-13 00:52 - 00000932 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-12 13:31 - 2015-05-12 13:32 - 00003908 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-05-12 13:31 - 2015-05-12 13:32 - 00003672 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\Jamie_2\Documents\Optimizer Pro
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Crossbrowse
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\Crossbrowse
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\Connor\AppData\Local\Crossbrowse
2015-05-12 13:30 - 2015-05-12 13:36 - 00003976 _____ () C:\Windows\System32\Tasks\LaunchPreSignup
2015-05-12 13:30 - 2015-05-12 13:30 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\globalUpdate
2015-05-12 13:29 - 2015-05-12 13:29 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-05-12 13:28 - 2015-05-13 00:53 - 00000000 ____D () C:\ProgramData\{b3d2ff90-f737-7b6d-b3d2-2ff90f73fe43}
2015-05-12 13:28 - 2015-05-12 13:28 - 00000000 ____D () C:\Program Files\Common Files\PastaLeads
2015-05-12 13:26 - 2015-05-12 13:26 - 00000000 ____D () C:\Users\Jamie_2\Documents\Java
2015-05-12 13:25 - 2015-05-12 13:25 - 00274968 _____ () C:\Users\Jamie_2\Downloads\setup.exe
2015-05-09 16:29 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\Dropbox
2015-05-09 16:19 - 2015-05-09 16:19 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\AVAST Software
2015-05-09 16:16 - 2015-05-09 16:16 - 00001945 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-09 16:16 - 2015-05-09 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-09 16:15 - 2015-05-09 16:15 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-09 16:14 - 2015-05-09 16:14 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-09 16:14 - 2015-05-09 16:14 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-09 16:14 - 2015-05-09 16:14 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-09 16:13 - 2015-05-09 16:13 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-09 16:12 - 2015-05-09 16:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-09 16:01 - 2015-05-09 16:10 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Jamie_2\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-05-06 20:46 - 2015-05-06 20:46 - 00796072 _____ (Program ) C:\Users\Jamie_2\Downloads\adobe_flash_setup (1).exe
2015-05-06 18:01 - 2015-05-06 18:01 - 00000000 ____D () C:\ProgramData\PopCap Games
2015-05-06 17:38 - 2015-05-06 17:59 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\Magic Academy
2015-05-05 17:44 - 2015-05-05 17:44 - 00000079 _____ () C:\Program Files (x86)\prefs.js
2015-05-02 12:13 - 2015-05-02 12:13 - 00969584 _____ (ROBLOX Corporation) C:\Users\Jamie_2\Downloads\RobloxPlayerLauncher (1).exe
2015-04-30 10:32 - 2015-04-30 10:32 - 00003206 _____ () C:\Windows\System32\Tasks\{823E1466-B77B-428D-9F59-CCE8898088E0}
2015-04-30 10:22 - 2015-04-30 10:23 - 00262364 _____ () C:\Users\Jamie_2\Downloads\Kano - I'm Ready.mp3.part
2015-04-29 10:18 - 2015-04-29 10:18 - 00000000 ____D () C:\Users\Jamie_2\Downloads\The Best Strawberry Cake Ever- _ Oh So Shabby By Debbie_files
2015-04-26 04:57 - 2015-05-01 01:49 - 00000000 ____D () C:\ProgramData\17768443503573303556
2015-04-25 23:02 - 2015-05-12 08:55 - 00000020 _____ () C:\Users\Jamie_2\AppData\Roaming\appdataFr3.bin
2015-04-25 20:57 - 2015-04-25 20:57 - 00000000 ____D () C:\ProgramData\shopshop
2015-04-25 20:37 - 2015-05-09 16:41 - 00000000 ____D () C:\Program Files (x86)\TrimModule
2015-04-24 00:21 - 2014-10-29 00:03 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-24 00:21 - 2014-10-28 23:59 - 00014144 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2015-04-24 00:21 - 2014-10-28 22:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-24 00:21 - 2014-10-28 22:22 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-24 00:21 - 2014-10-28 22:19 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-24 00:21 - 2014-10-28 22:08 - 18822656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-04-24 00:21 - 2014-10-28 22:00 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-24 00:21 - 2014-10-28 21:45 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-24 00:21 - 2014-10-28 21:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-24 00:21 - 2014-10-28 21:33 - 15157760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-04-24 00:21 - 2014-10-28 21:17 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-04-24 00:21 - 2014-10-28 21:10 - 02344960 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-24 00:21 - 2014-10-28 20:52 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-24 00:21 - 2014-10-28 20:51 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-24 00:21 - 2014-10-28 20:45 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-24 00:20 - 2014-10-29 00:00 - 02314952 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-04-24 00:20 - 2014-10-29 00:00 - 02229168 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-04-24 00:20 - 2014-10-28 23:59 - 03460472 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-04-24 00:20 - 2014-10-28 23:59 - 02529856 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-24 00:20 - 2014-10-28 23:57 - 03138720 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-04-24 00:20 - 2014-10-28 23:57 - 03118096 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-04-24 00:20 - 2014-10-28 23:57 - 01286048 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-04-24 00:20 - 2014-10-28 23:55 - 02174976 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2015-04-24 00:20 - 2014-10-28 23:52 - 02334080 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-04-24 00:20 - 2014-10-28 23:13 - 01901240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-04-24 00:20 - 2014-10-28 23:11 - 02689392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2015-04-24 00:20 - 2014-10-28 23:07 - 02324208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-04-24 00:20 - 2014-10-28 22:59 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-04-24 00:20 - 2014-10-28 22:29 - 04483072 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2015-04-24 00:20 - 2014-10-28 22:24 - 04418560 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-04-24 00:20 - 2014-10-28 22:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-04-24 00:20 - 2014-10-28 21:56 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2015-04-24 00:20 - 2014-10-28 21:51 - 00941056 _____ (Microsoft Corporation) C:\Windows\system32\XpsFilt.dll
2015-04-24 00:20 - 2014-10-28 21:45 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\rdpinput.exe
2015-04-24 00:20 - 2014-10-28 21:44 - 02984448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-04-24 00:20 - 2014-10-28 21:43 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2015-04-24 00:20 - 2014-10-28 21:40 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2015-04-24 00:20 - 2014-10-28 21:39 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-04-24 00:20 - 2014-10-28 21:38 - 04690432 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2015-04-24 00:20 - 2014-10-28 21:35 - 04709888 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-24 00:20 - 2014-10-28 21:35 - 03256320 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-04-24 00:20 - 2014-10-28 21:28 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-04-24 00:20 - 2014-10-28 21:26 - 03561984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2015-04-24 00:20 - 2014-10-28 21:24 - 02464768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-24 00:20 - 2014-10-28 21:22 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-04-24 00:20 - 2014-10-28 21:16 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2015-04-24 00:20 - 2014-10-28 21:12 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-04-24 00:20 - 2014-10-28 21:08 - 02608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-24 00:20 - 2014-10-28 21:08 - 02542080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-04-24 00:20 - 2014-10-28 21:05 - 03273216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-04-24 00:20 - 2014-10-28 21:03 - 04067840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-04-24 00:20 - 2014-10-28 21:02 - 14354944 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-04-24 00:20 - 2014-10-28 20:54 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-04-24 00:20 - 2014-10-28 20:52 - 02554880 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-04-24 00:20 - 2014-10-28 20:50 - 12749824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-04-24 00:20 - 2014-10-28 20:48 - 03056128 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2015-04-24 00:20 - 2014-10-28 20:46 - 09530368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-04-24 00:20 - 2014-10-28 20:46 - 01919488 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-04-24 00:20 - 2014-10-28 20:43 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-04-24 00:20 - 2014-10-28 20:42 - 01922560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-04-24 00:20 - 2014-10-28 20:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-04-24 00:20 - 2014-10-28 20:38 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-24 00:20 - 2014-10-28 20:37 - 06386176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-04-24 00:20 - 2014-10-28 20:33 - 06213632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-24 00:20 - 2014-10-07 02:45 - 03307112 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-24 00:20 - 2014-10-06 23:44 - 02890296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-04-24 00:19 - 2014-10-29 00:10 - 01816008 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2015-04-24 00:19 - 2014-10-28 23:58 - 00014528 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2015-04-24 00:19 - 2014-10-28 23:57 - 02745160 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-04-24 00:19 - 2014-10-28 23:57 - 02450216 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2015-04-24 00:19 - 2014-10-28 23:55 - 01660528 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-04-24 00:19 - 2014-10-28 23:55 - 01543768 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2015-04-24 00:19 - 2014-10-28 23:52 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-24 00:19 - 2014-10-28 23:52 - 01518504 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-04-24 00:19 - 2014-10-28 23:52 - 01509688 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-04-24 00:19 - 2014-10-28 23:52 - 01288096 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2015-04-24 00:19 - 2014-10-28 23:52 - 01165744 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-04-24 00:19 - 2014-10-28 23:52 - 01064720 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-24 00:19 - 2014-10-28 23:52 - 00988544 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2015-04-24 00:19 - 2014-10-28 23:52 - 00952384 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-04-24 00:19 - 2014-10-28 23:51 - 01310912 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-24 00:19 - 2014-10-28 23:12 - 01946144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-04-24 00:19 - 2014-10-28 23:12 - 01907384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-04-24 00:19 - 2014-10-28 23:11 - 02528760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-04-24 00:19 - 2014-10-28 23:11 - 02447104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2015-04-24 00:19 - 2014-10-28 23:11 - 01024200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-04-24 00:19 - 2014-10-28 23:10 - 01564464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2015-04-24 00:19 - 2014-10-28 23:10 - 01209624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-04-24 00:19 - 2014-10-28 23:07 - 01321192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-04-24 00:19 - 2014-10-28 23:07 - 01115104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2015-04-24 00:19 - 2014-10-28 23:07 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-04-24 00:19 - 2014-10-28 22:28 - 01502208 _____ (Microsoft Corporation) C:\Windows\system32\xpssvcs.dll
