this is the FRST.txt file
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by cmany (administrator) on CHRISTINEPC on 02-07-2015 11:55:16
Running from C:\Users\cmany\Downloads
Loaded Profiles: cmany (Available Profiles: cmany & James & Ryan)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-14] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\Run: [Google Update] => C:\Users\cmany\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-24] (Google Inc.)
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\Run: [GoogleChromeAutoLaunch_EA2838D8254389E924E130677F9AAC40] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-19] (Google Inc.)
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\MountPoints2: {9424d55f-4cfb-11e4-bee9-a0481cbb707d} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\MountPoints2: {ab3d5966-1921-11e3-be74-a0481cbb707d} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\MountPoints2: {b3fd1c44-eb51-11e3-bec8-a0481cbb707d} - "G:\TL_Bootstrap.exe"
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\MountPoints2: {bec44947-cd99-11e4-bf2d-a0481cbb707d} - "H:\TLBootstrap_WPP.exe"
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\MountPoints2: {d1cdbc1f-7b51-11e4-bf04-a0481cbb707d} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\...\MountPoints2: {f66f3f5b-2531-11e3-be7a-a0481cbb707d} - "F:\TL_Bootstrap.exe"
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\GPhotos.scr
AppInit_DLLs-x32: c:\progra~3\{2027c~1\1172~1.1\cofo.dll => "c:\progra~3\{2027c~1\1172~1.1\cofo.dll" File not found
Startup: C:\Users\cmany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\cmany\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\cmany\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-07] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-2123845491-2313268984-385980148-1002] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-2123845491-2313268984-385980148-1002] => http=127.0.0.1:49573;https=127.0.0.1:49573
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
https://www.yahoo.com/?fr=hp-avast&type=agc511
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
https://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\Software\Microsoft\Internet Explorer\Main,Search Page =
https://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2123845491-2313268984-385980148-1002\Software\Microsoft\Internet Explorer\Main,Search Bar =
https://www.yahoo.com/?fr=hp-avast&type=agc511
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL =
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
https://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
https://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL =
https://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
https://mysearch.avg.com/search?cid...coid=avgtbavg&cmpid=0415tb&pr=fr&d=2014-11-11 09:49:52&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
http://nortonsafe.search.ask.com/we...&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-30] (Avast Software s.r.o.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-30] (Avast Software s.r.o.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-2123845491-2313268984-385980148-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-01-28] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 38.8.82.2
Tcpip\..\Interfaces\{406A6EC4-A42A-4564-810E-0501F8EED96A}: [DhcpNameServer] 192.168.0.1 216.165.129.158
Tcpip\..\Interfaces\{D6F62554-5838-4060-A29C-BAB1A8A22A6C}: [DhcpNameServer] 192.168.0.1 38.8.82.2
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\cmany\AppData\Roaming\Mozilla\Firefox\Profiles\achtc29s.default
FF DefaultSearchEngine: AVG Secure Search
FF DefaultSearchEngine.US: Google (avast)
FF DefaultSearchUrl:
https://search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: AVG Secure Search
FF Homepage:
www.google.com
FF Keyword.URL:
https://search.yahoo.com/yhs/search
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32:
@oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll [2013-09-10] ()
FF Plugin HKU\S-1-5-21-2123845491-2313268984-385980148-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\cmany\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2123845491-2313268984-385980148-1002: @talk.google.com/O1DPlugin -> C:\Users\cmany\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2123845491-2313268984-385980148-1002: @tools.google.com/Google Update;version=3 -> C:\Users\cmany\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2123845491-2313268984-385980148-1002: @tools.google.com/Google Update;version=9 -> C:\Users\cmany\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\cmany\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\cmany\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\cmany\AppData\Roaming\Mozilla\Firefox\Profiles\achtc29s.default\searchplugins\google-avast.xml [2014-12-17]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-05-05]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-17]
Chrome:
=======
CHR Profile: C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii [2015-01-02]
CHR Extension: (Google Docs) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-09]
CHR Extension: (Google Drive) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-09]
CHR Extension: (YouTube) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-09]
CHR Extension: (AVG Secure Search) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-07-01]
CHR Extension: (Google Search) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-09]
CHR Extension: (Norton Identity Safe) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]
CHR Extension: (Water's Valley) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpodmbdlgmgffpgbennemfkjhhaocfl [2015-06-12]
