Jump to content

Computer freezing. Can't system restore. Programs behaving strangely.


Recommended Posts

Hi.

 

The computer freezes up every few minutes so typing anything has become difficult. Software that I use for work remotely is behaving strangely (stalling, not playing) but it works fine for others who  access the software (even using my account), so it's not a software issue. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by owner (administrator) on HHGREGG-PC on 23-05-2015 10:06:24
Running from C:\Users\owner\Downloads
Loaded Profiles: owner (Available Profiles: owner & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\rselect\RSelSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Akamai Technologies, Inc.) C:\Users\owner\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Akamai Technologies, Inc.) C:\Users\owner\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Sage Software, Inc.) C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(SAMSUNG ELECTRONICS) C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Toshiba Online Backup\ToshibaOnlineBackup.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\owner\Downloads\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM-x32\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-07-30] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM-x32\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM-x32\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM-x32\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1482080 2009-08-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)
HKLM-x32\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM-x32\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [252288 2009-07-02] (TOSHIBA)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-08-11] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [28672 2008-08-01] (Sage Software, Inc.)
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe [393216 2008-08-01] (Sage Software, Inc.)
HKLM-x32\...\Run: [sMSTray] => C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [843776 2009-06-05] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1497352 2011-02-22] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [Toshiba Online Backup] => C:\Program Files (x86)\Toshiba Online Backup\ToshibaOnlineBackup.exe [966296 2011-09-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [bambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [MyTOSHIBA] => C:\Program Files (x86)\Toshiba\My Toshiba\MyToshiba.exe [264048 2009-08-06] (TOSHIBA)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [EPSONDD461F] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE [223232 2009-01-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-12] (Logitech Inc.)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Akamai NetSession Interface] => C:\Users\owner\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Google Update] => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-18] (Google Inc.)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-02] (Google Inc.)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [GoogleChromeAutoLaunch_BFB1AAC9AD5759BCC5B883652DF33E69] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Zoom] => [X]
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-03-06]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2015-02-20]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> {FFAD5398-51D1-4EAA-B3A1-03253AD44343} URL = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-10-18] (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)
Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/63.17/uploader2.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2012-07-25] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-11-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @sony.com/eBookLibrary -> C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-12-25] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-11-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @citrixonline.com/appdetectorplugin -> C:\Users\owner\AppData\Local\Citrix\Plugins\94\npappdetector.dll [2013-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/O1DPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\owner\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-05-08] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-06-01] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll [2011-06-01] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Firebug - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\firebug@software.joehewitt.com.xpi [2015-04-10]
FF Extension: Pin It Button - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-11-19]
FF Extension: Evernote Web Clipper - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-04-08]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.0.0.48\coFFFw
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-02-05]
 