2015-04-24 00:19 - 2014-10-28 22:25 - 00785920 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-24 00:19 - 2014-10-28 22:17 - 02003456 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2015-04-24 00:19 - 2014-10-28 22:08 - 01540096 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2015-04-24 00:19 - 2014-10-28 22:00 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-04-24 00:19 - 2014-10-28 21:57 - 02924032 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2015-04-24 00:19 - 2014-10-28 21:55 - 01697280 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-24 00:19 - 2014-10-28 21:48 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-04-24 00:19 - 2014-10-28 21:47 - 02072064 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2015-04-24 00:19 - 2014-10-28 21:42 - 01999872 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-24 00:19 - 2014-10-28 21:31 - 02941952 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-04-24 00:19 - 2014-10-28 21:24 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2015-04-24 00:19 - 2014-10-28 21:23 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-24 00:19 - 2014-10-28 21:22 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2015-04-24 00:19 - 2014-10-28 21:22 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-24 00:19 - 2014-10-28 21:21 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-04-24 00:19 - 2014-10-28 21:18 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-04-24 00:19 - 2014-10-28 21:17 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-04-24 00:19 - 2014-10-28 21:14 - 03553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2015-04-24 00:19 - 2014-10-28 21:11 - 01639424 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-04-24 00:19 - 2014-10-28 21:10 - 02469888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-04-24 00:19 - 2014-10-28 21:08 - 02174976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-04-24 00:19 - 2014-10-28 21:08 - 01822720 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2015-04-24 00:19 - 2014-10-28 21:08 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-24 00:19 - 2014-10-28 21:04 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-04-24 00:19 - 2014-10-28 21:03 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2015-04-24 00:19 - 2014-10-28 21:03 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-04-24 00:19 - 2014-10-28 21:00 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-04-24 00:19 - 2014-10-28 20:59 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-04-24 00:19 - 2014-10-28 20:56 - 01337344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-04-24 00:19 - 2014-10-28 20:56 - 01028608 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-04-24 00:19 - 2014-10-28 20:52 - 02170368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-24 00:19 - 2014-10-28 20:52 - 01461248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2015-04-24 00:19 - 2014-10-28 20:52 - 01275904 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-04-24 00:19 - 2014-10-28 20:50 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2015-04-24 00:19 - 2014-10-28 20:50 - 01482752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-04-24 00:19 - 2014-10-28 20:47 - 02090496 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-04-24 00:19 - 2014-10-28 20:46 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-04-24 00:19 - 2014-10-28 20:45 - 01725952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-04-24 00:19 - 2014-10-28 20:42 - 01221120 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-04-24 00:19 - 2014-10-28 20:41 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-04-24 00:19 - 2014-10-28 20:41 - 01317376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2015-04-24 00:19 - 2014-10-28 20:40 - 02104832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2015-04-24 00:19 - 2014-10-28 20:39 - 01000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-04-24 00:19 - 2014-10-28 20:35 - 01668096 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-04-24 00:19 - 2014-10-28 20:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-04-24 00:19 - 2014-10-15 04:32 - 02025792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-24 00:19 - 2014-09-24 23:42 - 00373568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-24 00:18 - 2014-10-29 00:09 - 01950280 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-04-24 00:18 - 2014-10-29 00:04 - 00105872 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-04-24 00:18 - 2014-10-29 00:00 - 01540696 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-04-24 00:18 - 2014-10-29 00:00 - 01385216 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-24 00:18 - 2014-10-28 23:57 - 01576312 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-04-24 00:18 - 2014-10-28 23:57 - 01210176 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2015-04-24 00:18 - 2014-10-28 23:55 - 01133200 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-24 00:18 - 2014-10-28 23:52 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-24 00:18 - 2014-10-28 23:52 - 00850656 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2015-04-24 00:18 - 2014-10-28 23:52 - 00821696 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-04-24 00:18 - 2014-10-28 23:52 - 00734448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-24 00:18 - 2014-10-28 23:52 - 00634768 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-24 00:18 - 2014-10-28 23:52 - 00580024 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2015-04-24 00:18 - 2014-10-28 23:18 - 01782912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2015-04-24 00:18 - 2014-10-28 23:18 - 00848568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2015-04-24 00:18 - 2014-10-28 23:18 - 00016504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psapi.dll
2015-04-24 00:18 - 2014-10-28 23:11 - 01037656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2015-04-24 00:18 - 2014-10-28 23:10 - 01287112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-04-24 00:18 - 2014-10-28 23:10 - 01178104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00857384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00785568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00705008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00700328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00584120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00551064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-24 00:18 - 2014-10-28 23:07 - 00482360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2015-04-24 00:18 - 2014-10-28 23:05 - 00890128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-24 00:18 - 2014-10-28 22:56 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2015-04-24 00:18 - 2014-10-28 22:50 - 01192960 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-04-24 00:18 - 2014-10-28 22:43 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-04-24 00:18 - 2014-10-28 22:31 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\sqlceqp40.dll
2015-04-24 00:18 - 2014-10-28 22:29 - 01246720 _____ (Microsoft Corporation) C:\Windows\system32\ogldrv.dll
2015-04-24 00:18 - 2014-10-28 22:26 - 00771584 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2015-04-24 00:18 - 2014-10-28 22:07 - 06692352 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2015-04-24 00:18 - 2014-10-28 22:03 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-24 00:18 - 2014-10-28 21:56 - 01526784 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2015-04-24 00:18 - 2014-10-28 21:56 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-04-24 00:18 - 2014-10-28 21:53 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-24 00:18 - 2014-10-28 21:53 - 01065984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8.dll
2015-04-24 00:18 - 2014-10-28 21:53 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2015-04-24 00:18 - 2014-10-28 21:50 - 01289216 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-04-24 00:18 - 2014-10-28 21:49 - 00742400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceqp40.dll
2015-04-24 00:18 - 2014-10-28 21:47 - 01096192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ogldrv.dll
2015-04-24 00:18 - 2014-10-28 21:46 - 01497600 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-04-24 00:18 - 2014-10-28 21:45 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-04-24 00:18 - 2014-10-28 21:45 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-24 00:18 - 2014-10-28 21:43 - 01092608 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-04-24 00:18 - 2014-10-28 21:43 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-04-24 00:18 - 2014-10-28 21:42 - 03724800 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2015-04-24 00:18 - 2014-10-28 21:39 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-04-24 00:18 - 2014-10-28 21:37 - 01563136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2015-04-24 00:18 - 2014-10-28 21:37 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-04-24 00:18 - 2014-10-28 21:34 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-24 00:18 - 2014-10-28 21:34 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-24 00:18 - 2014-10-28 21:33 - 01056768 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2015-04-24 00:18 - 2014-10-28 21:32 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2015-04-24 00:18 - 2014-10-28 21:32 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-04-24 00:18 - 2014-10-28 21:30 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-04-24 00:18 - 2014-10-28 21:25 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-04-24 00:18 - 2014-10-28 21:25 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2015-04-24 00:18 - 2014-10-28 21:24 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-04-24 00:18 - 2014-10-28 21:20 - 01492480 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-04-24 00:18 - 2014-10-28 21:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-04-24 00:18 - 2014-10-28 21:19 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2015-04-24 00:18 - 2014-10-28 21:18 - 01050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2015-04-24 00:18 - 2014-10-28 21:17 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2015-04-24 00:18 - 2014-10-28 21:17 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-04-24 00:18 - 2014-10-28 21:16 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-04-24 00:18 - 2014-10-28 21:14 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-04-24 00:18 - 2014-10-28 21:14 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-04-24 00:18 - 2014-10-28 21:14 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-04-24 00:18 - 2014-10-28 21:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2015-04-24 00:18 - 2014-10-28 21:10 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-24 00:18 - 2014-10-28 21:09 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-04-24 00:18 - 2014-10-28 21:09 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2015-04-24 00:18 - 2014-10-28 21:08 - 01478144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2015-04-24 00:18 - 2014-10-28 21:08 - 00881664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2015-04-24 00:18 - 2014-10-28 21:07 - 01396736 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-24 00:18 - 2014-10-28 21:07 - 01247232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2015-04-24 00:18 - 2014-10-28 21:07 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-24 