CHR Extension: (Google Wallet) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]
CHR Extension: (Gmail) - C:\Users\cmany\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-09]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] -
https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] -
https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-13] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-07] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-14] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-09-25] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\cmany\AppData\Local\Temp\7zS2264\hpslpsvc64.dll [X]
S2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe /service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-07] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-14] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-07] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-14] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-29] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-07] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-09-25] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-12-10] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-02 11:55 - 2015-07-02 11:56 - 00024751 _____ C:\Users\cmany\Downloads\FRST.txt
2015-07-02 11:55 - 2015-07-02 11:55 - 00000000 ____D C:\FRST
2015-07-02 11:54 - 2015-07-02 11:54 - 02112512 _____ (Farbar) C:\Users\cmany\Downloads\FRST64.exe
2015-07-02 11:53 - 2015-07-02 11:53 - 01636352 _____ (Farbar) C:\Users\cmany\Downloads\FRST.exe
2015-07-02 10:01 - 2015-07-02 11:15 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-02 10:01 - 2015-07-02 10:04 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-02 10:01 - 2015-07-02 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-02 10:01 - 2015-07-02 10:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-02 10:01 - 2015-07-02 10:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-02 10:01 - 2015-06-18 09:48 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-07-02 10:01 - 2015-06-18 09:47 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-02 10:01 - 2015-06-18 09:47 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-02 09:59 - 2015-07-02 10:00 - 21545336 _____ (Malwarebytes Corporation ) C:\Users\cmany\Downloads\mbam-setup-sem-2.1.6.1022.exe
2015-07-02 09:46 - 2015-07-02 09:47 - 00002378 _____ C:\WINDOWS\SysWOW64\OSSService.log
2015-07-01 22:01 - 2015-07-01 22:01 - 00004470 _____ C:\WINDOWS\System32\Tasks\Validate Installation
2015-07-01 22:01 - 2015-07-01 22:01 - 00000064 _____ C:\Users\cmany\AppData\Local\af1f5a3da4d5606dd5071fdc7d1524c3
2015-06-30 15:14 - 2015-07-02 11:28 - 00001467 _____ C:\Users\cmany\Downloads\farbar-recovery-scan-tool (1).website
2015-06-30 15:13 - 2015-06-30 15:14 - 00001467 _____ C:\Users\cmany\Downloads\farbar-recovery-scan-tool.website
2015-06-29 13:19 - 2015-06-29 13:19 - 00010655 _____ C:\Users\cmany\Downloads\cutstackinv2080.odt
2015-06-25 13:15 - 2015-06-25 13:41 - 00000000 ____D C:\Users\cmany\Downloads\sigils
2015-06-25 12:50 - 2015-06-25 12:53 - 00000000 ____D C:\Users\cmany\AppData\Local\Adobe
2015-06-17 10:25 - 2015-06-17 10:25 - 10431106 _____ C:\Users\cmany\Downloads\0617150945.mp4
2015-06-17 08:31 - 2015-06-29 14:31 - 00003170 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForcmany
2015-06-11 18:42 - 2015-06-11 18:42 - 00000000 ____D C:\Users\James\AppData\Local\GWX
2015-06-10 21:19 - 2015-06-10 21:19 - 00000000 ____D C:\ProgramData\2719f1ab00007943
2015-06-10 21:01 - 2015-06-10 21:01 - 00000000 ____D C:\Users\cmany\AppData\Local\GWX
2015-06-10 15:04 - 2015-06-10 15:04 - 00000044 _____ C:\Users\cmany\AppData\Roaming\WB.CFG
2015-06-10 11:52 - 2015-05-22 07:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 11:52 - 2015-05-21 07:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 11:52 - 2015-05-21 07:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 11:52 - 2015-05-21 07:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 11:52 - 2015-05-21 07:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 11:52 - 2015-05-21 07:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 11:52 - 2015-05-21 07:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 11:52 - 2015-04-16 16:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 11:51 - 2015-05-21 10:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 11:33 - 2015-05-27 08:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 11:29 - 2015-05-27 08:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 11:25 - 2015-05-22 12:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 11:23 - 2015-05-22 11:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 11:22 - 2015-05-22 20:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 11:20 - 2015-05-22 20:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 11:19 - 2015-05-22 11:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 11:16 - 2015-05-22 21:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 11:16 - 2015-05-22 21:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 11:16 - 2015-05-22 21:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 11:16 - 2015-05-22 21:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 11:16 - 2015-05-22 21:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 11:16 - 2015-05-22 20:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 11:16 - 2015-05-22 20:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 11:16 - 2015-05-22 20:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 11:16 - 2015-05-22 20:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 11:16 - 2015-05-22 20:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 11:16 - 2015-05-22 20:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 11:16 - 2015-05-22 20:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 11:16 - 2015-05-22 20:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 11:16 - 2015-05-22 20:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 11:16 - 2015-05-22 20:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 11:16 - 2015-05-22 20:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 11:16 - 2015-05-22 13:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 11:16 - 2015-05-22 13:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 11:16 - 2015-05-22 13:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 11:16 - 2015-05-22 12:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 11:16 - 2015-05-22 12:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 11:16 - 2015-05-22 12:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 11:16 - 2015-05-22 12:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 11:16 - 2015-05-22 12:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 11:16 - 2015-05-22 12:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 11:16 - 2015-05-22 12:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 11:16 - 2015-05-22 12:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 11:16 - 2015-05-22 12:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 11:16 - 2015-05-22 12:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 11:16 - 2015-05-22 12:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 11:16 - 2015-05-22 11:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 11:16 - 2015-05-22 11:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 11:16 - 2015-05-22 11:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 11:13 - 2015-04-08 16:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 11:08 - 2015-03-19 21:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 11:08 - 2015-03-19 21:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 11:08 - 2015-03-19 20:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 11:08 - 2015-03-19 20:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 11:08 - 2015-03-01 19:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 11:08 - 2015-03-01 19:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 11:07 - 2015-05-25 07:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 11:07 - 2015-05-25 07:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 11:07 - 2015-04-08 16:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 11:06 - 2015-04-01 16:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 11:06 - 2015-04-01 16:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 11:01 - 2015-04-13 16:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 11:01 - 2015-04-13 16:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 11:00 - 2015-04-09 18:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 11:00 - 2015-04-09 18:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 10:59 - 2015-04-24 20:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 10:59 - 2015-04-24 20:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 10:59 - 2015-04-16 00:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 10:58 - 2015-03-31 22:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 10:58 - 2015-03-31 22:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 10:58 - 2015-03-31 22:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 10:58 - 2015-03-31 22:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 10:58 - 2015-03-31 21:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 10:58 - 2015-03-31 21:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 10:58 - 2015-03-31 21:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 10:58 - 2015-03-31 20:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 10:58 - 2015-03-31 20:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 10:58 - 2015-03-31 20:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 10:58 - 2015-03-31 20:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 10:58 - 2015-03-31 20:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 10:58 - 2015-03-31 20:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-05 16:09 - 2015-06-10 21:25 - 00000000 ____D C:\Users\cmany\AppData\Local\Chromium
2015-06-05 15:48 - 2015-06-05 15:48 - 00005106 _____ C:\Users\cmany\Downloads\blank.mp4
2015-06-05 15:41 - 2015-06-05 15:41 - 02621645 _____ C:\Users\cmany\Downloads\skateboard.dcr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-02 11:54 - 2014-01-31 15:36 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2123845491-2313268984-385980148-1007UA.job
2015-07-02 11:53 - 2014-09-06 04:51 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-02 11:27 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-02 11:24 - 2013-09-09 03:45 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2123845491-2313268984-385980148-1002
2015-07-02 11:20 - 2013-09-09 03:45 - 00000000 ____D C:\Users\cmany\Documents\Youcam
2015-07-02 11:19 - 2014-04-16 09:11 - 00000000 __RDO C:\Users\cmany\SkyDrive
2015-07-02 11:16 - 2013-09-09 20:56 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-02 11:14 - 2014-12-04 21:51 - 00075386 _____ C:\WINDOWS\setupact.log
2015-07-02 11:14 - 2013-09-29 21:55 - 01132786 _____ C:\WINDOWS\PFRO.log
2015-07-02 11:14 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-02 11:13 - 2013-11-02 16:08 - 01906679 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-02 11:13 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Registration