Chrome: 
=======
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Pin It Button) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-29]
CHR Extension: (Hangouts) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-01-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ACT! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [81920 2008-08-01] (Sage Software, Inc.) []
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-11-01] (Adobe Systems) []
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-07] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) []
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 MSSQL$ACT7; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-09-12] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2012-07-25] (Intuit) []
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) []
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) []
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) []
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)
S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [21504 2010-06-24] (http://libusb-win32.sourceforge.net)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49696 2009-07-16] (O2Micro )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) []
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-23 10:05 - 2015-05-23 10:05 - 00001178 _____ () C:\Users\owner\Desktop\FRST64 (1).exe - Shortcut.lnk
2015-05-23 10:02 - 2015-05-23 10:02 - 02108416 _____ (Farbar) C:\Users\owner\Downloads\FRST64 (1).exe
2015-05-23 08:26 - 2015-05-23 08:26 - 00000000 ____D () C:\Users\owner\AppData\Local\{9FDDAEE0-73B9-428E-A270-70C81EC14626}
2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (12)
2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (10)
2015-05-22 13:11 - 2015-05-22 13:12 - 00000000 ____D () C:\Users\owner\AppData\Local\{80453EC0-B099-4BE6-881C-CE582FFF6BD0}
2015-05-22 10:45 - 2015-05-22 10:46 - 00813408 _____ () C:\windows\Minidump\052215-23353-01.dmp
2015-05-21 23:46 - 2015-05-21 23:46 - 00000000 ____D () C:\Users\owner\AppData\Local\{46B8A14D-671A-4A78-9F96-F3F80EE22699}
2015-05-21 10:59 - 2015-05-21 10:59 - 00000000 ____D () C:\Users\owner\AppData\Local\{169FEC7C-5EF5-4C41-AAF7-9DC6D3DFC7FE}
2015-05-20 22:58 - 2015-05-20 22:58 - 00000000 ____D () C:\Users\owner\AppData\Local\{37349C58-5208-4655-9FB3-6B0B10CF9A72}
2015-05-20 10:56 - 2015-05-20 10:56 - 00000000 ____D () C:\Users\owner\AppData\Local\{CB81E52B-88AD-4088-9A2F-AEDC01845A0A}
2015-05-19 10:54 - 2015-05-19 22:55 - 00000000 ____D () C:\Users\owner\AppData\Local\{744003A2-1B19-4678-A842-7D43DD1F327A}
2015-05-18 16:43 - 2015-05-18 16:43 - 00002159 _____ () C:\Users\owner\Downloads\CP0007276395P-1.mp4.en.srt
2015-05-18 10:53 - 2015-05-18 22:54 - 00000000 ____D () C:\Users\owner\AppData\Local\{9AC0D1A3-F505-45B0-B94C-965C0631CFC4}
2015-05-17 23:40 - 2015-05-17 23:40 - 00118735 _____ () C:\Users\owner\Downloads\CP0045898113P-1.mp4.en.srt
2015-05-17 10:52 - 2015-05-17 22:53 - 00000000 ____D () C:\Users\owner\AppData\Local\{BA992444-2C60-477A-A06A-02BB763EB5C7}
2015-05-16 22:14 - 2015-05-22 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-16 10:39 - 2015-05-22 18:33 - 00000000 ____D () C:\Users\owner\Documents\System Restore
2015-05-15 19:37 - 2015-05-16 19:59 - 00000000 ____D () C:\Users\owner\AppData\Local\{462E082F-1254-4D2D-A886-010EA8DB0733}
2015-05-15 07:36 - 2015-05-15 07:36 - 00000000 ____D () C:\Users\owner\AppData\Local\{48E726A5-1DA1-4BFB-8E8B-1D0E52D34381}
2015-05-15 06:54 - 2015-05-22 23:53 - 00000000 ____D () C:\ProgramData\Gyazo
2015-05-15 06:54 - 2015-05-15 06:54 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-05-14 19:35 - 2015-05-14 19:35 - 00000000 ____D () C:\Users\owner\AppData\Local\{B04C8801-B87E-4C60-8BDC-BDECE0D34D52}
2015-05-14 07:42 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 07:42 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:03 - 2015-05-13 16:03 - 00015981 _____ () C:\Users\owner\Downloads\CP0097179133P-1.mp4.en.srt
2015-05-13 11:20 - 2015-05-14 07:35 - 00000000 ____D () C:\Users\owner\AppData\Local\{85698EF4-DB7E-473E-AAAD-318035C26C39}
2015-05-13 09:10 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 09:10 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 09:10 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-13 09:10 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-13 09:10 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-13 09:10 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-13 09:10 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-13 09:10 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-13 09:10 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-13 09:10 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-13 09:10 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-13 09:10 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-13 09:10 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-13 09:10 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-13 09:10 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-13 09:10 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-13 09:10 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-13 09:10 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-13 09:10 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 09:10 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 09:10 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 09:10 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 09:10 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 09:10 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 09:10 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 09:10 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 09:10 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 09:10 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 09:10 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 09:10 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 09:10 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 09:10 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 09:10 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 09:10 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 09:10 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 09:10 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 09:10 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 09:10 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 09:10 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 09:10 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 09:10 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 09:10 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 09:10 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 09:10 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 09:10 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 09:10 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 09:10 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 09:10 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 09:10 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 09:10 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 09:10 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 09:10 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 09:10 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 09:10 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 09:10 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 09:10 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 09:10 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 09:10 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 09:10 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 09:10 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 09:10 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 09:10 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 09:10 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 09:10 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 09:10 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 09:10 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 09:10 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 09:10 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 09:10 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 09:10 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 09:10 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 09:10 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 09:10 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 09:10 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 09:10 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 09:10 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 09:10 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 09:10 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 09:10 