00:18 - 2014-10-28 21:07 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-04-24 00:18 - 2014-10-28 21:06 - 00747520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2015-04-24 00:18 - 2014-10-28 21:03 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-04-24 00:18 - 2014-10-28 21:03 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-04-24 00:18 - 2014-10-28 21:01 - 01710592 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-04-24 00:18 - 2014-10-28 21:01 - 00843776 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-04-24 00:18 - 2014-10-28 20:59 - 01636864 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2015-04-24 00:18 - 2014-10-28 20:59 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-04-24 00:18 - 2014-10-28 20:59 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-04-24 00:18 - 2014-10-28 20:59 - 01021440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-04-24 00:18 - 2014-10-28 20:56 - 01248256 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2015-04-24 00:18 - 2014-10-28 20:56 - 01001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2015-04-24 00:18 - 2014-10-28 20:56 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-04-24 00:18 - 2014-10-28 20:56 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2015-04-24 00:18 - 2014-10-28 20:55 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-04-24 00:18 - 2014-10-28 20:54 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-04-24 00:18 - 2014-10-28 20:53 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-04-24 00:18 - 2014-10-28 20:52 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-04-24 00:18 - 2014-10-28 20:52 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-04-24 00:18 - 2014-10-28 20:52 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2015-04-24 00:18 - 2014-10-28 20:51 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2015-04-24 00:18 - 2014-10-28 20:48 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-04-24 00:18 - 2014-10-28 20:48 - 00949760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-04-24 00:18 - 2014-10-28 20:46 - 01265152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2015-04-24 00:18 - 2014-10-28 20:46 - 01015808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-04-24 00:18 - 2014-10-28 20:45 - 00918016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2015-04-24 00:18 - 2014-10-28 20:45 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-04-24 00:18 - 2014-10-28 20:42 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2015-04-24 00:18 - 2014-10-28 20:40 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-04-24 00:18 - 2014-10-28 20:38 - 01262080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-04-24 00:18 - 2014-10-28 20:37 - 00724480 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2015-04-24 00:18 - 2014-10-28 20:36 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-04-24 00:18 - 2014-10-28 20:36 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-04-24 00:18 - 2014-10-28 20:35 - 00772096 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2015-04-24 00:18 - 2014-10-28 20:33 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2015-04-24 00:18 - 2014-10-28 20:31 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2015-04-24 00:18 - 2014-07-04 17:29 - 00478528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-04-24 00:17 - 2014-10-29 00:09 - 01309744 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-24 00:17 - 2014-10-29 00:09 - 01239576 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2015-04-24 00:17 - 2014-10-29 00:03 - 00435008 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-24 00:17 - 2014-10-29 00:00 - 00740664 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-04-24 00:17 - 2014-10-29 00:00 - 00544408 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-04-24 00:17 - 2014-10-29 00:00 - 00379568 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2015-04-24 00:17 - 2014-10-28 23:57 - 01552704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-24 00:17 - 2014-10-28 23:57 - 01150208 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2015-04-24 00:17 - 2014-10-28 23:57 - 00643064 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-04-24 00:17 - 2014-10-28 23:57 - 00557832 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2015-04-24 00:17 - 2014-10-28 23:57 - 00389952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-04-24 00:17 - 2014-10-28 23:55 - 01063432 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2015-04-24 00:17 - 2014-10-28 23:55 - 00730824 _____ (Microsoft Corporation) C:\Windows\system32\clbcatq.dll
2015-04-24 00:17 - 2014-10-28 23:55 - 00426120 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2015-04-24 00:17 - 2014-10-28 23:54 - 00685408 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-24 00:17 - 2014-10-28 23:53 - 00411128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-04-24 00:17 - 2014-10-28 23:52 - 00497936 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-04-24 00:17 - 2014-10-28 23:52 - 00444728 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2015-04-24 00:17 - 2014-10-28 23:52 - 00405456 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-04-24 00:17 - 2014-10-28 23:52 - 00356936 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-04-24 00:17 - 2014-10-28 23:18 - 01103768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2015-04-24 00:17 - 2014-10-28 23:12 - 00616704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-04-24 00:17 - 2014-10-28 23:12 - 00430176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-04-24 00:17 - 2014-10-28 23:12 - 00403776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-04-24 00:17 - 2014-10-28 23:11 - 00914648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2015-04-24 00:17 - 2014-10-28 23:11 - 00492704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2015-04-24 00:17 - 2014-10-28 23:11 - 00488064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2015-04-24 00:17 - 2014-10-28 23:10 - 00569128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
2015-04-24 00:17 - 2014-10-28 23:10 - 00492232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-04-24 00:17 - 2014-10-28 23:07 - 00409040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-04-24 00:17 - 2014-10-28 23:07 - 00399752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-04-24 00:17 - 2014-10-28 23:07 - 00331048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2015-04-24 00:17 - 2014-10-28 23:06 - 00507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-04-24 00:17 - 2014-10-28 22:48 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2015-04-24 00:17 - 2014-10-28 22:48 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2015-04-24 00:17 - 2014-10-28 22:44 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-04-24 00:17 - 2014-10-28 22:42 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\opengl32.dll
2015-04-24 00:17 - 2014-10-28 22:40 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2015-04-24 00:17 - 2014-10-28 22:36 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese40.dll
2015-04-24 00:17 - 2014-10-28 22:33 - 07558144 _____ (Microsoft Corporation) C:\Windows\system32\NL7Data0011.dll
2015-04-24 00:17 - 2014-10-28 22:33 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2015-04-24 00:17 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\Windows\system32\MSWB70804.dll
2015-04-24 00:17 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\Windows\system32\MSWB70404.dll
2015-04-24 00:17 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\Windows\system32\MSWB7001E.dll
2015-04-24 00:17 - 2014-10-28 22:30 - 00734208 _____ (Microsoft Corporation) C:\Windows\system32\MSWB70011.dll
2015-04-24 00:17 - 2014-10-28 22:29 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2015-04-24 00:17 - 2014-10-28 22:27 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-04-24 00:17 - 2014-10-28 22:27 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-04-24 00:17 - 2014-10-28 22:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\SmartCardSimulator.dll
2015-04-24 00:17 - 2014-10-28 22:18 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2015-04-24 00:17 - 2014-10-28 22:11 - 01070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2015-04-24 00:17 - 2014-10-28 22:11 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll
2015-04-24 00:17 - 2014-10-28 22:09 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-04-24 00:17 - 2014-10-28 22:08 - 00858624 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2015-04-24 00:17 - 2014-10-28 22:08 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-24 00:17 - 2014-10-28 22:08 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2015-04-24 00:17 - 2014-10-28 22:08 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\difxapi.dll
2015-04-24 00:17 - 2014-10-28 22:07 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-04-24 00:17 - 2014-10-28 22:06 - 01313792 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-04-24 00:17 - 2014-10-28 22:06 - 00980480 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2015-04-24 00:17 - 2014-10-28 22:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2015-04-24 00:17 - 2014-10-28 22:05 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2015-04-24 00:17 - 2014-10-28 22:04 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2015-04-24 00:17 - 2014-10-28 22:03 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2015-04-24 00:17 - 2014-10-28 22:03 - 00832000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2015-04-24 00:17 - 2014-10-28 22:00 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-04-24 00:17 - 2014-10-28 21:59 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-04-24 00:17 - 2014-10-28 21:59 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2015-04-24 00:17 - 2014-10-28 21:59 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2015-04-24 00:17 - 2014-10-28 21:57 - 01479168 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2015-04-24 00:17 - 2014-10-28 21:57 - 01038336 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2015-04-24 00:17 - 2014-10-28 21:57 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll
2015-04-24 00:17 - 2014-10-28 21:56 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2015-04-24 00:17 - 2014-10-28 21:54 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-24 00:17 - 2014-10-28 21:54 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2015-04-24 00:17 - 2014-10-28 21:53 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-04-24 00:17 - 2014-10-28 21:53 - 00433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese40.dll
2015-04-24 00:17 - 2014-10-28 21:50 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2015-04-24 00:17 - 2014-10-28 21:49 - 02236416 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2015-04-24 00:17 - 2014-10-28 21:47 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpssvcs.dll
2015-04-24 00:17 - 2014-10-28 21:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2015-04-24 00:17 - 2014-10-28 21:46 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2015-04-24 00:17 - 2014-10-28 21:45 - 00672768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2015-04-24 00:17 - 2014-10-28 21:45 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-04-24 00:17 - 2014-10-28 21:42 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2015-04-24 00:17 - 2014-10-28 21:40 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-24 00:17 - 2014-10-28 21:39 - 01571328 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2015-04-24 00:17 - 2014-10-28 21:36 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-04-24 00:17 - 2014-10-28 21:36 - 01252864 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2015-04-24 00:17 - 2014-10-28 21:36 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-04-24 00:17 - 2014-10-28 21:36 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2015-04-24 00:17 - 2014-10-28 21:36 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-24 00:17 - 2014-10-28 21:36 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2015-04-24 00:17 - 2014-10-28 21:35 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-04-24 00:17 - 2014-10-28 21:32 - 00654848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comuid.dll