2015-07-02 11:13 - 2013-08-22 07:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-07-02 11:03 - 2013-09-09 20:56 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-02 11:00 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-02 10:00 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-02 09:47 - 2014-12-17 00:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-01 21:42 - 2013-09-09 03:39 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1967B75C-7D90-4971-A351-A41F4FD8FAE1}
2015-06-30 15:06 - 2013-11-04 19:58 - 03246080 ___SH C:\Users\cmany\Downloads\Thumbs.db
2015-06-30 14:29 - 2013-09-24 13:23 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-06-30 06:15 - 2014-01-19 10:20 - 00743424 ___SH C:\Users\cmany\Desktop\Thumbs.db
2015-06-29 14:58 - 2014-12-17 00:16 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-29 14:31 - 2014-03-21 05:45 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForcmany.job
2015-06-25 22:25 - 2014-09-12 22:15 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2123845491-2313268984-385980148-1002Core.job
2015-06-25 22:25 - 2013-11-02 15:46 - 00000000 ____D C:\Users\cmany
2015-06-25 21:12 - 2013-11-04 07:15 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2123845491-2313268984-385980148-1004
2015-06-25 18:57 - 2013-11-04 07:12 - 00000000 ___DO C:\Users\James\SkyDrive
2015-06-25 16:54 - 2014-01-31 15:36 - 00000876 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2123845491-2313268984-385980148-1007Core.job
2015-06-25 14:03 - 2012-07-26 01:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-25 12:53 - 2014-09-06 04:51 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-25 12:43 - 2014-04-28 20:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-25 05:32 - 2015-04-26 07:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-22 23:29 - 2014-10-19 12:58 - 00000000 ____D C:\Users\cmany\AppData\Local\CrashDumps
2015-06-22 12:13 - 2013-09-09 20:58 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-20 11:49 - 2014-04-28 20:15 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-20 11:49 - 2014-04-28 20:15 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-20 08:37 - 2015-03-21 18:17 - 00095744 ___SH C:\Users\James\Downloads\Thumbs.db
2015-06-20 08:28 - 2015-03-23 20:36 - 00000000 ____D C:\Users\James\AppData\Local\CrashDumps
2015-06-20 07:17 - 2013-11-04 07:04 - 00000000 ____D C:\Users\James
2015-06-19 21:02 - 2015-05-14 16:55 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-19 21:02 - 2015-05-14 16:55 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-15 08:55 - 2013-09-29 22:04 - 00956540 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-12 12:14 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-12 10:21 - 2014-09-09 21:34 - 00000000 ____D C:\Temp
2015-06-11 10:02 - 2013-09-09 03:35 - 00000000 ____D C:\Users\cmany\AppData\Local\Packages
2015-06-10 21:08 - 2014-11-13 21:01 - 00000000 __SHD C:\Users\cmany\AppData\Local\EmieBrowserModeList
2015-06-10 21:08 - 2014-04-28 20:04 - 00000000 __SHD C:\Users\cmany\AppData\Local\EmieUserList
2015-06-10 21:08 - 2014-04-28 20:04 - 00000000 __SHD C:\Users\cmany\AppData\Local\EmieSiteList
2015-06-10 20:58 - 2013-08-22 08:44 - 00337976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 20:52 - 2015-04-21 20:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 20:52 - 2015-03-15 19:46 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 20:52 - 2013-08-22 09:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 20:52 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 14:05 - 2013-09-10 20:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 13:15 - 2013-09-10 20:44 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-06 10:09 - 2014-03-28 11:40 - 00002058 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-06-06 10:09 - 2014-03-28 11:40 - 00002056 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-06-06 10:09 - 2014-03-28 11:40 - 00002046 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-06-06 10:09 - 2014-03-28 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-05 16:01 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Resources
==================== Files in the root of some directories =======
2015-06-10 15:04 - 2015-06-10 15:04 - 0000044 _____ () C:\Users\cmany\AppData\Roaming\WB.CFG
2015-07-01 22:01 - 2015-07-01 22:01 - 0000064 _____ () C:\Users\cmany\AppData\Local\af1f5a3da4d5606dd5071fdc7d1524c3
2014-12-20 10:48 - 2015-03-18 18:00 - 0006656 _____ () C:\Users\cmany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 20:51 - 2014-11-22 20:51 - 0006529 _____ () C:\Users\cmany\AppData\Local\recently-used.xbel
2013-12-20 09:07 - 2015-05-14 21:31 - 0007604 _____ () C:\Users\cmany\AppData\Local\resmon.resmoncfg
2015-05-14 14:31 - 2015-02-03 13:49 - 0010240 _____ () C:\Users\cmany\AppData\Local\Z@!-7a1c0819-3e31-4117-a430-a8a830bf4d60.tmp
2015-05-14 14:31 - 2015-02-03 13:49 - 0009216 _____ () C:\Users\cmany\AppData\Local\Z@S!-3674060f-0321-47fa-9f0d-2b98cd6858c1.tmp
Some files in TEMP:
====================
C:\Users\cmany\AppData\Local\Temp\1435810342512_farbar-recovery-scan-tool.exe
C:\Users\cmany\AppData\Local\Temp\1435810539187_farbar-recovery-scan-tool.exe
C:\Users\cmany\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcpfxj2.dll
C:\Users\cmany\AppData\Local\Temp\farbar-recovery-scan-tool.exe
C:\Users\cmany\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\cmany\AppData\Local\Temp\optprosetup.exe
C:\Users\cmany\AppData\Local\Temp\{0513E177-9AD2-4DB6-9C83-4AF2D28870BD}-43.0.2357.65_chrome_installer.exe
C:\Users\cmany\AppData\Local\Temp\{4C432EF5-1214-4F4D-BAE5-960A6B0E9FAF}-42.0.2311.152_chrome_installer.exe
C:\Users\Ryan\AppData\Local\Temp\COMAP.EXE
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-01 23:01
==================== End of log ============================