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 09:10 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 09:10 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 09:10 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-13 09:10 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-13 09:10 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-13 09:10 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-13 09:10 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-13 09:10 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-13 09:10 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-13 09:09 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-13 09:09 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-13 09:09 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-13 09:09 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-13 09:09 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-13 09:09 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-13 09:09 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-13 09:09 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-13 09:09 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-13 09:09 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-13 09:09 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-13 09:09 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-13 09:09 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-13 09:09 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:09 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 09:09 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 09:09 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 09:09 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 09:08 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 09:08 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-13 09:08 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 09:08 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-13 09:08 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-13 09:08 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-13 09:08 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-12 23:19 - 2015-05-12 23:19 - 00000000 ____D () C:\Users\owner\AppData\Local\{9732C701-072B-4040-A35A-38600DCBD89B}
2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Zoom
2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2015-05-12 11:43 - 2015-05-12 11:43 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher (1).exe
2015-05-12 11:21 - 2015-05-12 11:21 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher.exe
2015-05-12 11:19 - 2015-05-12 11:19 - 00000000 ____D () C:\Users\owner\AppData\Local\{1D60784D-1D00-41AF-B120-EA7749A9C8A8}
2015-05-11 08:51 - 2015-05-11 08:51 - 01311683 _____ () C:\Users\owner\Downloads\Top-15-Ways-to-Make-Money-Online.zip
2015-05-10 20:40 - 2015-05-10 21:12 - 00000000 ____D () C:\Users\owner\Downloads\Dollarphotoclub_68098868
2015-05-10 20:34 - 2015-05-10 20:34 - 01046306 _____ () C:\Users\owner\Downloads\Dollarphotoclub_68098868.zip
2015-05-09 22:39 - 2015-05-11 23:19 - 00000000 ____D () C:\Users\owner\AppData\Local\{B575FDC0-7005-46F1-9623-2EC4AE7E91E7}
2015-05-09 18:47 - 2015-05-09 18:47 - 00007148 _____ () C:\Users\owner\Downloads\CP0157666677P-75.mp4.en.srt
2015-05-09 15:28 - 2015-05-09 15:28 - 00008214 _____ () C:\Users\owner\Downloads\bloglovin_subscriptions.xml
2015-05-09 13:26 - 2015-05-09 13:26 - 00002204 _____ () C:\Users\owner\Downloads\CP0360643936P-19.mp4.en.srt
2015-05-08 19:48 - 2015-05-08 19:48 - 00002058 _____ () C:\Users\owner\Downloads\CP0535238036P-1.mp4.en.srt
2015-05-08 16:05 - 2015-05-08 16:05 - 00025117 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en (1).srt
2015-05-08 15:54 - 2015-05-08 15:54 - 00025057 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en.srt
2015-05-08 10:38 - 2015-05-09 10:38 - 00000000 ____D () C:\Users\owner\AppData\Local\{205560D5-7DD6-4A0F-BCA1-F0A1B3EFF31E}
2015-05-08 09:16 - 2015-05-08 09:17 - 00804872 _____ () C:\windows\Minidump\050815-23431-01.dmp
2015-05-07 22:38 - 2015-05-07 22:38 - 00000000 ____D () C:\Users\owner\AppData\Local\{65B79364-EF6C-4597-B9AA-622BA49C9CAB}
2015-05-07 21:30 - 2015-05-07 21:30 - 00002863 _____ () C:\Users\owner\Downloads\CP0076905481P-46.mp4.en.srt
2015-05-07 19:52 - 2015-05-07 19:52 - 00008271 _____ () C:\Users\owner\Downloads\CP0076905481P-78.mp4.en.srt
2015-05-07 10:37 - 2015-05-07 10:37 - 00000000 ____D () C:\Users\owner\AppData\Local\{298D69B6-A625-450D-B325-A5CDB0D5E67A}
2015-05-07 10:20 - 2015-05-07 10:20 - 00812904 _____ () C:\windows\Minidump\050715-26925-01.dmp
2015-05-07 08:05 - 2015-05-07 08:05 - 00877032 _____ () C:\windows\Minidump\050715-33540-01.dmp
2015-05-06 16:39 - 2015-05-06 16:39 - 00003335 _____ () C:\Users\owner\Downloads\CP0023366857P-1.mp4.en.srt
2015-05-06 11:20 - 2015-05-06 11:20 - 00002437 _____ () C:\Users\owner\Downloads\CP0100254712P-33.mp4.en.srt
2015-05-05 20:58 - 2015-05-05 20:58 - 00006578 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en(1).srt
2015-05-05 20:39 - 2015-05-05 20:39 - 00006575 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en.srt
2015-05-05 15:05 - 2015-05-05 15:05 - 00003831 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en(1).srt
2015-05-05 14:55 - 2015-05-05 14:55 - 00003763 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en.srt
2015-05-05 12:30 - 2015-05-05 12:31 - 00003656 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en(1).srt
2015-05-05 12:23 - 2015-05-05 12:24 - 00003662 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en.srt
2015-05-05 02:26 - 2015-05-05 02:26 - 00024947 _____ () C:\Users\owner\Downloads\CP0168412542P-7.mp4.en.srt
2015-05-04 19:15 - 2015-05-04 19:15 - 00011853 _____ () C:\Users\owner\Downloads\CP0387660393P-1.mp4.en.srt
2015-05-04 10:35 - 2015-05-04 10:35 - 00000000 ____D () C:\Users\owner\Downloads\facebook-100001421505705
2015-05-04 10:25 - 2015-05-04 10:25 - 00001923 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en(1).srt
2015-05-04 10:22 - 2015-05-04 10:23 - 00001924 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en.srt
2015-05-04 02:38 - 2015-05-04 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-05-04 02:36 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\Program Files\iTunes
2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files\iPod
2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-04 02:21 - 2015-05-04 02:21 - 00002011 _____ () C:\Users\owner\Downloads\CP0100254712P-38.mp4.en.srt
2015-05-02 19:07 - 2015-05-02 19:08 - 00001426 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en(1).srt
2015-05-02 19:03 - 2015-05-02 19:03 - 00001423 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en.srt
2015-05-02 16:03 - 2015-05-02 16:03 - 00003891 _____ () C:\Users\owner\Downloads\CP0468921932P-2.mp4.en.srt
2015-05-02 14:23 - 2015-05-02 14:23 - 00004035 _____ () C:\Users\owner\Downloads\CP0468921932P-5.mp4.en.srt
2015-05-02 12:51 - 2015-05-02 12:51 - 00002422 _____ () C:\Users\owner\Downloads\CP0195338775P-1.mp4.en.srt
2015-05-02 00:08 - 2015-05-20 07:30 - 00000000 ____D () C:\Users\owner\Documents\Maggie Flanigan
2015-05-02 00:07 - 2015-05-16 11:00 - 00000000 ____D () C:\Users\owner\Documents\Rev.com
2015-05-01 22:25 - 2015-05-01 22:25 - 00602316 _____ () C:\Users\owner\Downloads\book_version_5.idml
2015-05-01 21:39 - 2015-05-01 21:39 - 00003608 _____ () C:\Users\owner\Downloads\CP0276004791P-1.mp4.en.srt
2015-05-01 19:44 - 2015-05-01 19:44 - 00001037 _____ () C:\Users\owner\Downloads\CP0522524429P-1.mp4.en.srt
2015-05-01 18:15 - 2015-05-01 18:15 - 00025925 _____ () C:\Users\owner\Downloads\CP0373945655P-1.mp4.en.srt
2015-05-01 10:57 - 2015-05-01 10:58 - 00000000 ____D () C:\Users\owner\Documents\EBT
2015-04-30 10:28 - 2015-05-06 22:36 - 00000000 ____D () C:\Users\owner\AppData\Local\{B3FB741E-67C1-4728-B326-5F4A3DA43664}
2015-04-29 11:03 - 2015-04-29 11:03 - 02359035 _____ () C:\Users\owner\Downloads\facebook-100001421505705.zip
2015-04-29 10:26 - 2015-04-29 22:26 - 00000000 ____D () C:\Users\owner\AppData\Local\{E06DFE62-A549-4783-AF6B-F0424B9647F8}
2015-04-29 00:38 - 2015-04-29 00:38 - 00006805 _____ () C:\Users\owner\Downloads\sample8.mp4.en.srt
2015-04-28 18:12 - 2015-04-28 18:12 - 00003608 _____ () C:\Users\owner\Downloads\sample7.mp4.en.srt
2015-04-26 13:12 - 2015-04-26 13:12 - 00002917 _____ () C:\Users\owner\Downloads\sample6.mp4.en.srt
2015-04-25 21:56 - 2015-04-28 22:26 - 00000000 ____D () C:\Users\owner\AppData\Local\{6D1CB3D2-9A48-41AE-9359-359CC7136941}
2015-04-23 22:30 - 2015-04-23 22:30 - 00000000 ____D () C:\Users\owner\AppData\Local\{4F1E2A43-4B07-4E19-9650-D955A02E5619}
2015-04-23 22:02 - 2015-04-23 23:21 - 01257449 _____ () C:\Users\owner\Downloads\HEADER-FOOTER Sugar and Tank.ai
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-23 10:06 - 2015-02-01 15:11 - 00031284 _____ () C:\Users\owner\Downloads\FRST.txt