2015-04-24 00:17 - 2014-10-28 21:32 - 00512512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-04-24 00:17 - 2014-10-28 21:32 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2015-04-24 00:17 - 2014-10-28 21:31 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-04-24 00:17 - 2014-10-28 21:31 - 00761344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2015-04-24 00:17 - 2014-10-28 21:31 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-04-24 00:17 - 2014-10-28 21:30 - 06465536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2015-04-24 00:17 - 2014-10-28 21:30 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-04-24 00:17 - 2014-10-28 21:29 - 00833536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-04-24 00:17 - 2014-10-28 21:27 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-04-24 00:17 - 2014-10-28 21:26 - 00838656 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-04-24 00:17 - 2014-10-28 21:25 - 01058816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-04-24 00:17 - 2014-10-28 21:24 - 01335296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2015-04-24 00:17 - 2014-10-28 21:24 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2015-04-24 00:17 - 2014-10-28 21:24 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-04-24 00:17 - 2014-10-28 21:23 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-04-24 00:17 - 2014-10-28 21:22 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2015-04-24 00:17 - 2014-10-28 21:21 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-24 00:17 - 2014-10-28 21:21 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2015-04-24 00:17 - 2014-10-28 21:21 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-04-24 00:17 - 2014-10-28 21:20 - 00510464 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-04-24 00:17 - 2014-10-28 21:19 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-04-24 00:17 - 2014-10-28 21:19 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2015-04-24 00:17 - 2014-10-28 21:18 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2015-04-24 00:17 - 2014-10-28 21:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-24 00:17 - 2014-10-28 21:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-24 00:17 - 2014-10-28 21:16 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-04-24 00:17 - 2014-10-28 21:14 - 00854528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-04-24 00:17 - 2014-10-28 21:12 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-24 00:17 - 2014-10-28 21:12 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-04-24 00:17 - 2014-10-28 21:12 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-04-24 00:17 - 2014-10-28 21:12 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2015-04-24 00:17 - 2014-10-28 21:11 - 02597376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-04-24 00:17 - 2014-10-28 21:11 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-04-24 00:17 - 2014-10-28 21:10 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-24 00:17 - 2014-10-28 21:10 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-04-24 00:17 - 2014-10-28 21:09 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2015-04-24 00:17 - 2014-10-28 21:09 - 00809984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-04-24 00:17 - 2014-10-28 21:09 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-04-24 00:17 - 2014-10-28 21:09 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-04-24 00:17 - 2014-10-28 21:07 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-04-24 00:17 - 2014-10-28 21:07 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-04-24 00:17 - 2014-10-28 21:07 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-04-24 00:17 - 2014-10-28 21:06 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-04-24 00:17 - 2014-10-28 21:06 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-04-24 00:17 - 2014-10-28 21:05 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-04-24 00:17 - 2014-10-28 21:05 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-04-24 00:17 - 2014-10-28 21:04 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2015-04-24 00:17 - 2014-10-28 21:04 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-04-24 00:17 - 2014-10-28 21:03 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2015-04-24 00:17 - 2014-10-28 21:02 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-04-24 00:17 - 2014-10-28 21:02 - 00695296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2015-04-24 00:17 - 2014-10-28 21:01 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-24 00:17 - 2014-10-28 21:01 - 00706048 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-04-24 00:17 - 2014-10-28 21:01 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-24 00:17 - 2014-10-28 21:00 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-04-24 00:17 - 2014-10-28 21:00 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2015-04-24 00:17 - 2014-10-28 20:59 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2015-04-24 00:17 - 2014-10-28 20:59 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-04-24 00:17 - 2014-10-28 20:59 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2015-04-24 00:17 - 2014-10-28 20:58 - 00926208 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-04-24 00:17 - 2014-10-28 20:56 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-04-24 00:17 - 2014-10-28 20:56 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-04-24 00:17 - 2014-10-28 20:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2015-04-24 00:17 - 2014-10-28 20:54 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2015-04-24 00:17 - 2014-10-28 20:52 - 01054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-04-24 00:17 - 2014-10-28 20:52 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2015-04-24 00:17 - 2014-10-28 20:52 - 00827392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2015-04-24 00:17 - 2014-10-28 20:52 - 00555008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-04-24 00:17 - 2014-10-28 20:52 - 00544256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll
2015-04-24 00:17 - 2014-10-28 20:51 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2015-04-24 00:17 - 2014-10-28 20:51 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2015-04-24 00:17 - 2014-10-28 20:50 - 00589824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-04-24 00:17 - 2014-10-28 20:48 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-04-24 00:17 - 2014-10-28 20:48 - 00562688 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2015-04-24 00:17 - 2014-10-28 20:48 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2015-04-24 00:17 - 2014-10-28 20:47 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2015-04-24 00:17 - 2014-10-28 20:47 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2015-04-24 00:17 - 2014-10-28 20:47 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-04-24 00:17 - 2014-10-28 20:45 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2015-04-24 00:17 - 2014-10-28 20:45 - 00573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2015-04-24 00:17 - 2014-10-28 20:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-04-24 00:17 - 2014-10-28 20:44 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-04-24 00:17 - 2014-10-28 20:43 - 00720896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2015-04-24 00:17 - 2014-10-28 20:43 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-04-24 00:17 - 2014-10-28 20:42 - 01207808 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-04-24 00:17 - 2014-10-28 20:42 - 00654848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2015-04-24 00:17 - 2014-10-28 20:42 - 00608256 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-04-24 00:17 - 2014-10-28 20:42 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2015-04-24 00:17 - 2014-10-28 20:41 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-04-24 00:17 - 2014-10-28 20:39 - 00565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2015-04-24 00:17 - 2014-10-28 20:35 - 01085952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2015-04-24 00:17 - 2014-10-28 20:35 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2015-04-24 00:17 - 2014-10-28 20:35 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2015-04-24 00:17 - 2014-10-28 20:32 - 00515584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-04-24 00:17 - 2014-10-28 20:30 - 00602624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2015-04-24 00:17 - 2014-10-08 03:33 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-04-24 00:17 - 2014-10-07 02:44 - 00533824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-04-24 00:16 - 2014-10-29 00:10 - 00430728 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2015-04-24 00:16 - 2014-10-29 00:04 - 00397192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-04-24 00:16 - 2014-10-29 00:04 - 00324864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-24 00:16 - 2014-10-28 23:59 - 00520536 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-04-24 00:16 - 2014-10-28 23:59 - 00498496 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-04-24 00:16 - 2014-10-28 23:57 - 00725672 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2015-04-24 00:16 - 2014-10-28 23:57 - 00662120 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.exe
2015-04-24 00:16 - 2014-10-28 23:57 - 00295432 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2015-04-24 00:16 - 2014-10-28 23:57 - 00256744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2015-04-24 00:16 - 2014-10-28 23:55 - 00359496 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-24 00:16 - 2014-10-28 23:53 - 00687496 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-04-24 00:16 - 2014-10-28 23:52 - 00311448 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2015-04-24 00:16 - 2014-10-28 23:52 - 00020160 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2015-04-24 00:16 - 2014-10-28 23:51 - 00363080 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2015-04-24 00:16 - 2014-10-28 23:18 - 00320736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2015-04-24 00:16 - 2014-10-28 23:15 - 00340288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-24 00:16 - 2014-10-28 23:15 - 00245296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-04-24 00:16 - 2014-10-28 23:11 - 00463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2015-04-24 00:16 - 2014-10-28 23:10 - 00547992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2015-04-24 00:16 - 2014-10-28 23:10 - 00367248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2015-04-24 00:16 - 2014-10-28 23:07 - 00320256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-04-24 00:16 - 2014-10-28 23:06 - 00800008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-04-24 00:16 - 2014-10-28 22:45 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\glmf32.dll
2015-04-24 00:16 - 2014-10-28 22:45 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-04-24 00:16 - 2014-10-28 22:44 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-04-24 00:16 - 2014-10-28 22:37 - 02329088 _____ (Microsoft Corporation) C:\Windows\system32\NL7Data0404.dll
2015-04-2

...

 
 

  • 0

Advertisements

#2
Biscuithd
Posted 13 May 2015 - 11:34 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi there!

 

Give me a bit to review the log and I'll be back with an update. :)


  • 0

#3
Biscuithd
Posted 13 May 2015 - 01:27 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Ok, a couple of things right off. You are running both Norton and Avast. Multiple a/v's are a bad idea. They interfere with each other and often "miss things". Pick one and uninstall the other.

 

Next, the FRST log is incomplete. After you uninstall one of the A/V's, rerun FRST and post the resulting logs (there will be two logs). If for some reason you are not able to "cut/paste" the logs due to length or something, then "attach" them. :)


  • 0

#4
Louie C
Posted 18 May 2015 - 10:35 PM

Louie C

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

attachmentarrow-10x10.png=76922:gtgresponse.txt]

 

Sorry about this. I have spent the past few days figuring out how to post without getting this error, and this is the only way I can post. I actually got lucky and was able to post the attachmentarrow-10x10.png as I tried this method previously, and that didn't even work. I was just about to give up.

Attached Files


Edited by Louie C, 18 May 2015 - 10:38 PM.

  • 0

#5
Biscuithd
Posted 20 May 2015 - 09:15 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

It's still pretty rough, but let me see if I can't cobble together enough of a fix so that we can get a useable scan. Give me a few hours. :)


  • 0

#6
Louie C
Posted 20 May 2015 - 10:27 AM

Louie C

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Ok. Thank you so much for responding.


  • 0

#7
Biscuithd
Posted 21 May 2015 - 02:30 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Many apologies, but I am out of town on a business assignment and stuck at the airport. Likely tomorrow before I can get back to you. Very Sorry!


  • 0

#8
Louie C
Posted 22 May 2015 - 08:50 AM

Louie C

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

No problem. I went through and tried to clean up the log attached logs so that they would be easier for you to read. I hoped worked this time. Sorry about the messy ones!

 

Attached File  FRST.txt   464KB   197 downloads

 

Attached File  Addition.txt   49.34KB   274 downloads


Edited by Louie C, 22 May 2015 - 08:52 AM.

  • 0

#9
Biscuithd
Posted 26 May 2015 - 07:32 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Apologies for the delay. Let's see if we can get enough cleaned on this pass to get some clean scans.

 

You will likely have to disable your protection software for these tools to work.
 
FRST.gif Fix with Farbar Recovery Scan Tool

 
icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

 

Copy the entire content of the codebox below and paste into the Notepad document:

Click File, Save As and type fixlist.txt as the File Name.

 

HKLM-x32\...\Run: [ospd_us_64] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 PQAWRwa; \??\C:\Windows\SysWOW64\PQAWDrv.sys [X]
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
EmptyTemp:
Reboot:

 

 

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.
 
 
JRTbythisisu.png Fix with Junkware Removal Tool
 
Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.
 
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.
 

adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.

Please include the contents of that file in your reply.

Then reboot
 
Then rerun FRST as you did before and post the logs please.          


  • 0

#10
Louie C
Posted 26 May 2015 - 10:36 PM

Louie C

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Ok, here are the logs.

 

Fixlog

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
Ran by Jamie_2 at 2015-05-26 12:03:09 Run:1
Running from C:\Users\Jamie_2\Desktop
Loaded Profiles: Jamie & Jamie_2 (Available Profiles: Jamie & Connor & Jamie_2 & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [ospd_us_64] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 PQAWRwa; \??\C:\Windows\SysWOW64\PQAWDrv.sys [X]
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
EmptyTemp:
Reboot:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ospd_us_64 => value not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key Removed successfully
cpuz136 => Service Removed successfully
PQAWRwa => Service Removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
EmptyTemp: => Removed 6.5 GB temporary data.


The system needed a reboot.

==== End of Fixlog 12:12:50 ====

 

 

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by Jamie_2 (administrator) on PC on 26-05-2015 23:55:23
Running from C:\Users\Jamie_2\Desktop
Loaded Profiles: Jamie_2 (Available Profiles: Jamie & Connor & Jamie_2 & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-06] (Acer)
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.8.16" -- (the data entry has 62 more characters).
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #1] => C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 553 more characters).
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {2885A96B-EBC2-47AB-AEBC-A2129EE460D9} URL =
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-09] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-09] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default
FF DefaultSearchEngine.US: Google (avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2015-03-03] ()
FF Plugin HKU\S-1-5-21-3151930542-3110385303-2721579357-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jamie_2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\searchplugins\google-avast.xml [2015-05-09]
FF Extension: 123647d5da434344bfe2fc093bdf8f5e - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\{123647d5-da43-4344-bfe2-fc093bdf8f5e} [2015-05-17]
FF Extension: Adblock Plus - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-09]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows ® Win 7 DDK provider) []
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-05] (Acer Incorporated)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-15] (WildTangent)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) []
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4362056 2014-11-18] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) []
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 13:09 - 2015-05-26 13:09 - 02223104 _____ () C:\Users\Jamie_2\Downloads\AdwCleaner.exe
2015-05-26 13:08 - 2015-05-26 13:08 - 02946703 _____ (Thisisu) C:\Users\Jamie_2\Downloads\JRT(1).exe
2015-05-26 12:38 - 2015-05-26 13:07 - 00002792 _____ () C:\Users\Jamie_2\Desktop\JRT.txt
2015-05-26 12:35 - 2015-05-26 12:35 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PC-Windows-8.1-(64-bit).dat
2015-05-26 12:35 - 2015-05-26 12:35 - 00000000 ____D () C:\RegBackup
2015-05-26 12:34 - 2015-05-26 12:34 - 02946703 _____ (Thisisu) C:\Users\Jamie_2\Downloads\JRT.exe
2015-05-26 12:01 - 2015-05-26 12:01 - 00000914 _____ () C:\Users\Jamie_2\Desktop\FRST64 - Shortcut.lnk
2015-05-26 11:35 - 2015-05-26 11:42 - 00000246 _____ () C:\Users\Jamie_2\Desktop\Search.txt
2015-05-22 10:13 - 2015-05-22 10:14 - 00050522 _____ () C:\Users\Jamie_2\Desktop\Addition.txt
2015-05-22 10:09 - 2015-05-26 23:55 - 00017408 _____ () C:\Users\Jamie_2\Desktop\FRST.txt
2015-05-20 10:38 - 2015-05-20 10:38 - 01124544 _____ (Adobe Systems Incorporated) C:\Users\Jamie_2\Desktop\flashplayer17au_ga_install.exe
2015-05-18 23:51 - 2015-05-18 23:51 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-18 23:51 - 2015-05-18 23:51 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-18 23:51 - 2015-05-18 23:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-17 02:17 - 2015-05-17 02:17 - 00013524 _____ () C:\Windows\SysWOW64\cfg
2015-05-14 20:53 - 2015-05-19 00:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-14 04:02 - 2015-05-14 04:02 - 00551734 _____ () C:\Users\Jamie_2\Desktop\gtgresponse.txt
2015-05-14 02:53 - 2015-05-14 02:53 - 00051674 _____ () C:\Users\Jamie_2\Documents\Untitled 1.odt
2015-05-14 02:47 - 2015-05-14 02:47 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\OpenOffice
2015-05-14 01:04 - 2015-05-26 11:32 - 00000000 ____D () C:\Users\Jamie_2\Desktop\FRST-OlderVersion
2015-05-13 12:23 - 2015-05-13 12:23 - 00000000 ____D () C:\Windows\pss
2015-05-13 12:06 - 2015-04-24 17:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 12:06 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 11:35 - 2015-05-13 11:35 - 00002004 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-05-13 11:32 - 2015-05-13 11:32 - 00002008 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2015-05-13 03:00 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:00 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 02:46 - 2015-05-26 11:32 - 02108928 _____ (Farbar) C:\Users\Jamie_2\Desktop\FRST64.exe
2015-05-13 02:31 - 2015-05-13 02:31 - 02102784 _____ (Farbar) C:\Users\Jamie_2\Downloads\FRST64(1).exe
2015-05-13 02:24 - 2015-05-26 23:55 - 00000000 ____D () C:\FRST
2015-05-13 02:15 - 2015-05-13 02:15 - 02102784 _____ (Farbar) C:\Users\Jamie_2\Downloads\FRST64.exe
2015-05-13 00:58 - 2015-05-13 00:58 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-05-13 00:58 - 2015-05-13 00:58 - 00002031 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-05-12 16:41 - 2015-05-12 16:41 - 00001972 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-05-12 16:21 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 16:21 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 16:21 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 16:21 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 16:21 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 16:20 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 16:20 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 16:20 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 16:20 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 16:20 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 16:20 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 16:20 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 16:20 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 16:20 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 16:20 - 2015-04-21 12:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 16:20 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 16:20 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 16:20 - 2015-04-21 11:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 16:20 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 16:20 - 2015-04-21 11:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 16:20 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 16:20 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 16:20 - 2015-04-21 11:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 16:20 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 16:20 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 16:20 - 2015-04-21 11:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 16:20 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 16:20 - 2015-04-21 11:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 16:20 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 16:20 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 16:20 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 16:20 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 16:20 - 2015-04-21 11:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 16:20 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 16:20 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 16:20 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 16:20 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 16:20 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 16:20 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 16:14 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 16:14 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 16:14 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 16:14 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 16:12 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 16:12 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 16:12 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 16:12 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 16:12 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 16:12 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 16:12 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 16:05 - 2015-04-13 18:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 16:05 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 16:05 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 16:05 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 16:05 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 16:05 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 16:05 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 16:05 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 16:05 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 16:05 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 16:05 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 16:05 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 16:05 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 16:05 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 16:05 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 16:05 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 16:05 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 16:05 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 16:05 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 16:05 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 16:05 - 2015-03-12 20:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-12 16:05 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 16:05 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 16:05 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 16:05 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 16:05 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 16:05 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 13:36 - 2015-05-12 13:36 - 00000000 ____D () C:\ProgramData\a44ab4100001cfa
2015-05-12 13:32 - 2015-05-12 13:32 - 00000000 ____D () C:\ProgramData\COMODO
2015-05-12 13:26 - 2015-05-12 13:26 - 00000000 ____D () C:\Users\Jamie_2\Documents\Java
2015-05-09 16:29 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\Dropbox
2015-05-09 16:19 - 2015-05-09 16:19 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\AVAST Software
2015-05-09 16:16 - 2015-05-09 16:16 - 00001945 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-09 16:16 - 2015-05-09 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-09 16:15 - 2015-05-14 11:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-09 16:14 - 2015-05-09 16:14 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-09 16:14 - 2015-05-09 16:14 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-09 16:14 - 2015-05-09 16:14 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-09 16:13 - 2015-05-09 16:13 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-09 16:12 - 2015-05-09 16:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-09 16:01 - 2015-05-09 16:10 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Jamie_2\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-05-06 20:46 - 2015-05-06 20:46 - 00796072 _____ (Program ) C:\Users\Jamie_2\Downloads\adobe_flash_setup (1).exe
2015-05-06 18:01 - 2015-05-06 18:01 - 00000000 ____D () C:\ProgramData\PopCap Games
2015-05-06 17:38 - 2015-05-06 17:59 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\Magic Academy
2015-05-02 12:13 - 2015-05-02 12:13 - 00969584 _____ (ROBLOX Corporation) C:\Users\Jamie_2\Downloads\RobloxPlayerLauncher (1).exe
2015-04-30 10:32 - 2015-04-30 10:32 - 00003206 _____ () C:\Windows\System32\Tasks\{823E1466-B77B-428D-9F59-CCE8898088E0}
2015-04-30 10:22 - 2015-04-30 10:23 - 00262364 _____ () C:\Users\Jamie_2\Downloads\Kano - I'm Ready.mp3.part
2015-04-29 10:18 - 2015-04-29 10:18 - 00000000 ____D () C:\Users\Jamie_2\Downloads\The Best Strawberry Cake Ever- _ Oh So Shabby By Debbie_files