2015-05-23 10:06 - 2015-02-01 15:10 - 00000000 ____D () C:\FRST
2015-05-23 09:31 - 2012-12-07 15:00 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA.job
2015-05-23 09:31 - 2012-04-02 10:08 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-23 09:31 - 2010-01-31 15:28 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-23 09:31 - 2009-07-14 00:51 - 00564680 _____ () C:\windows\setupact.log
2015-05-23 08:47 - 2009-10-07 22:10 - 01117620 _____ () C:\windows\WindowsUpdate.log
2015-05-23 08:32 - 2010-01-31 15:28 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-23 08:27 - 2013-05-14 13:47 - 00000000 ___RD () C:\Users\owner\Dropbox
2015-05-23 08:27 - 2013-05-14 13:30 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Dropbox
2015-05-23 08:25 - 2014-07-30 12:45 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-23 08:25 - 2010-03-15 09:45 - 00000000 ____D () C:\Users\owner\Tracing
2015-05-23 00:05 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-23 00:05 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 23:57 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\SysWOW64\logishrd
2015-05-22 23:57 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\system32\logishrd
2015-05-22 23:57 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-22 23:54 - 2014-07-30 12:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-22 23:54 - 2013-03-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2015-05-22 23:54 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-22 23:54 - 2012-05-05 16:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-22 23:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-22 23:53 - 2015-04-20 19:28 - 00000000 ____D () C:\Users\owner\Documents\Sew Caroline
2015-05-22 23:53 - 2015-04-06 06:20 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-05-22 23:53 - 2015-04-06 06:19 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-22 23:53 - 2015-03-12 22:03 - 00000000 ____D () C:\Users\owner\Documents\Melly Sews
2015-05-22 23:53 - 2015-02-05 10:24 - 00000000 ____D () C:\Users\owner\Downloads\FRST-OlderVersion
2015-05-22 23:53 - 2014-12-03 22:55 - 00000000 ____D () C:\Users\owner\Documents\Money Robbins email amazon_files
2015-05-22 23:53 - 2014-09-25 23:16 - 00000000 ____D () C:\Users\owner\Documents\Att troubleshoot chat 9.25.14_files
2015-05-22 23:53 - 2014-07-30 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-22 23:53 - 2014-04-13 11:29 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-05-22 23:53 - 2013-09-20 17:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Blackboard
2015-05-22 23:53 - 2013-05-14 13:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-22 23:53 - 2013-04-29 01:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koox System Optimizer
2015-05-22 23:53 - 2013-04-28 23:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Audacity
2015-05-22 23:53 - 2013-03-15 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-05-22 23:53 - 2013-03-13 15:06 - 00000000 ____D () C:\Users\owner\AppData\Local\Citrix
2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-22 23:53 - 2012-04-03 17:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-05-22 23:53 - 2011-11-16 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-22 23:53 - 2011-11-09 15:41 - 00000000 ____D () C:\Users\owner\AppData\Local\Akamai
2015-05-22 23:53 - 2011-06-15 09:34 - 00000000 ____D () C:\Users\owner\AppData\Local\Tific
2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp
2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Catalina Marketing Corp
2015-05-22 23:53 - 2011-04-19 09:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MAGIX
2015-05-22 23:53 - 2011-04-11 17:58 - 00000000 ____D () C:\Users\owner\Documents\Netflix Setup OrderFinal_files
2015-05-22 23:53 - 2011-04-08 11:47 - 00000000 ____D () C:\Users\owner\Documents\No Messages Screen Display for Jebaire Publishing_files
2015-05-22 23:53 - 2011-03-21 18:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-05-22 23:53 - 2011-01-12 15:32 - 00000000 ____D () C:\Users\owner\AppData\Roaming\FreeFileOpener
2015-05-22 23:53 - 2011-01-07 18:43 - 00000000 ____D () C:\Users\owner\Downloads\Basic Ebook info from IBPA_files
2015-05-22 23:53 - 2010-11-23 19:12 - 00000000 ____D () C:\Users\owner\Documents\Audible
2015-05-22 23:53 - 2010-06-25 15:10 - 00000000 ____D () C:\Users\owner\Documents\My eBooks
2015-05-22 23:53 - 2010-06-25 15:08 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobipocket.com
2015-05-22 23:53 - 2010-06-14 20:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
2015-05-22 23:53 - 2010-05-20 12:24 - 00000000 __RSD () C:\Users\owner\Documents\My Stationery
2015-05-22 23:53 - 2010-05-17 09:30 - 00000000 ____D () C:\Users\owner\Documents\Homeschool
2015-05-22 23:53 - 2010-05-11 13:24 - 00000000 ___SD () C:\Users\owner\Documents\My Data Sources
2015-05-22 23:53 - 2010-05-07 11:05 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Book Blocks
2015-05-22 23:53 - 2010-04-27 07:40 - 00000000 ____D () C:\windows\Minidump
2015-05-22 23:53 - 2010-04-02 21:24 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Manuscripts
2015-05-22 23:53 - 2010-03-18 12:42 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Skype
2015-05-22 23:53 - 2010-03-18 09:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barnes & Noble
2015-05-22 23:53 - 2010-03-08 15:51 - 00000000 ____D () C:\Users\owner\AppData\Local\Microsoft Help
2015-05-22 23:53 - 2010-02-24 17:15 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\WildTangent
2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Adobe
2015-05-22 23:53 - 2010-02-13 12:48 - 00000000 ____D () C:\Users\owner\AppData\Local\TOSHIBA
2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ____D () C:\Users\owner
2015-05-22 23:53 - 2009-10-07 22:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-22 23:53 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-22 23:53 - 2009-07-14 01:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RSD () C:\windows\Media
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\servicing
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\AppCompat
2015-05-22 23:52 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration
2015-05-22 13:28 - 2012-12-07 15:00 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core.job
2015-05-22 10:45 - 2010-04-27 07:40 - 401271285 _____ () C:\windows\MEMORY.DMP
2015-05-22 10:09 - 2009-07-14 01:08 - 00032584 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-05-22 07:41 - 2014-06-13 07:58 - 00000000 ____D () C:\Users\owner\AppData\Local\Adobe
2015-05-21 19:49 - 2011-03-28 21:58 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps
2015-05-20 17:38 - 2014-07-30 12:45 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-20 13:53 - 2013-09-12 20:41 - 00000000 ____D () C:\Users\owner\Documents\Clark Kids Stuff
2015-05-18 10:18 - 2014-11-27 14:02 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-18 09:43 - 2009-09-03 01:35 - 01370042 _____ () C:\windows\PFRO.log
2015-05-16 13:23 - 2012-12-07 15:00 - 00003878 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA
2015-05-16 13:23 - 2012-12-07 15:00 - 00003482 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core
2015-05-15 17:19 - 2010-01-31 15:28 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 17:19 - 2010-01-31 15:28 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 14:16 - 2012-04-02 10:08 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-15 14:16 - 2012-04-02 10:08 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-05-15 14:16 - 2011-06-08 01:53 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-15 06:55 - 2015-01-09 10:54 - 00003750 _____ () C:\windows\System32\Tasks\GyazoUpdateTaskMachine
2015-05-14 10:14 - 2009-07-14 01:13 - 00006416 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-14 10:06 - 2009-07-14 00:45 - 05120888 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-14 08:21 - 2013-07-15 14:49 - 00000000 ____D () C:\windows\system32\MRT
2015-05-14 07:54 - 2010-04-20 08:38 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 17:05 - 2015-04-10 23:50 - 00000000 ____D () C:\Users\owner\Documents\$$$$$
2015-05-12 13:34 - 2011-03-27 22:00 - 00000000 _____ () C:\windows\system32\Drivers\lvuvc.hs
2015-05-06 20:09 - 2013-04-16 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-06 18:58 - 2013-03-15 18:49 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Gyazo
2015-05-04 02:35 - 2014-02-08 20:43 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-01 20:41 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2015-04-23 22:01 - 2015-04-22 13:31 - 01276072 _____ () C:\Users\owner\Downloads\HEADER-FOOTER.ai
2015-04-23 15:46 - 2011-03-27 22:24 - 00000000 ____D () C:\Users\owner\Documents\SightSpeed Recordings
2015-04-23 10:14 - 2015-04-22 08:48 - 00000000 ____D () C:\Users\owner\AppData\Local\{B2B42623-43B5-4CC9-93C0-3C6BD8C00561}
 