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 23:54 - 2014-03-17 12:13 - 00000000 ____D () C:\AdwCleaner
2015-05-26 23:53 - 2015-02-18 17:52 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C740ECAC-4510-47DD-9925-F4FB514ADAE3}
2015-05-26 22:11 - 2013-12-21 04:36 - 01735521 _____ () C:\Windows\WindowsUpdate.log
2015-05-26 22:05 - 2014-03-16 12:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-26 22:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-26 21:47 - 2015-03-03 17:34 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\.minecraft
2015-05-26 15:41 - 2015-04-07 17:45 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\CrashDumps
2015-05-26 13:28 - 2014-04-18 14:21 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-26 13:26 - 2013-08-22 10:46 - 00035735 _____ () C:\Windows\setupact.log
2015-05-26 13:26 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-26 12:20 - 2014-04-10 14:40 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-26 12:19 - 2013-10-24 00:39 - 00897486 _____ () C:\Windows\PFRO.log
2015-05-26 12:19 - 2013-08-22 09:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-26 12:03 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-26 12:03 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-05-25 10:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-24 14:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\Offline Web Pages
2015-05-24 11:32 - 2014-08-12 04:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-20 08:04 - 2014-08-12 03:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-20 08:04 - 2014-08-12 03:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-20 08:04 - 2014-03-17 02:30 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-19 21:59 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-19 21:58 - 2015-04-04 11:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 21:58 - 2015-04-04 11:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-15 17:24 - 2013-10-24 00:46 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-05-15 15:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-14 13:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2015-05-14 11:16 - 2014-07-02 10:29 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\Google
2015-05-14 11:16 - 2014-04-21 16:56 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-14 00:56 - 2013-10-24 00:55 - 00000000 ____D () C:\ProgramData\Norton
2015-05-14 00:49 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-05-14 00:49 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-13 12:00 - 2013-12-21 05:13 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-05-13 11:41 - 2013-08-22 09:25 - 00000194 _____ () C:\Windows\win.ini
2015-05-13 11:38 - 2014-07-02 10:29 - 00000000 ____D () C:\Users\Jamie_2
2015-05-13 11:35 - 2013-12-21 05:17 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-05-13 11:35 - 2013-12-21 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-05-13 11:33 - 2014-07-02 10:31 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\clear.fi
2015-05-13 11:25 - 2013-08-22 10:44 - 00381824 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 11:21 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-13 11:21 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 02:57 - 2014-03-18 13:55 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 02:39 - 2014-03-18 13:55 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 02:35 - 2014-06-30 16:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 02:31 - 2014-07-02 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 02:29 - 2014-07-02 23:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 02:29 - 2014-07-02 23:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 02:22 - 2013-08-22 15:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 00:58 - 2014-08-26 19:20 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\AOP SDK
2015-05-12 16:39 - 2013-10-24 01:32 - 00000000 ___HD () C:\OEM
2015-05-12 04:04 - 2014-08-26 19:26 - 00002286 _____ () C:\Users\Jamie_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-05-09 19:43 - 2013-10-24 00:47 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-09 16:41 - 2015-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\TrimModule
2015-05-09 08:35 - 2013-10-24 00:46 - 00000000 ____D () C:\ProgramData\WildTangent
2015-05-09 08:34 - 2013-10-24 00:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-05 13:59 - 2015-03-19 14:56 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 13:59 - 2015-03-19 14:56 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-05 11:00 - 2014-05-07 23:42 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-05-04 16:05 - 2013-08-22 11:37 - 00003223 _____ () C:\Windows\DtcInstall.log
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\FileManager
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Camera
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-04 15:57 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-04 15:57 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\Com
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\IME
2015-05-04 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-04 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-04 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-05-04 15:55 - 2013-08-22 11:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-05-04 15:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-05-04 15:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-05-04 15:55 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-04 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-05-04 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-04 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-05-04 15:53 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell

==================== Files in the root of some directories =======

2015-04-29 09:58 - 2015-04-29 09:58 - 0011776 _____ () C:\Users\Jamie_2\AppData\Local\Temp-log.txt
2014-03-07 23:28 - 2015-04-06 16:52 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 14:26

==================== End of log ============================

 

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.0 (05.25.2015:1)
OS: Windows 8.1 x64
Ran by Jamie_2 on Tue 05/26/2015 at 12:35:03.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\AI_Updater
Successfully deleted: [Task] C:\Windows\system32\tasks\boosterpop
Successfully deleted: [Task] C:\Windows\system32\tasks\HDNINSTSCHD
Successfully deleted: [Task] C:\Windows\system32\tasks\IE_ERR4WDR
Successfully deleted: [Task] C:\Windows\system32\tasks\IEError
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3151930542-3110385303-2721579357-1001
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3151930542-3110385303-2721579357-1002
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3151930542-3110385303-2721579357-1003
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3151930542-3110385303-2721579357-500
Successfully deleted: [Task] C:\Windows\system32\tasks\UPDTEXE4_WDR



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update BrowseMark
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update wisen wizard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util BrowseMark
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util wisen wizard



~~~ Files

Successfully deleted: [File] C:\Windows\wininit.ini
Successfully deleted: [File] C:\Users\Jamie_2\AppData\Roaming\appdataFr3.bin



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\portable weatherapp
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin
Successfully deleted: [Folder] C:\ProgramData\17768443503573303556



~~~ FireFox

Failed to delete: [File] C:\Users\Jamie_2\AppData\Roaming\mozilla\firefox\profiles\figbnj9s.default\invalidprefs.js
Emptied folder: C:\Users\Jamie_2\AppData\Roaming\mozilla\firefox\profiles\figbnj9s.default\minidumps [1 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 05/26/2015 at 12:38:00.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

AdwCleaner:

 

# AdwCleaner v4.205 - Logfile created 26/05/2015 at 13:25:17
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Jamie_2 - PC
# Running from : C:\Users\Jamie_2\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\invalidprefs.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\SDP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_9a4324f00d4f0f3e5795bc8a599c0551ac01936f
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v38.0.1 (x86 en-US)


*************************

AdwCleaner[R0].txt - [3784 bytes] - [17/03/2014 12:13:48]
AdwCleaner[R1].txt - [2110 bytes] - [17/04/2014 12:06:11]
AdwCleaner[R2].txt - [1130 bytes] - [17/04/2014 12:51:42]
AdwCleaner[R3].txt - [1331 bytes] - [18/04/2014 13:59:53]
AdwCleaner[R4].txt - [1394 bytes] - [18/04/2014 14:14:30]
AdwCleaner[R5].txt - [5331 bytes] - [25/04/2014 09:56:05]
AdwCleaner[R6].txt - [10624 bytes] - [19/05/2015 00:05:27]
AdwCleaner[R7].txt - [2286 bytes] - [26/05/2015 13:10:11]
AdwCleaner[S0].txt - [3534 bytes] - [17/03/2014 12:17:39]
AdwCleaner[S1].txt - [2122 bytes] - [17/04/2014 12:46:38]
AdwCleaner[S2].txt - [1461 bytes] - [18/04/2014 14:16:14]
AdwCleaner[S3].txt - [5265 bytes] - [25/04/2014 09:57:45]
AdwCleaner[S4].txt - [10297 bytes] - [19/05/2015 00:15:26]
AdwCleaner[S5].txt - [2221 bytes] - [26/05/2015 13:25:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2280  bytes] ##########
 

 

 

 

 

 

 

 


  • 0

Advertisements

#11
Biscuithd
Posted 27 May 2015 - 06:35 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Looking better from a scan perspective, however, you are still running both Norton and Avast. Multiple a/v's are a bad idea. They interfere with each other and often "miss things". Pick one and uninstall the other.

 

After that is complete, please download and run MBAM as described below.

 

Please download and install Malwarebytes Anti-Malware.

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    excl.png If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  •  Paste your log into your next reply and then click Finish [7].

mbamv21.gif

Finally, re-run FRST and paste the results, both logs and let me know how the computer is working. :)


  • 0

#12
Louie C
Posted 27 May 2015 - 11:17 AM

Louie C

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

The Malwarebytes scan didn't find anything. However, I am still getting the redirects and adware. The pc itself runs fine though. I am actually able to post the logs in the thread with attaching them now.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/27/2015
Scan Time: 11:09:38 AM
Logfile: MBAM.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.27.03
Rootkit Database: v2015.05.24.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Jamie_2

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 523464
Time Elapsed: 43 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

FRST:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by Jamie_2 (administrator) on PC on 27-05-2015 13:07:02
Running from C:\Users\Jamie_2\Desktop
Loaded Profiles: Jamie_2 (Available Profiles: Jamie & Connor & Jamie_2 & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-06] (Acer)
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.8.16" -- (the data entry has 62 more characters).
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #1] => C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 553 more characters).
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {2885A96B-EBC2-47AB-AEBC-A2129EE460D9} URL =
SearchScopes: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-09] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-09] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default
FF DefaultSearchEngine.US: Google (avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2015-03-03] ()
FF Plugin HKU\S-1-5-21-3151930542-3110385303-2721579357-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jamie_2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\searchplugins\google-avast.xml [2015-05-09]
FF Extension: 123647d5da434344bfe2fc093bdf8f5e - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\{123647d5-da43-4344-bfe2-fc093bdf8f5e} [2015-05-17]
FF Extension: Adblock Plus - C:\Users\Jamie_2\AppData\Roaming\Mozilla\Firefox\Profiles\figbnj9s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-09]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows ® Win 7 DDK provider) []
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-05] (Acer Incorporated)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-15] (WildTangent)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) []
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) []
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 13:06 - 2015-05-27 13:06 - 00001046 _____ () C:\Users\Jamie_2\Desktop\MBAM.txt
2015-05-27 11:11 - 2015-05-27 11:11 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3151930542-3110385303-2721579357-1003
2015-05-26 13:09 - 2015-05-26 13:09 - 02223104 _____ () C:\Users\Jamie_2\Downloads\AdwCleaner.exe
2015-05-26 13:08 - 2015-05-26 13:08 - 02946703 _____ (Thisisu) C:\Users\Jamie_2\Downloads\JRT(1).exe
2015-05-26 12:38 - 2015-05-26 13:07 - 00002792 _____ () C:\Users\Jamie_2\Desktop\JRT.txt
2015-05-26 12:35 - 2015-05-26 12:35 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PC-Windows-8.1-(64-bit).dat
2015-05-26 12:35 - 2015-05-26 12:35 - 00000000 ____D () C:\RegBackup
2015-05-26 12:34 - 2015-05-26 12:34 - 02946703 _____ (Thisisu) C:\Users\Jamie_2\Downloads\JRT.exe
2015-05-26 12:01 - 2015-05-26 12:01 - 00000914 _____ () C:\Users\Jamie_2\Desktop\FRST64 - Shortcut.lnk
2015-05-26 11:35 - 2015-05-26 11:42 - 00000246 _____ () C:\Users\Jamie_2\Desktop\Search.txt
2015-05-22 10:13 - 2015-05-22 10:14 - 00050522 _____ () C:\Users\Jamie_2\Desktop\Addition.txt
2015-05-22 10:09 - 2015-05-27 13:07 - 00017068 _____ () C:\Users\Jamie_2\Desktop\FRST.txt
2015-05-20 10:38 - 2015-05-20 10:38 - 01124544 _____ (Adobe Systems Incorporated) C:\Users\Jamie_2\Desktop\flashplayer17au_ga_install.exe
2015-05-18 23:51 - 2015-05-18 23:51 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-18 23:51 - 2015-05-18 23:51 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-18 23:51 - 2015-05-18 23:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-17 02:17 - 2015-05-17 02:17 - 00013524 _____ () C:\Windows\SysWOW64\cfg
2015-05-14 20:53 - 2015-05-19 00:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-14 04:02 - 2015-05-14 04:02 - 00551734 _____ () C:\Users\Jamie_2\Desktop\gtgresponse.txt
2015-05-14 02:53 - 2015-05-14 02:53 - 00051674 _____ () C:\Users\Jamie_2\Documents\Untitled 1.odt
2015-05-14 02:47 - 2015-05-14 02:47 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\OpenOffice
2015-05-14 01:04 - 2015-05-26 11:32 - 00000000 ____D () C:\Users\Jamie_2\Desktop\FRST-OlderVersion
2015-05-13 12:23 - 2015-05-13 12:23 - 00000000 ____D () C:\Windows\pss
2015-05-13 12:06 - 2015-04-24 17:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 12:06 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 11:35 - 2015-05-13 11:35 - 00002004 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-05-13 11:32 - 2015-05-13 11:32 - 00002008 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2015-05-13 03:00 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:00 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 02:46 - 2015-05-26 11:32 - 02108928 _____ (Farbar) C:\Users\Jamie_2\Desktop\FRST64.exe
2015-05-13 02:31 - 2015-05-13 02:31 - 02102784 _____ (Farbar) C:\Users\Jamie_2\Downloads\FRST64(1).exe
2015-05-13 02:24 - 2015-05-27 13:07 - 00000000 ____D () C:\FRST
2015-05-13 02:15 - 2015-05-13 02:15 - 02102784 _____ (Farbar) C:\Users\Jamie_2\Downloads\FRST64.exe
2015-05-13 00:58 - 2015-05-13 00:58 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-05-13 00:58 - 2015-05-13 00:58 - 00002031 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-05-12 16:41 - 2015-05-12 16:41 - 00001972 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-05-12 16:21 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 16:21 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 16:21 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 16:21 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 16:21 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 16:20 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 16:20 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 16:20 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 16:20 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 16:20 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 16:20 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 16:20 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 16:20 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 16:20 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 16:20 - 2015-04-21 12:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 16:20 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 16:20 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 16:20 - 2015-04-21 11:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 16:20 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 16:20 - 2015-04-21 11:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 16:20 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 16:20 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 16:20 - 2015-04-21 11:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 16:20 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 16:20 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 16:20 - 2015-04-21 11:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 16:20 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 16:20 - 2015-04-21 11:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 16:20 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 16:20 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 16:20 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 16:20 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 16:20 - 2015-04-21 11:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 16:20 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 16:20 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 16:20 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 16:20 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 16:20 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 16:20 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 16:14 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 16:14 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 16:14 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 16:14 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 16:12 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 16:12 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 16:12 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 16:12 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 16:12 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 16:12 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 16:12 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 16:05 - 2015-04-13 18:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 16:05 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 16:05 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 16:05 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 16:05 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 16:05 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 16:05 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 16:05 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 16:05 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 16:05 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 16:05 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 16:05 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 16:05 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 16:05 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 16:05 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 16:05 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 16:05 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 16:05 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 16:05 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 16:05 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 16:05 - 2015-03-12 20:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-12 16:05 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 16:05 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 16:05 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 16:05 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 16:05 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 16:05 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 13:36 - 2015-05-12 13:36 - 00000000 ____D () C:\ProgramData\a44ab4100001cfa
2015-05-12 13:32 - 2015-05-12 13:32 - 00000000 ____D () C:\ProgramData\COMODO
2015-05-12 13:26 - 2015-05-12 13:26 - 00000000 ____D () C:\Users\Jamie_2\Documents\Java
2015-05-09 16:29 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\Dropbox
2015-05-09 16:19 - 2015-05-09 16:19 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\AVAST Software
2015-05-09 16:16 - 2015-05-09 16:16 - 00001945 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-09 16:16 - 2015-05-09 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-09 16:15 - 2015-05-14 11:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-09 16:14 - 2015-05-09 16:14 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-09 16:14 - 2015-05-09 16:14 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-09 16:14 - 2015-05-09 16:14 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-09 16:14 - 2015-05-09 16:14 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-09 16:13 - 2015-05-09 16:13 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-09 16:12 - 2015-05-09 16:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-09 16:01 - 2015-05-09 16:10 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Jamie_2\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-05-06 20:46 - 2015-05-06 20:46 - 00796072 _____ (Program ) C:\Users\Jamie_2\Downloads\adobe_flash_setup (1).exe
2015-05-06 18:01 - 2015-05-06 18:01 - 00000000 ____D () C:\ProgramData\PopCap Games
2015-05-06 17:38 - 2015-05-06 17:59 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\Magic Academy
2015-05-02 12:13 - 2015-05-02 12:13 - 00969584 _____ (ROBLOX Corporation) C:\Users\Jamie_2\Downloads\RobloxPlayerLauncher (1).exe
2015-04-30 10:32 - 2015-04-30 10:32 - 00003206 _____ () C:\Windows\System32\Tasks\{823E1466-B77B-428D-9F59-CCE8898088E0}
2015-04-30 10:22 - 2015-04-30 10:23 - 00262364 _____ () C:\Users\Jamie_2\Downloads\Kano - I'm Ready.mp3.part
2015-04-29 10:18 - 2015-04-29 10:18 - 00000000 ____D () C:\Users\Jamie_2\Downloads\The Best Strawberry Cake Ever- _ Oh So Shabby By Debbie_files