==================== Files in the root of some directories =======
 
2010-02-24 21:56 - 2010-02-24 21:56 - 0000000 ____H () C:\Users\owner\AppData\Roaming\ActUpdate.log
2011-11-21 20:44 - 2011-11-21 20:44 - 0044912 _____ () C:\Users\owner\AppData\Roaming\UserTile.png
2010-03-31 21:16 - 2013-06-11 23:07 - 0000610 _____ () C:\Users\owner\AppData\Roaming\wklnhst.dat
2010-03-18 12:50 - 2010-03-18 12:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-02-24 21:56 - 2010-04-24 22:39 - 0000088 __RSH () C:\ProgramData\F3446BD02F.sys
2010-03-16 15:36 - 2010-03-31 15:46 - 0000609 _____ () C:\ProgramData\hpzinstall.log
2010-02-24 21:56 - 2011-09-21 21:52 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
 
Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprnkzxy.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 19:56
 
==================== End of log ============================
Link to post
Share on other sites

  • Root Admin

Hello - Let's see what's going on here and see if we can get you fixed up.

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

General P2P/Piracy Warning:
 
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.



 
Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)


 
STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.
 


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
 
 
 

Link to post
Share on other sites

Also, my husband's laptop is on the same wireless network and experiencing similar issues. I didn't notice until I began using his today after I couldn't use mine. We both get lots of "Warning: Unresponsive Script" messages that also cause our computer's to stall. Should I run the same scans on his laptop or start a new thread?

Link to post
Share on other sites

In STEP 01 for ERUNDT, when I click "Yes" to create the folder, I receive this message:

 

 
ERU for Windows NT says:
 
c:\windows\ERDNT\5-26-2015\ERDNT.INF
 
Registry backup will continue, but no restore information for the ERDNT program will be saved. This means that later restoration of the registry can only be done manually, by using another OS to copy back the files.
 
(***Before this forum I tried system restore a few times and it failed and deleted the requested restore date from the system.)
 
 
Please advise. 
Thank you.
Link to post
Share on other sites

  • Root Admin

Yes it will work on Windows 7 but ERUNT needs to be run with Admin rights. When run with just user rights you get this error. Please look in your Startup folder under your menu and delete the shortcut to ERUNT and that will stop that error.

If 2 different computers are experiencing similar issues on the same network it's possible that your router has been compromised. Please do a factory reset on the router. Then make sure you use a strong password for the admin account on the router. After the reset then restart both computers too and let me know the status after the reset.



Please reveiw the following website and read it before continuing and then do a Hard Reset back to Factory Defaults for your router.
This information is only for resetting the router DO NOT erase, install, or update the firmware, just reset your router to factory defaults.

Reset And Reboot

Hard reset or 30/30/30

Link to post
Share on other sites

I reset the router back to factory settings and restarted both computers. My computer still has a long shut down and very slow start up time and continues to freeze up.

 

When I tried to run ERUNT, I received this message:

 

Unable to create file:

C:\windows\ERDNT\5-29-2015\ERDNT.INF

 

Registry backup will continue, but no restore information

for the ERDNT program will be saved. This means that

later restoration of the registry can only be done manually,

by using another OS to copy back the files.

 

**I'm not sure if this is related, but as I mentioned previously, I haven't been able to do a standard system restore on my computer at all. My computer will list the restore points, I'll select one. The restore will fail, and the date I selected is always deleted.

Link to post
Share on other sites

  • Root Admin

I already explained your issue about ERUNT and how to stop/remove the shortcut. Let me have you run the following then and we'll see if we can get you fixed up.

 

Please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology


    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.4 (05.29.2015:1)
OS: Windows 7 Home Premium x64
Ran by owner on Sat 05/30/2015 at  7:19:10.65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_BFB1AAC9AD5759BCC5B883652DF33E69
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf
Successfully deleted: [File] C:\Users\owner\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\owner\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{04185D59-7E35-4C3A-B821-CD13C322A82D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0829BD6B-45DD-454A-95EA-45604BC7DCF1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{10A9ABFB-0A81-4279-9E6B-1C9D60AD98BC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{169FEC7C-5EF5-4C41-AAF7-9DC6D3DFC7FE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1D60784D-1D00-41AF-B120-EA7749A9C8A8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{205560D5-7DD6-4A0F-BCA1-F0A1B3EFF31E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{22A41300-35E5-487B-8823-281F556079C4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{298D69B6-A625-450D-B325-A5CDB0D5E67A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{299EC27F-68BF-4B2C-95E6-F618668E65F1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2E157B4C-A4CC-4402-9975-242314F5FDE5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{37349C58-5208-4655-9FB3-6B0B10CF9A72}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3BBF2B9B-2372-4329-9E01-9DB04C0D027A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3CB488FE-75A5-4C02-B89F-524CF72910F5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{462E082F-1254-4D2D-A886-010EA8DB0733}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{46B8A14D-671A-4A78-9F96-F3F80EE22699}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{48E726A5-1DA1-4BFB-8E8B-1D0E52D34381}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4CA661E7-61D6-4B7A-B0DB-A7E9C40DB899}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4F1E2A43-4B07-4E19-9650-D955A02E5619}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{51D9708C-24CD-4A03-A2E7-3C00E134E706}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{65B79364-EF6C-4597-B9AA-622BA49C9CAB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{667D5B1B-D05F-49F5-921A-021BB92188E7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6D1CB3D2-9A48-41AE-9359-359CC7136941}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{744003A2-1B19-4678-A842-7D43DD1F327A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7D727BDE-3141-4629-BED0-A8903E5C1E73}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{80453EC0-B099-4BE6-881C-CE582FFF6BD0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{80B1F209-AAD8-42B6-8F9B-6973CD78C67C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{85698EF4-DB7E-473E-AAAD-318035C26C39}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8A39516D-0346-4336-B18D-18A3072AA03D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8A396F1B-6401-49B4-BB12-7EEBD944417A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8E8B1288-5109-4099-B09A-76EFF8026958}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9594ED00-DE4A-4A9C-9233-CD53246E598D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{96BB7503-7B6B-493C-B4C0-5E633CA436FF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9732C701-072B-4040-A35A-38600DCBD89B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{97CA0FF4-2C4E-4805-8155-BB65ACF4CDDC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{98BC5B93-9F5D-408B-BD2A-D82C78C44BD8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{99041A79-FA86-4A10-8896-D07614B4F19B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9AC0D1A3-F505-45B0-B94C-965C0631CFC4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9D5DEC6D-FBCA-43E1-875F-995D0885F5D8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9FD7067A-A9E7-4077-8B84-21300907690B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9FDDAEE0-73B9-428E-A270-70C81EC14626}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AEFF0B5F-A87D-4FF7-9FBE-3B9DE03CBC71}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AF782E85-8730-4C8E-9393-F392552BE86B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B04C8801-B87E-4C60-8BDC-BDECE0D34D52}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B2B42623-43B5-4CC9-93C0-3C6BD8C00561}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B3707ED0-D3E5-4FA6-A6F5-16C1863081DE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B3FB741E-67C1-4728-B326-5F4A3DA43664}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B575FDC0-7005-46F1-9623-2EC4AE7E91E7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B5D3E6BD-D461-4408-9DA4-76E49A87D3E0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BA992444-2C60-477A-A06A-02BB763EB5C7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BB9DFBB0-3405-4639-8012-F66B80864F7F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C2BE6907-5A69-4482-AA4D-C5F29EF8D264}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C3C1D3E3-AFB1-47FF-B9F3-F23456414A5A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CB81E52B-88AD-4088-9A2F-AEDC01845A0A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D00E4723-85A8-4FA8-A62B-6894427973CA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D0FAD02E-BCD3-4A9E-805E-0AF2F321DEB3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D2A5FFDE-7AE8-4440-B963-13774E0C8FB1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D895FE49-A957-4D64-B1B2-D65835734E58}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E06DFE62-A549-4783-AF6B-F0424B9647F8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E2D80C22-D7D3-4CF8-BD17-C7B8597AE2B2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E68A59E4-9CEB-4560-A37C-18E552F8D2B3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EADCCBA7-89BB-4738-8DD4-5F460301D419}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ED4B4251-7353-4E74-8636-C97F0147863F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F4CBE290-16F8-4622-AD56-749D06D7EC21}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F765329B-8383-4E58-98DE-4278DD23303B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FD035B81-C34E-4DAB-A40C-A67DE2B27338}
Successfully deleted: [Folder] C:\ProgramData\esellerate
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\bz230fxo.default-1414070530532\minidumps [8 files]
 
 
 
~~~ Chrome
 
 
[C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/30/2015 at  7:27:37.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
----------------------------------------------------------------
# AdwCleaner v4.205 - Logfile created 30/05/2015 at 09:18:03
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : owner - HHGREGG-PC
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Folder Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
[/!\] Not Deleted ( Junction ) : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage
File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage-journal
File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage
File Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17801
 
 
-\\ Mozilla Firefox v38.0.1 (x86 en-US)
 
 
-\\ Google Chrome v43.0.2357.81
 
 
-\\ Chromium v
 
 
*************************
 
AdwCleaner[R0].txt - [1117 bytes] - [05/02/2015 11:31:51]
AdwCleaner[R1].txt - [1393 bytes] - [06/02/2015 06:53:21]
AdwCleaner[R2].txt - [2703 bytes] - [30/05/2015 07:39:12]
AdwCleaner[R3].txt - [2762 bytes] - [30/05/2015 09:05:05]
AdwCleaner[s0].txt - [1468 bytes] - [06/02/2015 06:57:59]
AdwCleaner[s1].txt - [2324 bytes] - [30/05/2015 09:18:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2383  bytes] ##########
 

 

----------------------------------

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/30/2015
Scan Time: 10:17:51 AM
Logfile: 
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.05.30.02
Rootkit Database: v2015.05.24.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: owner
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 450259
Time Elapsed: 1 hr, 9 min, 22 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Enabled
Heuristics: Disabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
--------------------------------
 
ESET Scanner (No Threats Found)
 
--------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by owner (administrator) on HHGREGG-PC on 30-05-2015 18:33:14
Running from C:\Users\owner\Downloads
Loaded Profiles: owner (Available Profiles: owner & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\rselect\RSelSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(NVIDIA Corporation) C:\Windows\System32\nvcplui.exe
(Farbar) C:\Users\owner\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-07-30] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-25] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [GoogleChromeAutoLaunch_BFB1AAC9AD5759BCC5B883652DF33E69] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3310603758-325049908-3132485941-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> {FFAD5398-51D1-4EAA-B3A1-03253AD44343} URL = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-24] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-24] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)
Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/63.17/uploader2.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2012-07-25] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-11-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @sony.com/eBookLibrary -> C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-12-25] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-11-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @citrixonline.com/appdetectorplugin -> C:\Users\owner\AppData\Local\Citrix\Plugins\94\npappdetector.dll [2013-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/O1DPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\owner\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-05-08] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-06-01] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll [2011-06-01] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Firebug - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\firebug@software.joehewitt.com.xpi [2015-04-10]
FF Extension: Pin It Button - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-11-19]
FF Extension: Evernote Web Clipper - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-04-08]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.0.0.48\coFFFw
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-24]
 
Chrome: 
=======
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Avast Online Security) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-25]
CHR Extension: (Pin It Button) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-29]
CHR Extension: (No Name) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2015-05-30]
CHR Extension: (Hangouts) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-01-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-24]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ACT! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [81920 2008-08-01] (Sage Software, Inc.) [File not signed]
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-11-01] (Adobe Systems) [File not signed]
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-24] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-24] (Avast Software s.r.o.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-07] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 MSSQL$ACT7; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-09-12] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2012-07-25] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)
S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-25] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-24] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-25] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-25] ()
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [21504 2010-06-24] (http://libusb-win32.sourceforge.net)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-30] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49696 2009-07-16] (O2Micro )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-30 18:31 - 2015-05-30 18:31 - 00013376 _____ () C:\Users\owner\Desktop\FRST64 (1).exe - Shortcut.lnk
2015-05-30 18:30 - 2015-05-30 18:30 - 02108928 _____ (Farbar) C:\Users\owner\Downloads\FRST64 (1).exe
2015-05-30 13:08 - 2015-05-30 13:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-30 13:06 - 2015-05-30 13:07 - 02347384 _____ (ESET) C:\Users\owner\Downloads\esetsmartinstaller_enu (2).exe
2015-05-30 07:32 - 2015-05-30 07:33 - 02223104 _____ () C:\Users\owner\Desktop\AdwCleaner.exe
2015-05-30 07:27 - 2015-05-30 07:27 - 00008708 _____ () C:\Users\owner\Desktop\JRT.txt
2015-05-30 07:19 - 2015-05-30 07:19 - 00000207 _____ () C:\windows\tweaking.com-regbackup-HHGREGG-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-30 07:19 - 2015-05-30 07:19 - 00000000 ____D () C:\RegBackup
2015-05-30 07:17 - 2015-05-30 07:17 - 00001151 _____ () C:\Users\owner\Desktop\JRT (1).exe - Shortcut.lnk
2015-05-30 07:15 - 2015-05-30 07:16 - 02948651 _____ (Thisisu) C:\Users\owner\Downloads\JRT (1).exe
2015-05-29 10:46 - 2015-05-29 10:48 - 03060320 ____N (Symantec Corporation) C:\Users\owner\Downloads\NPE (1).exe
2015-05-27 00:07 - 2015-05-27 00:07 - 00000017 _____ () C:\Users\owner\AppData\Local\resmon.resmoncfg
2015-05-26 07:41 - 2015-05-26 07:41 - 00000895 _____ () C:\Users\owner\Desktop\NTREGOPT.lnk
2015-05-26 07:41 - 2015-05-26 07:41 - 00000895 _____ () C:\Users\Guest\Desktop\NTREGOPT.lnk
2015-05-26 07:41 - 2015-05-26 07:41 - 00000876 _____ () C:\Users\owner\Desktop\ERUNT.lnk
2015-05-26 07:41 - 2015-05-26 07:41 - 00000876 _____ () C:\Users\Guest\Desktop\ERUNT.lnk
2015-05-26 07:40 - 2015-05-26 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2015-05-26 07:40 - 2015-05-26 07:41 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2015-05-26 07:34 - 2015-05-26 07:34 - 00791393 _____ (Lars Hederer ) C:\Users\owner\Downloads\erunt-setup.exe
2015-05-25 23:34 - 2015-05-29 16:41 - 00002040 _____ () C:\Users\owner\Desktop\Rkill.txt
2015-05-25 23:33 - 2015-05-25 23:33 - 00013325 _____ () C:\Users\owner\Desktop\rkill.exe - Shortcut.lnk
2015-05-25 23:32 - 2015-05-25 23:32 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\owner\Downloads\rkill.exe
2015-05-25 18:31 - 2015-05-25 18:31 - 02347384 _____ (ESET) C:\Users\owner\Downloads\esetsmartinstaller_enu (1).exe
2015-05-25 17:43 - 2015-05-25 21:47 - 00000000 ____D () C:\sfzone_profile
2015-05-25 00:11 - 2015-05-25 00:11 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVAST Software
2015-05-25 00:08 - 2015-05-25 00:08 - 00001993 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-25 00:08 - 2015-05-25 00:08 - 00001933 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-05-25 00:08 - 2015-05-25 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-25 00:05 - 2015-05-28 17:02 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-05-25 00:05 - 2015-05-25 00:01 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-05-25 00:04 - 2015-05-25 00:01 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-05-25 00:04 - 2015-05-25 00:01 - 00272248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-05-25 00:04 - 2015-05-25 00:01 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-05-25 00:04 - 2015-05-25 00:01 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-05-25 00:04 - 2015-05-25 00:01 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-05-25 00:04 - 2015-05-25 00:01 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-05-25 00:04 - 2015-05-24 23:59 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-05-25 00:04 - 2015-05-24 23:59 - 00028144 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswKbd.sys
2015-05-25 00:01 - 2015-05-25 00:01 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-05-24 23:59 - 2015-05-24 23:59 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-05-24 23:58 - 2015-05-24 23:58 - 00449896 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswNdisFlt.sys
2015-05-24 23:55 - 2015-05-24 23:55 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-24 23:52 - 2015-05-24 23:52 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-24 23:50 - 2015-05-24 23:51 - 00000000 ____D () C:\Users\owner\Documents\Security
2015-05-24 23:49 - 2015-05-24 23:49 - 00001390 _____ () C:\Users\owner\Downloads\avast_internet_security_setup_online.exe - Shortcut.lnk
2015-05-24 23:49 - 2015-05-24 23:49 - 00001390 _____ () C:\Users\owner\Desktop\avast_internet_security_setup_online.exe - Shortcut.lnk
2015-05-24 23:46 - 2015-05-24 23:47 - 05471128 _____ (Avast Software s.r.o.) C:\Users\owner\Downloads\avast_internet_security_setup_online.exe
2015-05-24 13:33 - 2015-05-24 13:34 - 00049232 _____ () C:\Users\owner\Desktop\sfcdetails.txt
2015-05-24 09:32 - 2015-02-24 04:17 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-05-23 10:53 - 2015-05-23 10:53 - 00127425 _____ () C:\Users\owner\Downloads\8EFB.tmp
2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (12)
2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (10)
2015-05-22 10:45 - 2015-05-22 10:46 - 00813408 _____ () C:\windows\Minidump\052215-23353-01.dmp
2015-05-18 16:43 - 2015-05-18 16:43 - 00002159 _____ () C:\Users\owner\Downloads\CP0007276395P-1.mp4.en.srt
2015-05-17 23:40 - 2015-05-17 23:40 - 00118735 _____ () C:\Users\owner\Downloads\CP0045898113P-1.mp4.en.srt
2015-05-16 22:14 - 2015-05-22 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-16 10:39 - 2015-05-22 18:33 - 00000000 ____D () C:\Users\owner\Documents\System Restore
2015-05-15 06:54 - 2015-05-22 23:53 - 00000000 ____D () C:\ProgramData\Gyazo
2015-05-15 06:54 - 2015-05-15 06:54 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-05-14 07:42 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 07:42 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:03 - 2015-05-13 16:03 - 00015981 _____ () C:\Users\owner\Downloads\CP0097179133P-1.mp4.en.srt
2015-05-13 09:10 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 09:10 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 09:10 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-13 09:10 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-13 09:10 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-13 09:10 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-13 09:10 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-13 09:10 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-13 09:10 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-13 09:10 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-13 09:10 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-13 09:10 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-13 09:10 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-13 09:10 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-13 09:10 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-13 09:10 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-13 09:10 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-13 09:10 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-13 09:10 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-13 09:10 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-13 09:10 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-13 09:10 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-13 09:10 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 09:10 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 09:10 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 09:10 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 09:10 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 09:10 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 09:10 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 09:10 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 09:10 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 09:10 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 09:10 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 09:10 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 09:10 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 09:10 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 09:10 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 09:10 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 09:10 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 09:10 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 09:10 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 09:10 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 09:10 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 09:10 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 09:10 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 09:10 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 09:10 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 09:10 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 09:10 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 09:10 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 09:10 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 09:10 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 09:10 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 09:10 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 09:10 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 09:10 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 09:10 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 09:10 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 09:10 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 09:10 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 09:10 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 09:10 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 09:10 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 09:10 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 09:10 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 09:10 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 09:10 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 09:10 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 09:10 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 09:10 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 09:10 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 09:10 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 09:10 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 09:10 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 09:10 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 09:10 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 09:10 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 09:10 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 09:10 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 09:10 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 09:10 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 09:10 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 09:10 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 09:10 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 09:10 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 09:10 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-13 09:10 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-13 09:10 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-13 09:10 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-13 09:10 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-13 09:10 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-13 09:10 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-13 09:09 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-13 09:09 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-13 09:09 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-13 09:09 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-13 09:09 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-13 09:09 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-13 09:09 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-13 09:09 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-13 09:09 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-13 09:09 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-13 09:09 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-13 09:09 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-13 09:09 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-13 09:09 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-13 09:09 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:09 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:09 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 09:09 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 09:09 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 09:09 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 09:08 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 09:08 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-13 09:08 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 09:08 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-13 09:08 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-13 09:08 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-13 09:08 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Zoom
2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2015-05-12 11:43 - 2015-05-12 11:43 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher (1).exe
2015-05-12 11:21 - 2015-05-12 11:21 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher.exe
2015-05-11 08:51 - 2015-05-11 08:51 - 01311683 _____ () C:\Users\owner\Downloads\Top-15-Ways-to-Make-Money-Online.zip
2015-05-10 20:40 - 2015-05-10 21:12 - 00000000 ____D () C:\Users\owner\Downloads\Dollarphotoclub_68098868
2015-05-10 20:34 - 2015-05-10 20:34 - 01046306 _____ () C:\Users\owner\Downloads\Dollarphotoclub_68098868.zip
2015-05-09 18:47 - 2015-05-09 18:47 - 00007148 _____ () C:\Users\owner\Downloads\CP0157666677P-75.mp4.en.srt
2015-05-09 15:28 - 2015-05-09 15:28 - 00008214 _____ () C:\Users\owner\Downloads\bloglovin_subscriptions.xml
2015-05-09 13:26 - 2015-05-09 13:26 - 00002204 _____ () C:\Users\owner\Downloads\CP0360643936P-19.mp4.en.srt
2015-05-08 19:48 - 2015-05-08 19:48 - 00002058 _____ () C:\Users\owner\Downloads\CP0535238036P-1.mp4.en.srt
2015-05-08 16:05 - 2015-05-08 16:05 - 00025117 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en (1).srt
2015-05-08 15:54 - 2015-05-08 15:54 - 00025057 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en.srt
2015-05-08 09:16 - 2015-05-08 09:17 - 00804872 _____ () C:\windows\Minidump\050815-23431-01.dmp
2015-05-07 21:30 - 2015-05-07 21:30 - 00002863 _____ () C:\Users\owner\Downloads\CP0076905481P-46.mp4.en.srt
2015-05-07 19:52 - 2015-05-07 19:52 - 00008271 _____ () C:\Users\owner\Downloads\CP0076905481P-78.mp4.en.srt
2015-05-07 10:20 - 2015-05-07 10:20 - 00812904 _____ () C:\windows\Minidump\050715-26925-01.dmp
2015-05-07 08:05 - 2015-05-07 08:05 - 00877032 _____ () C:\windows\Minidump\050715-33540-01.dmp
2015-05-06 16:39 - 2015-05-06 16:39 - 00003335 _____ () C:\Users\owner\Downloads\CP0023366857P-1.mp4.en.srt
2015-05-06 11:20 - 2015-05-06 11:20 - 00002437 _____ () C:\Users\owner\Downloads\CP0100254712P-33.mp4.en.srt
2015-05-05 20:58 - 2015-05-05 20:58 - 00006578 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en(1).srt
2015-05-05 20:39 - 2015-05-05 20:39 - 00006575 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en.srt
2015-05-05 15:05 - 2015-05-05 15:05 - 00003831 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en(1).srt
2015-05-05 14:55 - 2015-05-05 14:55 - 00003763 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en.srt
2015-05-05 12:30 - 2015-05-05 12:31 - 00003656 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en(1).srt
2015-05-05 12:23 - 2015-05-05 12:24 - 00003662 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en.srt
2015-05-05 02:26 - 2015-05-05 02:26 - 00024947 _____ () C:\Users\owner\Downloads\CP0168412542P-7.mp4.en.srt
2015-05-04 19:15 - 2015-05-04 19:15 - 00011853 _____ () C:\Users\owner\Downloads\CP0387660393P-1.mp4.en.srt
2015-05-04 10:35 - 2015-05-04 10:35 - 00000000 ____D () C:\Users\owner\Downloads\facebook-100001421505705
2015-05-04 10:25 - 2015-05-04 10:25 - 00001923 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en(1).srt
2015-05-04 10:22 - 2015-05-04 10:23 - 00001924 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en.srt
2015-05-04 02:38 - 2015-05-04 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-05-04 02:36 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\Program Files\iTunes
2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files\iPod
2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-04 02:21 - 2015-05-04 02:21 - 00002011 _____ () C:\Users\owner\Downloads\CP0100254712P-38.mp4.en.srt
2015-05-02 19:07 - 2015-05-02 19:08 - 00001426 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en(1).srt
2015-05-02 19:03 - 2015-05-02 19:03 - 00001423 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en.srt
2015-05-02 16:03 - 2015-05-02 16:03 - 00003891 _____ () C:\Users\owner\Downloads\CP0468921932P-2.mp4.en.srt
2015-05-02 14:23 - 2015-05-02 14:23 - 00004035 _____ () C:\Users\owner\Downloads\CP0468921932P-5.mp4.en.srt
2015-05-02 12:51 - 2015-05-02 12:51 - 00002422 _____ () C:\Users\owner\Downloads\CP0195338775P-1.mp4.en.srt
2015-05-02 00:08 - 2015-05-29 11:21 - 00000000 ____D () C:\Users\owner\Documents\Maggie Flanigan
2015-05-02 00:07 - 2015-05-16 11:00 - 00000000 ____D () C:\Users\owner\Documents\Rev.com
2015-05-01 22:25 - 2015-05-01 22:25 - 00602316 _____ () C:\Users\owner\Downloads\book_version_5.idml
2015-05-01 21:39 - 2015-05-01 21:39 - 00003608 _____ () C:\Users\owner\Downloads\CP0276004791P-1.mp4.en.srt
2015-05-01 19:44 - 2015-05-01 19:44 - 00001037 _____ () C:\Users\owner\Downloads\CP0522524429P-1.mp4.en.srt
2015-05-01 18:15 - 2015-05-01 18:15 - 00025925 _____ () C:\Users\owner\Downloads\CP0373945655P-1.mp4.en.srt
2015-05-01 10:57 - 2015-05-01 10:58 - 00000000 ____D () C:\Users\owner\Documents\EBT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-30 18:33 - 2015-02-01 15:11 - 00025938 _____ () C:\Users\owner\Downloads\FRST.txt
2015-05-30 18:33 - 2015-02-01 15:10 - 00000000 ____D () C:\FRST
2015-05-30 18:30 - 2012-04-02 10:08 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-30 18:28 - 2012-12-07 15:00 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA.job
2015-05-30 18:24 - 2010-01-31 15:28 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 17:24 - 2010-01-31 15:28 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 16:19 - 2009-07-14 00:51 - 00568712 _____ () C:\windows\setupact.log
2015-05-30 15:56 - 2009-10-07 22:10 - 01461095 _____ () C:\windows\WindowsUpdate.log
2015-05-30 13:31 - 2012-12-07 15:00 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core.job
2015-05-30 10:17 - 2014-07-30 12:45 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-30 09:31 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-30 09:31 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 09:22 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\SysWOW64\logishrd
2015-05-30 09:22 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\system32\logishrd
2015-05-30 09:22 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-30 09:18 - 2015-02-05 11:31 - 00000000 ____D () C:\AdwCleaner
2015-05-30 02:00 - 2014-06-13 07:58 - 00000000 ____D () C:\Users\owner\AppData\Local\Adobe
2015-05-29 21:07 - 2011-03-28 21:58 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps
2015-05-29 14:35 - 2011-06-08 16:37 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
2015-05-29 12:53 - 2009-09-02 22:14 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-28 16:59 - 2011-03-27 22:00 - 00000000 _____ () C:\windows\system32\Drivers\lvuvc.hs
2015-05-27 08:12 - 2012-09-24 22:33 - 00000000 ____D () C:\Program Files (x86)\Kobo
2015-05-25 21:57 - 2013-05-14 13:47 - 00000000 ___RD () C:\Users\owner\Dropbox
2015-05-25 21:57 - 2009-07-14 01:13 - 00006416 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-25 21:56 - 2013-05-14 13:30 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Dropbox
2015-05-25 21:53 - 2010-03-15 09:45 - 00000000 ____D () C:\Users\owner\Tracing
2015-05-25 18:14 - 2014-07-30 12:45 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-25 17:36 - 2009-09-03 01:35 - 01370832 _____ () C:\windows\PFRO.log
2015-05-23 17:33 - 2009-09-02 22:26 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2015-05-23 16:58 - 2009-09-02 22:26 - 00000000 ____D () C:\ProgramData\WildTangent
2015-05-23 16:58 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-22 23:54 - 2014-07-30 12:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-22 23:54 - 2013-03-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2015-05-22 23:54 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-22 23:54 - 2012-05-05 16:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-22 23:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-22 23:53 - 2015-04-20 19:28 - 00000000 ____D () C:\Users\owner\Documents\Sew Caroline
2015-05-22 23:53 - 2015-04-06 06:20 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-05-22 23:53 - 2015-04-06 06:19 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-22 23:53 - 2015-03-12 22:03 - 00000000 ____D () C:\Users\owner\Documents\Melly Sews
2015-05-22 23:53 - 2015-02-05 10:24 - 00000000 ____D () C:\Users\owner\Downloads\FRST-OlderVersion
2015-05-22 23:53 - 2014-12-03 22:55 - 00000000 ____D () C:\Users\owner\Documents\Money Robbins email amazon_files
2015-05-22 23:53 - 2014-09-25 23:16 - 00000000 ____D () C:\Users\owner\Documents\Att troubleshoot chat 9.25.14_files
2015-05-22 23:53 - 2014-07-30 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-22 23:53 - 2014-04-13 11:29 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-05-22 23:53 - 2013-09-20 17:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Blackboard
2015-05-22 23:53 - 2013-05-14 13:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-22 23:53 - 2013-04-29 01:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koox System Optimizer
2015-05-22 23:53 - 2013-04-28 23:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Audacity
2015-05-22 23:53 - 2013-03-15 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-05-22 23:53 - 2013-03-13 15:06 - 00000000 ____D () C:\Users\owner\AppData\Local\Citrix
2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-22 23:53 - 2012-04-03 17:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-05-22 23:53 - 2011-11-16 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-22 23:53 - 2011-11-09 15:41 - 00000000 ____D () C:\Users\owner\AppData\Local\Akamai
2015-05-22 23:53 - 2011-06-15 09:34 - 00000000 ____D () C:\Users\owner\AppData\Local\Tific
2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp
2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Catalina Marketing Corp
2015-05-22 23:53 - 2011-04-19 09:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MAGIX
2015-05-22 23:53 - 2011-04-11 17:58 - 00000000 ____D () C:\Users\owner\Documents\Netflix Setup OrderFinal_files
2015-05-22 23:53 - 2011-04-08 11:47 - 00000000 ____D () C:\Users\owner\Documents\No Messages Screen Display for Jebaire Publishing_files
2015-05-22 23:53 - 2011-03-21 18:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-05-22 23:53 - 2011-01-12 15:32 - 00000000 ____D () C:\Users\owner\AppData\Roaming\FreeFileOpener
2015-05-22 23:53 - 2011-01-07 18:43 - 00000000 ____D () C:\Users\owner\Downloads\Basic Ebook info from IBPA_files
2015-05-22 23:53 - 2010-11-23 19:12 - 00000000 ____D () C:\Users\owner\Documents\Audible
2015-05-22 23:53 - 2010-06-25 15:10 - 00000000 ____D () C:\Users\owner\Documents\My eBooks
2015-05-22 23:53 - 2010-06-25 15:08 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobipocket.com
2015-05-22 23:53 - 2010-06-14 20:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
2015-05-22 23:53 - 2010-05-20 12:24 - 00000000 __RSD () C:\Users\owner\Documents\My Stationery
2015-05-22 23:53 - 2010-05-17 09:30 - 00000000 ____D () C:\Users\owner\Documents\Homeschool
2015-05-22 23:53 - 2010-05-11 13:24 - 00000000 ___SD () C:\Users\owner\Documents\My Data Sources
2015-05-22 23:53 - 2010-05-07 11:05 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Book Blocks
2015-05-22 23:53 - 2010-04-27 07:40 - 00000000 ____D () C:\windows\Minidump
2015-05-22 23:53 - 2010-04-02 21:24 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Manuscripts
2015-05-22 23:53 - 2010-03-18 12:42 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Skype
2015-05-22 23:53 - 2010-03-18 09:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barnes & Noble
2015-05-22 23:53 - 2010-03-08 15:51 - 00000000 ____D () C:\Users\owner\AppData\Local\Microsoft Help
2015-05-22 23:53 - 2010-02-24 17:15 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\WildTangent
2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Adobe
2015-05-22 23:53 - 2010-02-13 12:48 - 00000000 ____D () C:\Users\owner\AppData\Local\TOSHIBA
2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ____D () C:\Users\owner
2015-05-22 23:53 - 2009-10-07 22:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-22 23:53 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-22 23:53 - 2009-07-14 01:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RSD () C:\windows\Media
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\servicing
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\AppCompat
2015-05-22 23:52 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration
2015-05-22 10:45 - 2010-04-27 07:40 - 401271285 _____ () C:\windows\MEMORY.DMP
2015-05-22 10:09 - 2009-07-14 01:08 - 00032584 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-05-20 17:38 - 2014-07-30 12:45 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-20 13:53 - 2013-09-12 20:41 - 00000000 ____D () C:\Users\owner\Documents\Clark Kids Stuff
2015-05-18 10:18 - 2014-11-27 14:02 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-16 13:23 - 2012-12-07 15:00 - 00003878 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA
2015-05-16 13:23 - 2012-12-07 15:00 - 00003482 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core
2015-05-15 17:19 - 2010-01-31 15:28 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 17:19 - 2010-01-31 15:28 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 14:16 - 2012-04-02 10:08 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-15 14:16 - 2012-04-02 10:08 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-05-15 14:16 - 2011-06-08 01:53 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-15 06:55 - 2015-01-09 10:54 - 00003750 _____ () C:\windows\System32\Tasks\GyazoUpdateTaskMachine
2015-05-14 10:06 - 2009-07-14 00:45 - 05120888 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-14 08:21 - 2013-07-15 14:49 - 00000000 ____D () C:\windows\system32\MRT
2015-05-14 07:54 - 2010-04-20 08:38 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 17:05 - 2015-04-10 23:50 - 00000000 ____D () C:\Users\owner\Documents\$$$$$
2015-05-06 20:09 - 2013-04-16 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-06 18:58 - 2013-03-15 18:49 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Gyazo
2015-05-04 02:35 - 2014-02-08 20:43 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-01 20:41 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
 
==================== Files in the root of some directories =======
 
2010-02-24 21:56 - 2010-02-24 21:56 - 0000000 ____H () C:\Users\owner\AppData\Roaming\ActUpdate.log
2011-11-21 20:44 - 2011-11-21 20:44 - 0044912 _____ () C:\Users\owner\AppData\Roaming\UserTile.png
2010-03-31 21:16 - 2013-06-11 23:07 - 0000610 _____ () C:\Users\owner\AppData\Roaming\wklnhst.dat
2015-05-27 00:07 - 2015-05-27 00:07 - 0000017 _____ () C:\Users\owner\AppData\Local\resmon.resmoncfg
2010-03-18 12:50 - 2010-03-18 12:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-02-24 21:56 - 2010-04-24 22:39 - 0000088 __RSH () C:\ProgramData\F3446BD02F.sys
2010-03-16 15:36 - 2010-03-31 15:46 - 0000609 _____ () C:\ProgramData\hpzinstall.log
2010-02-24 21:56 - 2011-09-21 21:52 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
 
Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcabfku.dll
C:\Users\owner\AppData\Local\Temp\Quarantine.exe
C:\Users\owner\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 19:56
 
==================== End of log ============================
Link to post
Share on other sites

Hi. My computer is still freezing up. I checked my Task Manager and it runs around CPU 83% and Memory 91% when it freezes up for about 15 minutes or so, and then drops back down to between 20-25% for both. There were some strange processes that I didn't recognize this morning when I checked. I remember one with a person's name in it, but when I went back in to make a note of them, they'd disappeared.) 

Link to post
Share on other sites

  • Root Admin

Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:


  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 
 

 

Next,

 

Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!


 

 

Link to post
Share on other sites


JavaRa 1.16 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Tue Jun 02 08:42:36 2015

 

Found and removed: Software\Classes\JavaPlugin.160_29Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}Found and removed: SOFTWARE\Classes\Installer\Features\F60730A4A66673047777F5728467D401Found and removed: SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\A5CCAAC40F5B69B47777ACF82566467CFound and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkitFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper ObjectsFound and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}Found and removed: SOFTWARE\JavaSoftFound and removed: SOFTWARE\JreMetrics------------------------------------Finished reporting.


-----------------------------------

 Results of screen317's Security Check version 1.002  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

avast! Antivirus   

 Antivirus up to date!   

`````````Anti-malware/Other Utilities Check:````````` 

 Adobe Flash Player 17.0.0.188  

 Adobe Reader XI  

 Mozilla Firefox (38.0.1) 

 Google Chrome (43.0.2357.65) 

 Google Chrome (43.0.2357.81) 

````````Process Check: objlist.exe by Laurent````````  

 Norton ccSvcHst.exe 

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamscheduler.exe   

 AVAST Software Avast AvastSvc.exe  

 AVAST Software Avast afwServ.exe  

 AVAST Software Avast avastui.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 0% 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

  • Root Admin

Please restart the computer 2 times. Then run a new FRST scan and make sure  you place a check mark in the Addition.txt check box and attach both new logs on your  next reply.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

  • Root Admin

Please read the following article concerning the use of MSCONFIG
Msconfig Is Not A Startup Manager
 

I would recommend you either uninstall items you don't use if possible.Please set MSCONFIG back to NORMAL and run the following

 

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

 

Link to post
Share on other sites

  • Root Admin

So is System Restore working now? Are you able to create a new System Restore Point ?

 

Don't think this will find anything but let me have you run it just in case.

 

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.



If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.
 
Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.