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 13:05 - 2014-03-16 12:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-27 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-27 11:28 - 2013-12-21 04:36 - 01853616 _____ () C:\Windows\WindowsUpdate.log
2015-05-27 11:09 - 2014-08-12 04:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-27 11:05 - 2013-12-21 05:15 - 00000000 ____D () C:\Program Files (x86)\Norton Online Backup ARA
2015-05-27 07:52 - 2015-02-18 17:52 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C740ECAC-4510-47DD-9925-F4FB514ADAE3}
2015-05-26 23:54 - 2014-03-17 12:13 - 00000000 ____D () C:\AdwCleaner
2015-05-26 21:47 - 2015-03-03 17:34 - 00000000 ____D () C:\Users\Jamie_2\AppData\Roaming\.minecraft
2015-05-26 15:41 - 2015-04-07 17:45 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\CrashDumps
2015-05-26 13:28 - 2014-04-18 14:21 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-26 13:26 - 2013-08-22 10:46 - 00035735 _____ () C:\Windows\setupact.log
2015-05-26 13:26 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-26 12:20 - 2014-04-10 14:40 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-26 12:19 - 2013-10-24 00:39 - 00897486 _____ () C:\Windows\PFRO.log
2015-05-26 12:19 - 2013-08-22 09:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-26 12:03 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-26 12:03 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-05-25 10:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-24 14:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\Offline Web Pages
2015-05-20 08:04 - 2014-08-12 03:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-20 08:04 - 2014-08-12 03:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-20 08:04 - 2014-03-17 02:30 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-19 21:59 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-19 21:58 - 2015-04-04 11:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 21:58 - 2015-04-04 11:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-15 17:24 - 2013-10-24 00:46 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-05-15 15:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-14 13:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2015-05-14 11:16 - 2014-07-02 10:29 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\Google
2015-05-14 11:16 - 2014-04-21 16:56 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-14 00:56 - 2013-10-24 00:55 - 00000000 ____D () C:\ProgramData\Norton
2015-05-14 00:49 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-05-14 00:49 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-13 12:00 - 2013-12-21 05:13 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-05-13 11:41 - 2013-08-22 09:25 - 00000194 _____ () C:\Windows\win.ini
2015-05-13 11:38 - 2014-07-02 10:29 - 00000000 ____D () C:\Users\Jamie_2
2015-05-13 11:35 - 2013-12-21 05:17 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-05-13 11:35 - 2013-12-21 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-05-13 11:33 - 2014-07-02 10:31 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\clear.fi
2015-05-13 11:25 - 2013-08-22 10:44 - 00381824 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 11:21 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-13 11:21 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 02:57 - 2014-03-18 13:55 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 02:39 - 2014-03-18 13:55 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 02:35 - 2014-06-30 16:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 02:31 - 2014-07-02 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 02:29 - 2014-07-02 23:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 02:29 - 2014-07-02 23:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 02:22 - 2013-08-22 15:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 00:58 - 2014-08-26 19:20 - 00000000 ____D () C:\Users\Jamie_2\AppData\Local\AOP SDK
2015-05-12 16:39 - 2013-10-24 01:32 - 00000000 ___HD () C:\OEM
2015-05-12 04:04 - 2014-08-26 19:26 - 00002286 _____ () C:\Users\Jamie_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-05-09 19:43 - 2013-10-24 00:47 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-09 16:41 - 2015-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\TrimModule
2015-05-09 08:35 - 2013-10-24 00:46 - 00000000 ____D () C:\ProgramData\WildTangent
2015-05-09 08:34 - 2013-10-24 00:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-05 13:59 - 2015-03-19 14:56 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 13:59 - 2015-03-19 14:56 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-05 11:00 - 2014-05-07 23:42 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-05-04 16:05 - 2013-08-22 11:37 - 00003223 _____ () C:\Windows\DtcInstall.log
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\FileManager
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Camera
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-05-04 15:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-04 15:57 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-04 15:57 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\Com
2015-05-04 15:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\IME
2015-05-04 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-04 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-04 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-05-04 15:55 - 2013-08-22 11:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-05-04 15:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-05-04 15:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-05-04 15:55 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-04 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-05-04 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-04 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-05-04 15:53 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell

==================== Files in the root of some directories =======

2015-04-29 09:58 - 2015-04-29 09:58 - 0011776 _____ () C:\Users\Jamie_2\AppData\Local\Temp-log.txt
2014-03-07 23:28 - 2015-04-06 16:52 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\Jamie_2\AppData\Local\Temp\{311739EB-5C94-4EE1-B911-2D1F005060F4}_NARA_9902.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 14:26

==================== End of log ============================


Edited by Louie C, 27 May 2015 - 11:19 AM.

  • 0

#13
Biscuithd
Posted 27 May 2015 - 11:34 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Let's see if this doesn't help the situation.

 

As usual, post the fix log, a fresh scan and let me know how things are working.

 

Copy the entire content of the codebox below and paste into the Notepad document:

Click File, Save As and type fixlist.txt as the File Name.

CreateRestorePoint:
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.8.16" -- (the data entry has 62 more characters).
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #1] => C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 553 more characters).
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-04-29 09:58 - 2015-04-29 09:58 - 0011776 _____ () C:\Users\Jamie_2\AppData\Local\Temp-log.txt
2014-03-07 23:28 - 2015-04-06 16:52 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
C:\Users\Jamie_2\AppData\Local\Temp\{311739EB-5C94-4EE1-B911-2D1F005060F4}_NARA_9902.exe
EmptyTemp:
Reboot:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.


  • 0

#14
Louie C
Posted 27 May 2015 - 10:56 PM

Louie C

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Hello, I am still getting popups, links, and redirects.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
Ran by Jamie_2 at 2015-05-28 00:16:43 Run:2
Running from C:\Users\Jamie_2\Desktop
Loaded Profiles: Jamie_2 (Available Profiles: Jamie & Connor & Jamie_2 & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.8.16" -- (the data entry has 62 more characters).
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\RunOnce: [Application Restart #1] => C:\Users\Jamie_2\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 553 more characters).
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-04-29 09:58 - 2015-04-29 09:58 - 0011776 _____ () C:\Users\Jamie_2\AppData\Local\Temp-log.txt
2014-03-07 23:28 - 2015-04-06 16:52 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
C:\Users\Jamie_2\AppData\Local\Temp\{311739EB-5C94-4EE1-B911-2D1F005060F4}_NARA_9902.exe
EmptyTemp:
Reboot:
*****************

Restore point was successfully created.
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #0 => value Removed successfully
HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #1 => value Removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}" => key Removed successfully
HKCR\CLSID\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
C:\Users\Jamie_2\AppData\Local\Temp-log.txt => Moved successfully.
C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc => Moved successfully.
C:\Users\Jamie_2\AppData\Local\Temp\{311739EB-5C94-4EE1-B911-2D1F005060F4}_NARA_9902.exe => Moved successfully.
EmptyTemp: => Removed 230 MB temporary data.


The system needed a reboot.

==== End of Fixlog 00:18:23 ====


  • 0

#15
Biscuithd
Posted 28 May 2015 - 05:47 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Stubborn infection, but, we'll get it.

 

Copy the entire content of the codebox below and paste into the Notepad document:

Click File, Save As and type fixlist.txt as the File Name.

CreateRestorePoint:
HKLM\...\Policies\Explorer: [HideSCAHealth] 1

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-09]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]

EmptyTemp:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

Then a fresh FRST log as previously done, but this time Tick the box marked ShortCut.txt. I need to see the extra log it produces.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP