Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GetSearch Malware Problem


  • This topic is locked This topic is locked
28 replies to this topic

#1 Leannachouir7

Leannachouir7

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 04:55 AM

I've found GetSearch on my laptop and it keeps adding more and more malware and spyware onto my laptop, I've tried removing it with MalwareBytes and Norton but they both don't detect it. I can't change my search engine from http://gotut.ru/?from=im3sng because it says that it's set by the Administrator but there is only one profile on my Laptop. I've had it for 1 day, My laptop's performance is decreasing and I can't do much about it anymore.



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:02 PM

Posted 19 September 2015 - 05:18 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 Leannachouir7

Leannachouir7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 06:03 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Jake (2015-09-19 11:51:07)
Running from C:\Users\Jake\Downloads
Windows 10 Pro (X64) (2015-08-01 21:01:49)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-446222923-3578191987-212603048-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-446222923-3578191987-212603048-503 - Limited - Disabled)
Guest (S-1-5-21-446222923-3578191987-212603048-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-446222923-3578191987-212603048-1002 - Limited - Enabled)
Jake (S-1-5-21-446222923-3578191987-212603048-1000 - Administrator - Enabled) => C:\Users\Jake
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
> Chrome Search (HKLM-x32\...\{2AEF02C3-5159-4C81-A688-8D954F0DEE56}_NewSearch) (Version:  - )
Action Replay DSi Code Manager (HKLM-x32\...\Action Replay DSi Code Manager_is1) (Version:  - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Alcor Micro PCIE Card Reader (HKLM-x32\...\AmPeStor) (Version: 2.8.1203.0118 - Alcor Micro Corp.)
Alcor Micro PCIE Card Reader (x32 Version: 2.8.1203.0118 - Alcor Micro Corp.) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS FingerPrint (HKLM-x32\...\{420350FC-88BE-49B1-9AF1-6DC11A4F0EEF}) (Version: 1.1.17 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ASUSPRO Business Center (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel® Corporation)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Auto Clicker v1.9 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.9 - MurGee.com)
Battle Islands (HKLM-x32\...\Steam App 305260) (Version:  - DR Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
DS-MP3 Source 1.30 (HKLM-x32\...\DS-MP3 Source) (Version:  - )
eFix Pro (HKLM\...\eFix Pro) (Version: 1.8.1.1 - Reimage)
Esenthel Engine (HKLM-x32\...\Steam App 366530) (Version:  - Grzegorz Slazinski)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version:  - RobTop Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GROOVE 5.6.3 Pro Edition (HKLM\...\{21D8E7FE-7FE7-46B3-B578-22E1ABC5E407}) (Version: 5.6.3 - Gemini)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Horizon v2.8.6.2 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.8.6.2 - Daring Development Inc.)
Icecream Screen Recorder version 2.26 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 2.26 - Icecream Apps)
iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.95.2610.819 - )
IMVU Avatar Chat Software (HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\IMVU Avatar chat client software BETA) (Version:  - )
IMVU Avatar Chat Software (HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\IMVU Avatar chat client software BETA) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel® Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® WiDi (HKLM\...\{E5FBF024-1ED3-448E-86A0-8681D043E7D1}) (Version: 4.2.28.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6e8d4676-a513-4f5b-9b52-6deb7bdc94f0}) (Version: 16.8.0 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
La Tale (HKLM-x32\...\Steam App 264360) (Version:  - Actoz Soft)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.385 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.4.29.10845) (Version: 1.4.29.10845 - MediaFire)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 40.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-GB)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\MyComGames) (Version: 3.140 - My.com B.V.)
My.com Game Center (HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyComGames) (Version: 3.140 - My.com B.V.)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
Opera Stable 31.0.1889.241 (HKLM-x32\...\Opera 31.0.1889.241) (Version: 31.0.1889.241 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.58.0 - Overwolf Ltd.)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Pixelmon Launcher (HKLM-x32\...\Pixelmon Launcher 1.1.31) (Version: 1.1.31 - Ikara Software Limited)
Pixelmon Launcher (x32 Version: 1.1.31 - Ikara Software Limited) Hidden
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Player for Jake (HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Player for Jake (HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RodiniaWar (HKLM-x32\...\RodiniaWar) (Version: 1.0 - OnsOn, Inc.)
skyforge_mycom (HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\skyforge_mycom) (Version: 1.30 - My.com B.V.)
skyforge_mycom (HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\skyforge_mycom) (Version: 1.30 - My.com B.V.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
Spotify (HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.07.0051 - ST Microelectronics)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.27 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales Runner (HKLM-x32\...\Steam App 328060) (Version:  - Rhaon Entertainment)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Torrentex version 0.1.4 (HKLM-x32\...\{B36CE58D-F635-4F82-97EE-BC6DE158BC6E}_is1) (Version: 0.1.4 - Torrentex Inc.)
Town of Salem (HKLM-x32\...\Steam App 334230) (Version:  - BlankMediaGames)
Unity Web Player (HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.11 - NCH Software)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.45 - ASUS)
Wooxy version 1.0.1.1 (HKLM-x32\...\{4096013E-16CD-4165-9AD9-535C61E833DC}_is1) (Version: 1.0.1.1 - Chewy)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-446222923-3578191987-212603048-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-446222923-3578191987-212603048-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01CEAF64-CE8A-48A2-8A5B-83A290ABEBCB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {03B17014-F1E9-476E-867F-7160AF5E5EA6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0BCB416E-B885-4DFC-B6C8-7453C575E3E3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {1B22D1AF-C381-4BC3-ACA7-42D2FA9E8FDA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {22B318A9-8D3F-4A9D-A6E1-E55EA16AB663} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {2C97B89E-D8AA-4F92-BBF9-70770CEA060E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {2E0C6512-B7A4-46F6-AD56-D5623EE1F970} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION
Task: {31AAA048-2E30-4497-A93F-DE29F827502C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {34ED713E-4B1E-4233-9B47-3F45FEB753E6} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe <==== ATTENTION
Task: {3664C281-9421-46F7-A003-C50E107968B8} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-09-18] ()
Task: {377280C1-D595-41C0-A083-A0E9ED3A3B17} - \LaunchPreSignup -> No File <==== ATTENTION
Task: {39AD0CAD-1C25-49A5-A22A-B135296FAF55} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-07-19] (Overwolf LTD)
Task: {3A54219F-8ABA-465D-B7E6-D0EF6828213A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {46304F16-3E82-4495-BBC4-75234351B82C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31] (Google Inc.)
Task: {47F5F408-D05B-4E4B-AF1C-5AB06B56B85C} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {4BDFCE52-C808-4737-986D-9ECD1E8AC559} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {4EFF8CFE-CE5E-4FB8-B6E9-1B3E2DF2C14A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-09-18] ()
Task: {51627D6F-D563-4AC7-8626-0675945F03CA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {56EA85B9-7745-4750-9E9C-01B51967259F} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {5714D371-1AB7-446D-B2C5-0F179C2CC967} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5E3FC17D-9B3C-488B-9F88-8EB6DF81369F} - System32\Tasks\Opera scheduled Autoupdate 1442003632 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-09] (Opera Software)
Task: {615DE480-C4CD-4008-9A56-09BC9F351C25} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {63BDF379-C62A-4084-8E4A-80EE3726A577} - System32\Tasks\Reimage Reminder => C:\Program Files\eFix\eFix Pro\eFixReminder.exe <==== ATTENTION
Task: {65CF6288-93DD-4C8C-A284-2F333ADEB206} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {68F9F990-E572-4696-A61F-BFD0E72006CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {69028242-4553-4697-865C-485991498988} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {6F8B8E87-2635-48D5-9A39-D3564E46D292} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {72E77CEC-9110-4301-8A85-6A0D493739E2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {77657F50-9813-4BB8-B5E8-C93C318A553D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {84A7A949-4BE4-454A-9C40-C3ADFCA7264B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8C20687D-61E7-4EC4-A2C5-E7200EF9B937} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {95130C98-AD4D-46C0-A7EB-B0994F92C133} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {95FE939A-B728-4DF3-BD1A-D255CBC61618} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {961D0F34-DF08-452C-8C80-73FD040394B7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {9658BE77-80CF-438B-A4C5-873D5A5848B7} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-03-11] ()
Task: {96AEE1F3-F50B-48BF-9892-9D08E9C1483B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {98D803DB-2ECE-46D3-8080-1EFEF05A627F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {AC155BD6-A2EE-4254-AEC0-7FD9CEE82ECA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B20696DD-29E5-486C-B844-D3234E69809E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B319FE70-C7A7-4F0C-B693-F84015D8B1F1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B336544B-958F-4628-B83F-590D1D00F1C0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {B57426F2-485F-435E-8CD1-05D7E0ECD3B5} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {B76C2CB5-FACD-41A4-BD9F-9D3AD1D0D5FE} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {B8C8E244-7EA3-49CB-A5CC-8CA18210379E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BEE14C65-85F4-4203-85FF-9A84DBEE63BF} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION
Task: {C00F26B8-9C65-489D-8A0B-8027354EFFE5} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {C06D00A4-662F-4CC1-BDC9-A324694B47AD} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C86B3E00-646B-4D71-B2F8-71239EE133EC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CA5443C1-02D8-4298-9BF9-B4ABDFE6B61F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {D12DC529-B853-418C-8FBE-BDDC62AFDB36} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D2A5A1FB-0557-4135-ADBB-DE71848BFB58} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D7C1F5F3-A930-40A1-B05D-7C879CC4810E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E071BF0E-963D-4EFA-9102-4E6F3782375B} - System32\Tasks\THWWXCGU => C:\ProgramData\78cd8f3aba2f4344a6cb8054ab434371\78cd8f3aba2f4344a6cb8054ab434371.exe <==== ATTENTION
Task: {EA9B5F66-41C7-4141-98B4-AED4978ACDEF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {EB3ADCB7-CC03-4EB8-997F-348D56D6B64C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31] (Google Inc.)
Task: {EC67A830-CA5B-4337-86B2-356BB5BC05C7} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2014-03-18] (ASUSTek Computer Inc.)
Task: {F1551BAF-B41B-4593-8CE1-B52BC085695E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F90BE5A6-9BB2-4B28-8A55-DE034478D654} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {F9EAD1BE-75B3-4774-9946-095A0C641FDD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {FE4C64BD-3C2C-4227-AC5D-0420975C5C6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-01 21:11 - 2015-08-01 21:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-05 13:45 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-04-23 10:17 - 2013-01-08 11:34 - 00224680 ____N () c:\preload64\patch\AsusService.exe
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-10 16:21 - 2015-04-23 14:47 - 00456176 _____ () C:\Users\Jake\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2015-08-19 09:56 - 2015-08-19 09:56 - 06908904 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-09-05 13:45 - 2015-08-18 08:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-05 13:45 - 2015-08-18 08:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-07-10 11:59 - 2015-07-10 11:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-03-07 20:14 - 2012-03-09 22:51 - 00243200 _____ () C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_DT.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-09-19 10:13 - 2015-09-19 10:13 - 00310272 _____ () C:\Users\Jake\AppData\Roaming\.minecraft\versions\1.8-Forge11.14.3.1450\1.8-Forge11.14.3.1450-natives-11301243750072\lwjgl64.dll
2015-09-19 10:13 - 2015-09-19 10:13 - 00653832 _____ () C:\Users\Jake\AppData\Roaming\.minecraft\versions\1.8-Forge11.14.3.1450\1.8-Forge11.14.3.1450-natives-11301243750072\avutil-ttv-51.dll
2015-09-19 10:13 - 2015-09-19 10:13 - 00361103 _____ () C:\Users\Jake\AppData\Roaming\.minecraft\versions\1.8-Forge11.14.3.1450\1.8-Forge11.14.3.1450-natives-11301243750072\swresample-ttv-0.dll
2015-09-19 10:13 - 2015-09-19 10:13 - 00688161 _____ () C:\Users\Jake\AppData\Roaming\.minecraft\versions\1.8-Forge11.14.3.1450\1.8-Forge11.14.3.1450-natives-11301243750072\libmp3lame-ttv.dll
2015-09-19 10:13 - 2015-09-19 10:13 - 01384960 _____ () C:\Users\Jake\AppData\Roaming\.minecraft\versions\1.8-Forge11.14.3.1450\1.8-Forge11.14.3.1450-natives-11301243750072\twitchsdk.dll
2015-09-19 10:13 - 2015-09-19 10:13 - 00382464 _____ () C:\Users\Jake\AppData\Roaming\.minecraft\versions\1.8-Forge11.14.3.1450\1.8-Forge11.14.3.1450-natives-11301243750072\OpenAL64.dll
2015-08-12 09:22 - 2015-08-03 02:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 12:00 - 2015-07-10 17:29 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-05 13:45 - 2015-08-11 09:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 09:22 - 2015-08-03 02:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-05 13:45 - 2015-08-11 10:57 - 02641760 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-08-12 09:22 - 2015-08-03 03:12 - 02108256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2012-01-31 10:25 - 2012-01-31 10:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2015-03-08 03:22 - 2013-12-10 00:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-08-08 10:30 - 2015-08-27 10:47 - 00144896 _____ () C:\Users\Jake\AppData\Local\MyComGames\zlib1.dll
2015-08-08 10:30 - 2015-08-27 10:47 - 00062464 _____ () C:\Users\Jake\AppData\Local\MyComGames\pxd.dll
2015-08-08 10:30 - 2015-08-27 10:47 - 00179144 _____ () C:\Users\Jake\AppData\Local\MyComGames\LightUpdate.dll
2015-08-08 10:30 - 2015-08-27 10:47 - 02419488 _____ () C:\Users\Jake\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Jake\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 40555008 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\libcef.DLL
2015-07-19 12:05 - 2015-07-19 12:05 - 00146432 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\OWGameEventsConsumer.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\CoreAudioApi.dll
2015-07-22 15:32 - 2015-07-22 15:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 01274655 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\libxml2-2.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00028160 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\libssp-0.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00100352 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\zlib1.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00373657 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\plugins\libmsn.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00021337 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\plugins\libxmpp.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00415553 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\libjabber.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00190464 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\libsasl.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00022832 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\plugins\libyahoo.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00228908 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\libymsg.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00027811 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\plugins\ssl-nss.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00012004 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\plugins\ssl.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00140288 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\sasl2\saslDIGESTMD5.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00102912 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\sasl2\saslPLAIN.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00425984 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\sqlite3.dll
2013-07-18 11:28 - 2013-07-18 11:28 - 01013536 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtNetwork4.dll
2013-07-18 11:28 - 2013-07-18 11:28 - 02610464 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtCore4.dll
2013-07-18 11:28 - 2013-07-18 11:28 - 00028448 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\osEvents.dll
2013-07-18 11:28 - 2013-07-18 11:28 - 00328992 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\log4cplus.dll
2013-07-18 11:28 - 2013-07-18 11:28 - 00389408 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\QtXml4.dll
2013-07-18 11:28 - 2013-07-18 11:28 - 00407328 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\sqlite3.dll
2013-07-18 11:27 - 2013-07-18 11:27 - 00202528 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\libgsoap.dll
2013-07-18 11:28 - 2013-07-18 11:28 - 00069408 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\zlib1.dll
2013-07-18 11:29 - 2013-07-18 11:29 - 00473376 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\plugin\PServerPlugin.dll
2015-07-19 12:05 - 2015-07-19 12:05 - 00985088 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\ffmpegsumo.dll
2015-03-10 19:24 - 2015-07-03 17:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-10 19:24 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-10 19:24 - 2015-08-19 21:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-10 19:24 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-10 19:24 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-10 19:24 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-10 19:24 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-10 19:24 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-10 19:24 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-10 19:24 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-10 19:24 - 2015-08-19 21:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-03-10 19:24 - 2015-07-03 17:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-09-17 18:42 - 2015-09-12 01:22 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
2015-09-17 18:42 - 2015-09-12 01:22 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll
2015-09-11 20:13 - 2015-09-11 20:34 - 00045056 _____ () C:\Program Files\WindowsApps\A278AB0D.ModernCombat5Blackout_1.3.0.14_x86__h6adky7gbf63m\LocalPNSTask.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Program Files\Bonjour:Win32App
AlternateDataStreams: C:\Program Files\Intel:Win32App
AlternateDataStreams: C:\Program Files\Intel Corporation:Win32App
AlternateDataStreams: C:\Program Files (x86)\AmPcieDrv:Win32App
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App
AlternateDataStreams: C:\Program Files (x86)\i-Funbox DevTeam:Win32App
AlternateDataStreams: C:\Program Files (x86)\Norton 360:Win32App
AlternateDataStreams: C:\Program Files (x86)\WinRAR:Win32App
AlternateDataStreams: C:\ProgramData\Intel® Update Manager:Win32App
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\Users\Jake\Desktop\BlueStacks:Win32App
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jake\Pictures\5cec0f7b2b046d249605c0e25824a561.jpg
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jake\Pictures\5cec0f7b2b046d249605c0e25824a561.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{EE3BE1AE-54BF-497A-98F3-050C73491E33}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{79C177EF-D80E-4E68-917B-D5A0E11EB1AD}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{EFDC7917-32B9-4FAD-A92D-7EDD9A1C7210}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{3AED3CD4-B4F8-4C67-97CA-ACA5680DF62D}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [UDP Query User{EB7831B0-66B6-420D-BD7E-BC7DA1B3A154}C:\users\jake\desktop\ucs0501\ucs.exe] => (Allow) C:\users\jake\desktop\ucs0501\ucs.exe
FirewallRules: [TCP Query User{78D0391F-6062-43B4-9837-E6C9C0D719B0}C:\users\jake\desktop\ucs0501\ucs.exe] => (Allow) C:\users\jake\desktop\ucs0501\ucs.exe
FirewallRules: [{4FF8F364-2691-4792-871F-B5ED45C55258}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1A0168AC-EEC9-4DB1-8AC3-529A223622E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{708D229E-B802-4E95-88F8-5A5229FD5DE6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4CC09520-7FCE-42BE-82C7-4C5265061BC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5D300976-18CE-4C71-ACBF-4DC1F56B91DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{148937DB-B9BA-4135-A3F2-4053F550095B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D310BE76-20EE-40D0-A021-9D360F59B46A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{C2017CB9-65A2-4C25-9D55-99CAF928A2C8}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [UDP Query User{92FF186B-85DD-438C-85A8-795FAF8691D3}C:\users\jake\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jake\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C34AABB1-B884-400A-B51F-41729597A2E6}C:\users\jake\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jake\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CFBA33F3-C3D6-4A05-A83E-A336F155C844}C:\users\jake\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jake\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6B518E6F-6361-4938-9F0B-590C90F726A6}C:\users\jake\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jake\appdata\roaming\spotify\spotify.exe
FirewallRules: [{ABE05C58-F83E-4362-8E5B-8494454D8BE8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7459E151-5A61-4249-99EF-A583DDBA4D40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\La Tale\ogpsteam.exe
FirewallRules: [{30C88BDA-8409-447D-8671-38A8762D981F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\La Tale\ogpsteam.exe
FirewallRules: [UDP Query User{95E5A92C-774D-486A-AA0F-522088DB1A37}C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe
FirewallRules: [TCP Query User{095DE5E9-3A3C-43DE-81B0-1D72E84AF3E0}C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe
FirewallRules: [{315273E9-A14A-4CFE-83CA-DDFCEDC3E28A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales Runner\ogpsteam.exe
FirewallRules: [{2E072268-C37E-4956-9AB5-A5CCA35534DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales Runner\ogpsteam.exe
FirewallRules: [{AF7777E2-CB2E-4B3D-815F-5117E13E6895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{82500416-CF4B-4C68-8841-E3B876806769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{287A1144-1303-45D3-B98E-ACE39AB76149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{54D7C8F2-3917-4A8F-B3E4-7578C24C3ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{211F551A-F885-40B8-90DD-FB15A8598CFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battle Islands\BattleIslands.exe
FirewallRules: [{96D90667-564E-4855-9A6E-C957F7146D68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battle Islands\BattleIslands.exe
FirewallRules: [{ECC41CC4-667F-4C6C-91A3-B77FD5842E00}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{372E90AF-8237-4AD2-BE94-6F9B7FFBB7D8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7BC78833-F962-4CC8-BC02-0F34E9591A71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6419F48-F389-40A6-9248-E07285C702FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{ECEF470B-2AA0-486D-83D1-40465AF16283}C:\users\jake\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jake\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{1ECBCC9D-0744-466B-AE9D-824669F6E55D}C:\users\jake\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jake\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F0CAA78B-975F-4356-8712-EA7B79C7B68C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{8F938C1D-0508-4B49-AD07-0EB5B2611944}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{9F65D849-992C-41E9-85F4-7EACA744EE63}C:\users\jake\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\jake\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{6540C0F0-8A02-4617-84D7-0B3281014ABB}C:\users\jake\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\jake\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{88170D74-3CB3-4D67-A8A8-2C2C60C963D7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E51E4868-0744-49B8-9D90-928DC60F4285}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{518B9C6E-FA01-4A11-B4B8-9A69F26E0690}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{96E818BE-3B4B-47AA-A7E4-F2B1B75AC60D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{373414F8-1B1F-48F1-845B-AC477FE53CB4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6E638685-5B7F-4BEB-A92F-C666C6A11709}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{50652508-2760-4457-BD38-56F55F738B6C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{872E16A0-9307-472E-A961-4A3A8A2943B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{2C5626B6-8FE2-41F4-B0EA-E8228BE25CA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{5803EA27-8EF3-41D4-8F85-0EAE34A015A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{9A1EC991-E924-4695-9461-6A99B30F6CE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{733EF134-BD6C-4837-BAC8-DCDF804AED1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{9A7E935D-452B-42E7-8C51-C5E3AD7EF04F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{6E6FD300-C251-47F3-B397-5DAA034CA111}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{5B75EBC3-DF2B-458C-8129-14E058A66B9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{E08AB407-0F15-4D05-BCAF-7BD150B25055}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{C76641A1-8A8E-4EE0-B0F8-AB61B8E64EB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{603AE9CF-302A-40F2-AF10-33A95085A8C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{436FAFD6-A626-4D7E-B69D-ED23AE4D4357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{ACAE1078-B030-498A-8077-90D62FF2623E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel.exe
FirewallRules: [{25FA1138-3E63-4EA5-8C22-6CB9E7C2129C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel.exe
FirewallRules: [{5A1B89B9-2B18-49C9-A730-C2E14616A004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel 64.exe
FirewallRules: [{ABB4BE64-D078-431C-8CA6-03CA9FE749ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel 64.exe
FirewallRules: [{79CDD90D-8072-4A8F-96DB-DF094EBC5CB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel DX9.exe
FirewallRules: [{DE9EF2D4-9253-4F00-929E-BC87FFF9B764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel DX9.exe
FirewallRules: [{17C80CDA-1F0D-479B-A5FA-16ADA3212C41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{02E277BC-8FF2-4462-B1F1-7D849665A874}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{D50CA558-F114-4672-BC22-909017F3BB5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{B105E538-D7B6-4F91-940F-93AD4C6F000F}] => (Allow) C:\Torrentex\Torrentex.exe
FirewallRules: [{7E38439E-899D-438A-B437-7B63D4D10E43}] => (Allow) C:\Torrentex\Torrentex.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/19/2015 11:38:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program n360.exe version 13.0.2.6 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1494
 
Start Time: 01d0f2a19b0e71be
 
Termination Time: 12
 
Application Path: C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
 
Report Id: 76decee2-5eba-11e5-9bd8-7824afdaf859
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (09/19/2015 10:23:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchUI.exe version 10.0.10240.16431 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1984
 
Start Time: 01d0f2a1af88fa1b
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
 
Report Id: 1412704c-5eb0-11e5-9bd8-7824afdaf859
 
Faulting package full name: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: CortanaUI
 
Error: (09/19/2015 10:23:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: JAKE-PC)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
 
Error: (09/19/2015 10:14:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: delegate_execute.exe, version: 45.0.2454.93, time stamp: 0x55f34683
Faulting module name: delegate_execute.exe, version: 45.0.2454.93, time stamp: 0x55f34683
Exception code: 0x80000003
Fault offset: 0x00007de3
Faulting process ID: 0x1cfc
Faulting application start time: 0xdelegate_execute.exe0
Faulting application path: delegate_execute.exe1
Faulting module path: delegate_execute.exe2
Report ID: delegate_execute.exe3
Faulting package full name: delegate_execute.exe4
Faulting package-relative application ID: delegate_execute.exe5
 
Error: (09/19/2015 07:21:50 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. An instance of the service is already running
 
Error: (09/19/2015 07:21:50 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Service cannot be started. The handle is invalid
 
Error: (09/19/2015 07:20:48 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (09/19/2015 07:20:42 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6188) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (09/19/2015 07:20:00 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (6188) {43EB3C84-0156-4785-A807-8D51399F2913}: Database recovery/restore failed with unexpected error -1032.
 
Error: (09/19/2015 07:20:00 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (6188) {E2C6BF90-AB4A-4453-B4C8-3345715B04A0}: Database recovery/restore failed with unexpected error -1216.
 
 
System errors:
=============
Error: (09/19/2015 11:04:23 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (09/19/2015 07:58:49 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error: 
%%0
 
Error: (09/19/2015 07:15:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/19/2015 07:07:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Net.Msmq Listener Adapter service failed to start due to the following error: 
%%1053
 
Error: (09/19/2015 07:07:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Net.Msmq Listener Adapter service to connect.
 
Error: (09/19/2015 07:07:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Net.Pipe Listener Adapter service failed to start due to the following error: 
%%1053
 
Error: (09/19/2015 07:07:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Net.Pipe Listener Adapter service to connect.
 
Error: (09/19/2015 07:06:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: 
%%1053
 
Error: (09/19/2015 07:06:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.
 
Error: (09/19/2015 07:06:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BlueStacks Updater Service service failed to start due to the following error: 
%%1053
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 92%
Total physical RAM: 3961.3 MB
Available physical RAM: 280.76 MB
Total Virtual: 8742.63 MB
Available Virtual: 1702.71 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:199.55 GB) (Free:6.06 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:240.44 GB) (Free:212.6 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F547EB88)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Jake (administrator) on Jake-PC (19-09-2015 12:00:35)
Running from C:\Users\Leanna\Downloads
Loaded Profiles: Jake &  (Available Profiles: Jake)
Platform: Windows 10 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal

Edited by Leannachouir7, 19 September 2015 - 06:05 AM.


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:02 PM

Posted 19 September 2015 - 06:09 AM

Please post the FRST.txt as well. :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 Leannachouir7

Leannachouir7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 06:18 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Jake (administrator) on Jake-PC (19-09-2015 12:00:35)
Running from C:\Users\Jake\Downloads
Loaded Profiles: Jake &  (Available Profiles: Jake)
Platform: Windows 10 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 

Edited by Leannachouir7, 19 September 2015 - 06:28 AM.


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:02 PM

Posted 19 September 2015 - 06:32 AM

FRST.txt isn't complete. Please re-run the scan:

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 Leannachouir7

Leannachouir7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 06:54 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015

Ran by Jake (administrator) on JAKE-PC (19-09-2015 12:38:53)
Running from C:\Users\Jake\Downloads
Loaded Profiles: Jake &  (Available Profiles: Jake)
Platform: Windows 10 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Preload64\Patch\AsusService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Users\Jake\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\ASUSBluetoothRadio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(STMicroelectronics) C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Jake\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(MY.COM B.V.) C:\Users\Jake\AppData\Local\MyComGames\MyComGames.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\Purplizer.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ismagent.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
(Oracle Corporation) C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\delegate_execute.exe
(Microsoft Corporation) C:\Windows\System32\GamePanel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Failed to access process -> n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [ASUS HDD Protection Tray Application] => C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe [54272 2013-12-03] (STMicroelectronics)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-03-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-10] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2014-03-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [209720 2014-03-11] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [82744 2013-12-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [kxesc] => "c:\program files (x86)\kingsoft\kingsoft antiviruskxetray.exe" -autorun
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-06] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Spotify Web Helper] => C:\Users\Jake\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Spotify] => C:\Users\Jake\AppData\Roaming\Spotify\Spotify.exe [7334968 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2692608 2015-04-12] (i-Funbox.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [MyComGames] => C:\Users\Jake\AppData\Local\MyComGames\MyComGames.exe [4159432 2015-09-18] (MY.COM B.V.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [MediaFire Tray] => C:\Users\Jake\AppData\Local\MediaFire Desktop\mf_watch.exe [4003840 2015-04-23] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jake\AppData\Roaming\Auto Clicker\AutoClicker.exe [120304 2015-03-29] (MurGee.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [C] => C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol [782 2015-09-18] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Torrentex] => "C:\Torrentex\Torrentex.exe" /hide
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Jake\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Jake\AppData\Roaming\Spotify\Spotify.exe [7334968 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2692608 2015-04-12] (i-Funbox.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MyComGames] => C:\Users\Jake\AppData\Local\MyComGames\MyComGames.exe [4159432 2015-09-18] (MY.COM B.V.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MediaFire Tray] => C:\Users\Jake\AppData\Local\MediaFire Desktop\mf_watch.exe [4003840 2015-04-23] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jake\AppData\Roaming\Auto Clicker\AutoClicker.exe [120304 2015-03-29] (MurGee.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [C] => C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol [782 2015-09-18] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Torrentex] => "C:\Torrentex\Torrentex.exe" /hide
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_82ba4.dll [2015-04-23] (TODO: <Company name>)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{5828315c-66c0-4e4c-a622-2202bd3b7bea}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.0.124
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
URLSearchHook: [S-1-5-21-446222923-3578191987-212603048-1000] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-446222923-3578191987-212603048-1000 - (No Name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - No File
URLSearchHook: [S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q=
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q=
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-13] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-13] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-05] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-05] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-13] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-05] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @my.com/Games -> C:\Users\Jake\AppData\Local\MyComGames\NPMyComDetector.dll [2015-08-27] (My.com, Inc)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @nsroblox.roblox.com/launcher -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jake\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @my.com/Games -> C:\Users\Jake\AppData\Local\MyComGames\NPMyComDetector.dll [2015-08-27] (My.com, Inc)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher64 -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jake\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\user.js [2015-05-31]
FF SearchPlugin: C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\searchplugins\safesearch.xml [2015-08-30]
FF Extension: d57c9ff1638948fcb770f78bd89b6e8a - C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a} [2015-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn [2015-09-19]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-30]
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-25]
CHR Extension: (Google Drive) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (YouTube) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Norton Security Toolbar) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-05]
CHR Extension: (Google Search) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Roblox Group Enhancer by Merely) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjfhkkpgfghimddaekfocbahebohdim [2015-06-28]
CHR Extension: (Google Sheets) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Norton Identity Safe) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-11]
CHR Extension: (AgarioMods Evergreen Script) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2015-07-11]
CHR Extension: (Norton Safe) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-08]
CHR Extension: (Listen on Repeat Youtube Video Repeater) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjcgpbffennccofdpganblbjiglnbip [2015-06-27]
CHR Extension: (Gmail) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASNB4LDRSvc; C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe [33912 2014-03-11] (ASUS)
S2 AsusFPService; C:\Program Files (x86)\ASUS\FingerPrint\511\AsusFPService_x64.exe [840704 2014-03-25] (ASUSTek Computer Inc.) [File not signed]
R2 AsusService; c:\preload64\patch\AsusService.exe [224680 2013-01-08] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-07-27] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 DptfParticipantDisplayService; C:\Windows\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2014-09-15] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2015-07-28] (EasyAntiCheat Ltd)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [120016 2014-04-03] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-06] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MF NTFS Monitor; C:\Users\Jake\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456176 2015-04-23] ()
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-01] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7743472 2015-08-19] (Reimage®)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-01] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmPeStor; C:\Windows\system32\drivers\AmPeStor.sys [114456 2013-10-07] (Alcor Micro, Corp.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150904.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-08-02] (BitRaider)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation)
R3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation)
S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\drivers\DptfDevProc.sys [290256 2014-09-15] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\drivers\DptfManager.sys [495320 2014-09-15] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-06] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150918.002\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-04-23] (Windows ® Win 7 DDK provider)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-01] (Microsoft Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150918.018\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150918.018\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [73928 2013-09-14] (STMicroelectronics)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-23] (电脑管家)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [204184 2014-03-04] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 ETDSMBus; \SystemRoot\System32\drivers\ETDSMBus.sys [X]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-19 12:41 - 2015-09-19 12:41 - 03449921 _____ C:\Users\Jake\Downloads\Hot Marvel Girls! NEW.zip
2015-09-19 11:51 - 2015-09-19 12:12 - 00056772 _____ C:\Users\Jake\Downloads\Addition.txt
2015-09-19 11:51 - 2015-09-19 11:51 - 00016148 _____ C:\WINDOWS\system32\JAKE-PC_Jake_HistoryPrediction.bin
2015-09-19 11:43 - 2015-09-19 12:45 - 00042464 _____ C:\Users\Jake\Downloads\FRST.txt
2015-09-19 11:39 - 2015-09-19 12:39 - 00000000 ____D C:\FRST
2015-09-19 11:34 - 2015-09-19 11:34 - 02191360 _____ (Farbar) C:\Users\Jake\Downloads\FRST64.exe
2015-09-19 08:04 - 2015-09-19 08:06 - 00000000 ____D C:\Users\Jake\Desktop\Pokemon Sage 1.5.1
2015-09-18 21:37 - 2015-09-19 07:12 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-09-18 21:37 - 2015-09-18 21:38 - 00000000 ____D C:\ProgramData\Adobe
2015-09-18 21:26 - 2015-09-18 22:28 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-09-18 21:26 - 2015-09-18 22:28 - 00001282 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-09-18 21:24 - 2015-09-18 21:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-18 21:20 - 2015-09-18 21:20 - 00675504 _____ (Adobe Systems Incorporated) C:\Users\Jake\Downloads\CreativeCloudSet-Up.exe
2015-09-18 20:45 - 2015-09-19 09:25 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-18 20:44 - 2015-09-18 22:28 - 00001167 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-18 20:44 - 2015-09-18 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-18 20:44 - 2015-09-18 20:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-18 20:44 - 2015-09-18 20:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-18 20:44 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-18 20:44 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-18 20:44 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-18 20:42 - 2015-09-18 20:43 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jake\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-18 20:32 - 2015-09-18 20:33 - 00000109 ____H C:\iexplore.bat
2015-09-18 20:32 - 2015-09-18 20:32 - 00000103 ____H C:\launcher.bat
2015-09-18 20:32 - 2015-09-09 11:54 - 00931960 ____H (Opera Software) C:\lаunсhеr.bаt.exe
2015-09-18 20:32 - 2015-07-30 05:08 - 00818880 ____H (Microsoft Corporation) C:\iехplоrе.bаt.exe
2015-09-18 20:27 - 2015-09-18 22:28 - 00000651 _____ C:\Users\Public\Desktop\Torrentex.lnk
2015-09-18 20:27 - 2015-09-18 20:33 - 00000108 ____H C:\firefox.bat
2015-09-18 20:27 - 2015-09-18 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrentex
2015-09-18 20:27 - 2015-08-30 11:52 - 00377000 ____H (Mozilla Corporation) C:\firеfох.bаt.exe
2015-09-18 20:26 - 2015-09-19 07:06 - 00001032 __RSH C:\ProgramData\ntuser.pol
2015-09-18 20:26 - 2015-09-18 20:26 - 00000008 __RSH C:\Users\Jake\ntuser.pol
2015-09-18 20:21 - 2015-09-18 20:21 - 03543792 _____ C:\Users\Jake\Downloads\adobe.snr.patch-painter.exe
2015-09-17 18:24 - 2015-09-17 18:25 - 196203893 _____ C:\Users\Jake\Downloads\Ethereal Gates Demo.zip
2015-09-17 17:55 - 2015-09-17 17:55 - 00000000 ___HD C:\OneDriveTemp
2015-09-14 19:13 - 2015-09-18 22:28 - 00001106 _____ C:\Users\Public\Desktop\RodiniaWar.lnk
2015-09-14 19:13 - 2015-09-14 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RodiniaWar
2015-09-14 19:13 - 2015-09-14 19:13 - 00000000 ____D C:\Program Files (x86)\RodiniaWar
2015-09-14 19:12 - 2015-09-14 19:12 - 02023232 _____ C:\Users\Jake\Downloads\rodiniawarinstall.exe
2015-09-14 17:22 - 2015-09-14 17:22 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Shooter
2015-09-14 17:14 - 2015-09-14 17:14 - 00000000 ____D C:\Users\Jake\Documents\My Games
2015-09-13 14:04 - 2015-09-13 14:05 - 07718846 _____ C:\Users\Jake\Downloads\Anime Pack.rar
2015-09-13 13:52 - 2015-09-13 13:55 - 42293049 _____ C:\Users\Jake\Downloads\Geometry Dash 2.0 hack By Liam Gamer.apk
2015-09-13 13:48 - 2015-09-13 13:48 - 42293049 _____ C:\Users\Jake\Downloads\GeometryDash2.0(mod) by ElGameTheTroll.apk
2015-09-13 13:47 - 2015-09-13 13:48 - 09983584 _____ (MEGA Limited) C:\Users\Jake\Downloads\MEGAsyncSetup.exe
2015-09-13 13:30 - 2015-09-13 13:30 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-09-13 13:28 - 2015-09-13 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-09-13 13:27 - 2015-09-13 13:29 - 00000000 ____D C:\Program Files\Java
2015-09-13 13:21 - 2015-09-13 13:23 - 195200088 _____ (Oracle Corporation) C:\Users\Jake\Downloads\jdk-8u60-windows-x64.exe
2015-09-13 13:14 - 2015-09-13 13:15 - 00031025 _____ C:\Users\Jake\Desktop\ModInfo.json
2015-09-13 12:38 - 2015-09-13 12:50 - 99831460 _____ C:\Users\Jake\Downloads\Pokemon Sage 1.5.1.rar
2015-09-12 19:52 - 2015-09-18 22:28 - 00001184 _____ C:\Users\Public\Desktop\Icecream Screen Recorder.lnk
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\Users\Jake\AppData\Local\Icecream
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\Users\Jake\.Icecream Screen Recorder
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2015-09-12 19:51 - 2015-09-12 19:51 - 18349776 _____ (Icecream Apps ) C:\Users\Jake\Downloads\screen_recorder_setup.exe
2015-09-12 19:46 - 2015-09-12 19:46 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Esenthel
2015-09-12 19:43 - 2015-09-12 19:43 - 00000222 _____ C:\Users\Jake\Desktop\Esenthel Engine.url
2015-09-11 21:34 - 2015-09-18 20:32 - 00001772 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Оpеrа.lnk
2015-09-11 21:34 - 2015-09-11 21:34 - 00003926 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1442003632
2015-09-11 21:34 - 2015-09-11 21:34 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Opera Software
2015-09-11 21:34 - 2015-09-11 21:34 - 00000000 ____D C:\Users\Jake\AppData\Local\Opera Software
2015-09-11 21:33 - 2015-09-11 21:35 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-11 21:33 - 2015-09-11 21:33 - 00000000 ____D C:\Users\Jake\Documents\My Cheat Tables
2015-09-11 21:32 - 2015-09-18 22:27 - 00001156 _____ C:\Users\Jake\Desktop\Cheat Engine.lnk
2015-09-11 21:32 - 2015-09-11 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-09-11 21:32 - 2015-09-11 21:32 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-09-11 21:06 - 2015-09-17 19:14 - 00000000 ____D C:\Users\Jake\AppData\Local\GeometryDash
2015-09-11 20:54 - 2015-09-11 20:54 - 00000222 _____ C:\Users\Jake\Desktop\Geometry Dash.url
2015-09-09 18:07 - 2015-09-09 18:07 - 00000000 ____D C:\Users\Jake\AppData\Roaming\TownOfSalem
2015-09-09 15:59 - 2015-09-09 15:59 - 00000222 _____ C:\Users\Jake\Desktop\Town of Salem.url
2015-09-08 20:23 - 2015-09-18 22:27 - 00001097 _____ C:\Users\Jake\Desktop\Auto Clicker for Games.lnk
2015-09-08 20:23 - 2015-09-18 22:27 - 00001057 _____ C:\Users\Jake\Desktop\Auto Clicker.lnk
2015-09-08 20:23 - 2015-09-08 20:23 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Auto Clicker
2015-09-08 20:23 - 2015-09-08 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2015-09-08 20:22 - 2015-09-08 20:22 - 00822248 _____ (MurGee.com ) C:\Users\Jake\Downloads\setup.exe
2015-09-08 19:33 - 2015-09-08 19:35 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Tap_Dungeon
2015-09-08 17:08 - 2015-09-08 17:08 - 16717270 _____ C:\Users\Jake\Downloads\Leanna Decker Full Dubstep Dance.mp4
2015-09-08 16:44 - 2015-09-08 16:44 - 00002231 _____ C:\Users\Jake\Documents\Hackar 1.vpj
2015-09-08 16:44 - 2015-09-08 16:44 - 00000000 ____D C:\Users\Jake\Documents\VideoPad Projects
2015-09-08 16:34 - 2015-09-18 22:28 - 00001341 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2015-09-08 16:34 - 2015-09-18 22:28 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2015-09-08 16:34 - 2015-09-18 22:28 - 00001203 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2015-09-08 16:34 - 2015-09-08 17:11 - 00000000 ____D C:\Users\Jake\AppData\Roaming\NCH Software
2015-09-08 16:34 - 2015-09-08 17:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2015-09-08 16:34 - 2015-09-08 16:34 - 00000000 ____D C:\ProgramData\NCH Software
2015-09-08 16:34 - 2015-09-08 16:34 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-09-08 16:33 - 2015-09-08 16:33 - 05305088 _____ (NCH Software) C:\Users\Jake\Downloads\vpsetup.exe
2015-09-07 20:02 - 2015-09-07 20:02 - 00001815 _____ C:\Users\Jake\Documents\Hacker 1 EDIT.mxpl
2015-09-06 15:18 - 2015-09-11 20:21 - 00259832 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2015-09-06 15:10 - 2015-09-18 22:28 - 00000733 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2015-09-06 15:10 - 2015-09-06 15:10 - 00000000 ____D C:\Users\Jake\Desktop\Guild Wars 2
2015-09-06 15:10 - 2015-09-06 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-09-06 15:08 - 2015-09-06 15:09 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Guild Wars 2
2015-09-06 15:07 - 2015-09-06 15:07 - 26068984 _____ (ArenaNet) C:\Users\Jake\Downloads\Gw2Setup.exe
2015-09-06 10:54 - 2015-09-19 10:15 - 00000000 ____D C:\Users\Jake\AppData\Local\Purplizer
2015-09-05 23:10 - 2015-09-05 23:12 - 52696098 _____ C:\Users\Jake\Downloads\SmartGesture_Win10_64_VER406.zip
2015-09-05 19:20 - 2015-09-05 19:21 - 35222911 _____ C:\Users\Jake\Downloads\Medieval Town by Joebricksy.zip
2015-09-05 18:34 - 2015-09-05 18:34 - 00612652 _____ C:\Users\Jake\Downloads\big-church.schematic
2015-09-05 16:52 - 2015-09-05 16:52 - 01782413 _____ C:\Users\Jake\Downloads\jungle-village.schematic
2015-09-05 15:56 - 2015-07-14 06:57 - 02238176 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\ETDUninst.dll
2015-09-05 14:03 - 2015-09-19 12:42 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.minecraft
2015-09-05 14:01 - 2015-09-05 14:01 - 00000000 ____D C:\Users\Jake\Desktop\world saves
2015-09-05 13:46 - 2015-08-20 07:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-05 13:46 - 2015-08-20 06:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-05 13:46 - 2015-08-13 05:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-05 13:46 - 2015-08-13 05:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-05 13:46 - 2015-08-11 10:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-05 13:46 - 2015-08-11 09:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-05 13:45 - 2015-08-20 07:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-05 13:45 - 2015-08-20 07:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-05 13:45 - 2015-08-20 06:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-05 13:45 - 2015-08-20 06:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-05 13:45 - 2015-08-20 06:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-05 13:45 - 2015-08-20 06:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-05 13:45 - 2015-08-20 06:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-05 13:45 - 2015-08-20 06:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-05 13:45 - 2015-08-20 05:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-05 13:45 - 2015-08-18 08:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-05 13:45 - 2015-08-18 08:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-09-05 13:45 - 2015-08-18 08:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-05 13:45 - 2015-08-18 08:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-05 13:45 - 2015-08-18 08:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-05 13:45 - 2015-08-18 08:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-09-05 13:45 - 2015-08-18 08:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-09-05 13:45 - 2015-08-18 08:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-05 13:45 - 2015-08-18 08:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-05 13:45 - 2015-08-18 08:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-09-05 13:45 - 2015-08-18 08:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-05 13:45 - 2015-08-18 07:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-09-05 13:45 - 2015-08-18 07:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-09-05 13:45 - 2015-08-18 07:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-09-05 13:45 - 2015-08-18 07:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-09-05 13:45 - 2015-08-18 07:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-05 13:45 - 2015-08-18 07:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-09-05 13:45 - 2015-08-18 07:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-09-05 13:45 - 2015-08-18 07:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-05 13:45 - 2015-08-18 07:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-05 13:45 - 2015-08-18 07:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-05 13:45 - 2015-08-18 07:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-09-05 13:45 - 2015-08-18 07:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-09-05 13:45 - 2015-08-18 07:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-09-05 13:45 - 2015-08-18 07:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-09-05 13:45 - 2015-08-18 07:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-09-05 13:45 - 2015-08-18 07:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-09-05 13:45 - 2015-08-18 07:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-05 13:45 - 2015-08-18 07:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-09-05 13:45 - 2015-08-18 05:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-09-05 13:45 - 2015-08-13 05:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-05 13:45 - 2015-08-13 05:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-05 13:45 - 2015-08-13 04:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-05 13:45 - 2015-08-11 11:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-05 13:45 - 2015-08-11 11:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-05 13:45 - 2015-08-11 11:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-05 13:45 - 2015-08-11 11:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-09-05 13:45 - 2015-08-11 11:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-05 13:45 - 2015-08-11 11:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-05 13:45 - 2015-08-11 11:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-09-05 13:45 - 2015-08-11 10:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-05 13:45 - 2015-08-11 10:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-05 13:45 - 2015-08-11 10:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-05 13:45 - 2015-08-11 10:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-05 13:45 - 2015-08-11 10:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-05 13:45 - 2015-08-11 10:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-05 13:45 - 2015-08-11 10:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-05 13:45 - 2015-08-11 10:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-05 13:45 - 2015-08-11 10:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-05 13:45 - 2015-08-11 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-05 13:45 - 2015-08-11 10:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-05 13:45 - 2015-08-11 10:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-09-05 13:45 - 2015-08-11 10:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-05 13:45 - 2015-08-11 10:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-05 13:45 - 2015-08-11 10:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-09-05 13:45 - 2015-08-11 10:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-05 13:45 - 2015-08-11 10:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-05 13:45 - 2015-08-11 10:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-05 13:45 - 2015-08-11 10:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-05 13:45 - 2015-08-11 10:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-05 13:45 - 2015-08-11 10:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-05 13:45 - 2015-08-11 10:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-05 13:45 - 2015-08-11 10:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-09-05 13:45 - 2015-08-11 10:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-09-05 13:45 - 2015-08-11 10:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-09-05 13:45 - 2015-08-11 10:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-05 13:45 - 2015-08-11 10:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-05 13:45 - 2015-08-11 10:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-05 13:45 - 2015-08-11 10:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-09-05 13:45 - 2015-08-11 10:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-05 13:45 - 2015-08-11 10:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-09-05 13:45 - 2015-08-11 10:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-05 13:45 - 2015-08-11 10:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-05 13:45 - 2015-08-11 10:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-05 13:45 - 2015-08-11 10:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-05 13:45 - 2015-08-11 10:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-05 13:45 - 2015-08-11 10:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-05 13:45 - 2015-08-11 10:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-09-05 13:45 - 2015-08-11 09:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-05 13:45 - 2015-08-11 09:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-09-05 13:45 - 2015-08-11 09:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-05 13:45 - 2015-08-11 09:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-05 13:45 - 2015-08-11 09:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-05 13:45 - 2015-08-11 09:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-09-05 13:45 - 2015-08-11 09:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-09-05 13:45 - 2015-08-11 09:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-05 13:45 - 2015-08-11 09:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-05 13:45 - 2015-08-11 09:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-09-05 13:45 - 2015-08-11 09:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-05 13:45 - 2015-08-11 09:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-05 13:45 - 2015-08-11 09:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-09-05 13:45 - 2015-08-11 09:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-05 13:45 - 2015-08-11 09:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-05 13:45 - 2015-08-11 09:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-05 13:45 - 2015-08-11 09:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-09-05 13:45 - 2015-08-11 09:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-05 10:33 - 2015-09-13 13:30 - 00000000 ____D C:\Users\Jake\.oracle_jre_usage
2015-09-05 10:33 - 2015-09-05 10:33 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Sun
2015-09-04 17:27 - 2015-09-04 17:27 - 01201328 _____ (Symantec Corporation) C:\Users\Jake\Downloads\AutoDetectPkg.exe
2015-09-04 16:30 - 2015-01-03 12:21 - 00661165 _____ C:\Users\Jake\Downloads\Towny.jar
2015-09-04 16:30 - 2014-12-29 16:35 - 00088318 _____ C:\Users\Jake\Downloads\TownyChat.jar
2015-09-04 16:30 - 2014-04-27 11:21 - 00044682 _____ C:\Users\Jake\Downloads\Questioner.jar
2015-09-04 16:29 - 2015-09-04 16:29 - 00745440 _____ C:\Users\Jake\Downloads\plugins%2F1420306292wpdm_TownyAdvanced.zip
2015-09-04 16:27 - 2015-09-04 16:28 - 00745440 _____ C:\Users\Jake\Downloads\1420306292wpdm_TownyAdvanced.zip
2015-08-31 17:19 - 2015-08-31 18:20 - 543854835 _____ C:\Users\Jake\Downloads\Pokemon Insurgence 1.1.6.zip
2015-08-31 17:19 - 2015-08-31 17:33 - 544288148 _____ C:\Users\Jake\Downloads\Pokemon Insurgence 1.1.6 (1).zip
2015-08-30 13:17 - 2015-08-30 13:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-30 13:15 - 2015-09-18 22:28 - 00001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-30 13:15 - 2015-08-30 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-30 13:14 - 2015-08-30 13:15 - 00000000 ____D C:\Program Files\iTunes
2015-08-30 13:14 - 2015-08-30 13:14 - 00000000 ____D C:\Program Files\iPod
2015-08-30 13:14 - 2015-08-30 13:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-30 12:50 - 2015-08-30 12:52 - 155835672 _____ (Apple Inc.) C:\Users\Jake\Downloads\iTunes6464Setup.exe
2015-08-30 12:47 - 2015-08-30 12:47 - 00118432 _____ C:\Users\Jake\Desktop\CCGameManager.dat
2015-08-30 11:52 - 2015-09-04 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 11:36 - 2015-08-28 11:36 - 00001696 _____ C:\WINDOWS\SysWOW64\NOISE.CHS
2015-08-28 11:36 - 2015-08-28 11:36 - 00001696 _____ C:\WINDOWS\system32\NOISE.CHS
2015-08-28 11:36 - 2015-07-09 20:38 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0804.dll
2015-08-28 11:36 - 2015-07-09 20:36 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70804.dll
2015-08-28 11:36 - 2015-07-09 20:26 - 03445248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0804.dll
2015-08-28 11:36 - 2015-07-09 20:26 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll
2015-08-28 11:36 - 2015-07-09 20:25 - 02964480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0804.dll
2015-08-28 11:36 - 2015-07-09 20:25 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0804.dll
2015-08-28 11:18 - 2015-08-28 11:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-28 11:18 - 2015-08-28 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-27 11:58 - 2015-08-27 11:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-08-27 11:46 - 2015-09-18 22:27 - 00001297 _____ C:\Users\Jake\Desktop\Action Replay DSi Code Manager.lnk
2015-08-27 11:46 - 2015-08-27 11:46 - 00000533 _____ C:\WINDOWS\KB893803v2.log
2015-08-27 11:46 - 2015-08-27 11:46 - 00000000 ____D C:\Users\Jake\Documents\Datel
2015-08-27 11:46 - 2015-08-27 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay DSi Code Manager
2015-08-27 11:46 - 2015-08-27 11:46 - 00000000 ____D C:\Program Files (x86)\Datel
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-19 12:46 - 2015-03-31 12:05 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-19 12:46 - 2015-03-24 16:54 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Skype
2015-09-19 12:40 - 2015-03-08 20:17 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-19 12:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-19 10:42 - 2015-06-28 14:16 - 00000000 ____D C:\Users\Jake\AppData\Local\CrashDumps
2015-09-19 10:20 - 2015-03-07 20:19 - 00000432 _____ C:\Users\Jake\AppData\Roaming\sp_data.sys
2015-09-19 09:43 - 2015-03-10 19:16 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-19 07:30 - 2015-08-16 12:13 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DAB085F-362D-4A6D-AE01-DDB73CCDDCC2}
2015-09-19 07:17 - 2015-08-10 16:31 - 00000000 ___HD C:\Users\Jake\.mediafire
2015-09-19 07:16 - 2015-08-13 10:04 - 00000000 ____D C:\Users\Jake\AppData\Local\Overwolf
2015-09-19 07:15 - 2015-03-08 03:43 - 02846210 _____ C:\Users\Public\CAFADEBUG.log
2015-09-19 07:13 - 2015-08-14 12:57 - 00000000 ____D C:\Users\Jake\AppData\Local\LogMeIn Hamachi
2015-09-19 07:12 - 2015-07-27 12:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2015-09-19 07:11 - 2015-08-08 10:30 - 00000000 ____D C:\Users\Jake\AppData\Local\MyComGames
2015-09-19 07:10 - 2015-08-10 16:32 - 00000000 ___RD C:\Users\Jake\MediaFire
2015-09-19 07:10 - 2015-08-02 09:35 - 00000000 ____D C:\Users\Jake\OneDrive
2015-09-19 07:09 - 2015-08-10 16:34 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-09-19 07:09 - 2015-03-08 20:15 - 00000000 ____D C:\Users\Jake\AppData\Local\Adobe
2015-09-19 07:08 - 2015-08-01 20:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-19 07:08 - 2015-03-31 12:05 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-19 07:07 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-19 07:07 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-19 07:06 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-18 22:31 - 2015-08-01 20:58 - 00000000 ____D C:\Users\Jake
2015-09-18 22:31 - 2015-08-01 20:27 - 00052696 _____ C:\WINDOWS\PFRO.log
2015-09-18 22:31 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\security
2015-09-18 22:30 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-18 22:28 - 2015-08-15 10:10 - 00001205 _____ C:\Users\Public\Desktop\GROOVE Pro Edition.lnk
2015-09-18 22:28 - 2015-08-15 10:08 - 00001147 _____ C:\Users\Public\Desktop\Pixelmon Launcher.lnk
2015-09-18 22:28 - 2015-08-13 10:08 - 00002034 _____ C:\Users\Public\Desktop\Overwolf.lnk
2015-09-18 22:28 - 2015-08-11 16:11 - 00001246 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-09-18 22:28 - 2015-08-11 15:37 - 00001164 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-09-18 22:28 - 2015-08-10 12:48 - 00001026 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-09-18 22:28 - 2015-08-07 21:49 - 00000595 _____ C:\Users\Public\Desktop\Wooxy.lnk
2015-09-18 22:28 - 2015-08-01 21:06 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-18 22:28 - 2015-08-01 20:52 - 00002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2015-09-18 22:28 - 2015-08-01 20:52 - 00002150 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2015-09-18 22:28 - 2015-07-10 12:01 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2015-09-18 22:28 - 2015-07-10 12:01 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2015-09-18 22:28 - 2015-07-10 12:01 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2015-09-18 22:28 - 2015-07-10 12:00 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2015-09-18 22:28 - 2015-07-10 12:00 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-09-18 22:28 - 2015-07-10 12:00 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2015-09-18 22:28 - 2015-07-04 16:09 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-09-18 22:28 - 2015-07-04 16:09 - 00001172 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-09-18 22:28 - 2015-06-11 21:00 - 00002221 _____ C:\Users\Public\Desktop\Norton 360.LNK
2015-09-18 22:28 - 2015-06-11 19:44 - 00001820 _____ C:\Users\Public\Desktop\eFix Pro.lnk
2015-09-18 22:28 - 2015-06-03 16:22 - 00001052 _____ C:\Users\Public\Desktop\iFunbox.lnk
2015-09-18 22:28 - 2015-05-24 21:34 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-18 22:28 - 2015-03-10 19:16 - 00000959 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-18 22:28 - 2015-03-08 03:15 - 00001628 _____ C:\Users\Public\Desktop\ASUS Install.lnk
2015-09-18 22:28 - 2015-03-07 20:20 - 00002445 _____ C:\Users\Public\Desktop\ASUSPRO Business Center Powered by Intel® Small Business Advantage.lnk
2015-09-18 22:28 - 2015-03-07 20:19 - 00001080 _____ C:\Users\Public\Desktop\Splendid Utility.Lnk
2015-09-18 22:28 - 2015-03-07 20:17 - 00000710 _____ C:\Users\Public\Desktop\eManual.Lnk
2015-09-18 22:28 - 2015-03-07 20:11 - 00002006 _____ C:\Users\Public\Desktop\Intel® WiDi.lnk
2015-09-18 22:28 - 2014-03-28 11:16 - 00001972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-09-18 22:28 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-18 22:27 - 2015-08-13 10:04 - 00001318 _____ C:\Users\Jake\Desktop\TeamSpeak 3 Client.lnk
2015-09-18 22:27 - 2015-08-08 10:30 - 00002121 _____ C:\Users\Jake\Desktop\My.com Game Center.lnk
2015-09-18 22:27 - 2015-08-02 09:56 - 00001049 _____ C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-09-18 22:27 - 2015-08-02 09:35 - 00002372 _____ C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-18 22:27 - 2015-08-01 20:53 - 00001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2015-09-18 22:27 - 2015-07-23 11:33 - 00001873 _____ C:\Users\Jake\Desktop\IMVU.lnk
2015-09-18 22:27 - 2015-06-11 20:16 - 00001291 _____ C:\Users\Jake\Desktop\Norton Installation Files.lnk
2015-09-18 22:27 - 2015-06-08 18:00 - 00001244 _____ C:\Users\Jake\Desktop\Command Prompt.lnk
2015-09-18 22:27 - 2015-04-12 18:29 - 00001803 _____ C:\Users\Jake\Desktop\Spotify.lnk
2015-09-18 22:27 - 2015-04-12 18:29 - 00001789 _____ C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-09-18 22:26 - 2015-04-01 12:50 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Imminent
2015-09-18 21:38 - 2015-03-07 19:53 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Adobe
2015-09-18 21:34 - 2015-03-07 20:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-18 20:41 - 2015-03-31 12:05 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 20:41 - 2015-03-31 12:05 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-18 20:32 - 2015-08-01 20:58 - 00000000 ___RD C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-18 20:32 - 2015-06-27 14:09 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-09-18 20:32 - 2015-06-09 12:26 - 00001599 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2015-09-18 20:31 - 2015-03-31 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-18 20:31 - 2015-03-31 12:05 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-18 20:28 - 2015-07-27 13:44 - 00002133 ____R C:\Users\Public\Desktop\Stаr Wаrs - Тhе Оld Rеpubliс.lnk
2015-09-18 20:28 - 2015-07-27 13:44 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-09-18 20:28 - 2015-06-09 12:26 - 00001685 ____R C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2015-09-18 20:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-09-18 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-09-18 20:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-16 19:06 - 2015-08-02 10:06 - 00000000 ____D C:\Users\Jake\AppData\Local\PackageStaging
2015-09-16 19:05 - 2015-08-01 22:04 - 00000000 ____D C:\Users\Jake\AppData\Local\Packages
2015-09-16 18:47 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-16 18:15 - 2015-08-10 12:48 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-09-13 19:33 - 2015-08-13 10:06 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-09-13 13:34 - 2015-08-04 09:49 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.crazycraft3
2015-09-13 13:30 - 2015-03-08 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-13 13:14 - 2015-08-05 10:43 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.crazycraft2
2015-09-13 13:14 - 2015-08-03 15:28 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.VoidLauncher
2015-09-12 19:43 - 2015-03-10 19:27 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-11 21:23 - 2015-03-31 12:05 - 00000000 ____D C:\Users\Jake\AppData\Local\Google
2015-09-08 19:10 - 2015-04-12 14:46 - 00000000 ____D C:\Users\Jake\Desktop\Games
2015-09-08 18:44 - 2015-08-01 22:11 - 00000000 ____D C:\Users\Jake\AppData\Local\VirtualStore
2015-09-07 18:17 - 2015-08-11 15:37 - 00000000 ____D C:\Users\Jake\AppData\Local\Battle.net
2015-09-06 19:18 - 2015-08-11 16:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-06 19:13 - 2015-08-11 15:37 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-06 09:58 - 2015-08-13 10:05 - 00000000 ____D C:\ProgramData\Overwolf
2015-09-05 22:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-05 22:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-05 22:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-05 21:25 - 2015-08-01 21:16 - 00000000 ____D C:\Windows.old
2015-09-05 16:52 - 2015-07-29 10:01 - 00000000 ____D C:\Users\Jake\Desktop\mcedit2-win64-2.0.0alpha-591
2015-09-05 14:32 - 2015-08-11 18:30 - 00000000 ____D C:\Users\Jake\Desktop\mods
2015-09-05 14:01 - 2015-08-06 10:34 - 00000000 ____D C:\Users\Jake\Desktop\shaderpacks
2015-09-05 11:04 - 2015-08-18 14:22 - 00000000 ____D C:\Users\Jake\Desktop\1.8
2015-09-05 10:45 - 2015-03-08 10:07 - 00000000 ____D C:\ProgramData\Oracle
2015-09-05 10:34 - 2015-03-08 10:07 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-04 17:27 - 2015-06-11 20:15 - 00000000 ____D C:\ProgramData\Norton
2015-09-04 10:52 - 2015-07-10 13:20 - 00261280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-04 10:52 - 2015-05-28 13:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 14:20 - 2015-08-13 10:07 - 00000000 ____D C:\Users\Jake\AppData\Roaming\TS3Client
2015-08-30 13:17 - 2015-07-10 13:20 - 00016786 _____ C:\WINDOWS\setupact.log
2015-08-30 13:14 - 2015-05-24 21:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-30 13:13 - 2015-06-27 07:43 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-30 11:55 - 2015-08-08 09:33 - 00000000 ____D C:\Users\Jake\Desktop\OreSpawn
2015-08-28 11:36 - 2015-07-10 17:26 - 00000000 ____D C:\WINDOWS\OCR
2015-08-28 11:18 - 2015-03-24 16:54 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 11:00 - 2015-06-11 19:41 - 00000144 _____ C:\WINDOWS\Reimage.ini
2015-08-27 11:00 - 2015-06-11 19:41 - 00000120 _____ C:\WINDOWS\efix.ini
 
==================== Files in the root of some directories =======
 
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jake\AppData\Roaming\1EuVvV6t5DApC21tFX
2015-05-23 11:34 - 2015-06-11 19:16 - 0000024 _____ () C:\Users\Jake\AppData\Roaming\appdataFr25.bin
2015-03-07 20:19 - 2015-09-19 10:20 - 0000432 _____ () C:\Users\Jake\AppData\Roaming\sp_data.sys
2015-04-18 10:09 - 2015-04-18 10:13 - 0000402 _____ () C:\Users\Jake\AppData\Local\Temp-log.txt
2015-05-11 18:27 - 2015-05-11 18:27 - 0000000 _____ () C:\Users\Jake\AppData\Local\Temp.dat
2015-03-07 20:10 - 2015-03-07 20:12 - 0030325 _____ () C:\Users\Jake\AppData\Local\WiDiSetupLog.20150307.191024.wdl
2015-05-25 10:37 - 2015-06-11 19:19 - 0000112 _____ () C:\ProgramData\3LJcoQm.dat
2014-03-28 11:31 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2009-07-29 07:01 - 2009-07-28 19:31 - 0000223 _____ () C:\ProgramData\setwallpaper.cmd
2009-07-29 07:01 - 2009-07-23 02:04 - 0024576 _____ () C:\ProgramData\SetWallpaper.exe
 
Files to move or delete:
====================
C:\ProgramData\3LJcoQm.dat
C:\ProgramData\SetStretch.VBS
C:\ProgramData\SetWallpaper.exe
 
 
Some files in TEMP:
====================
C:\Users\Jake\AppData\Local\Temp\Gw2.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-04 17:34
 
==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Jake (administrator) on JAKE-PC (19-09-2015 12:38:53)
Running from C:\Users\Jake\Downloads
Loaded Profiles: Jake &  (Available Profiles: Jake)
Platform: Windows 10 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Preload64\Patch\AsusService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Users\Jake\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\ASUSBluetoothRadio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(STMicroelectronics) C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Jake\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(MY.COM B.V.) C:\Users\Jake\AppData\Local\MyComGames\MyComGames.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\Purplizer\Purplizer.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ismagent.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
(Oracle Corporation) C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\delegate_execute.exe
(Microsoft Corporation) C:\Windows\System32\GamePanel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Failed to access process -> n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [ASUS HDD Protection Tray Application] => C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe [54272 2013-12-03] (STMicroelectronics)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-03-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-10] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2014-03-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [209720 2014-03-11] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [82744 2013-12-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [kxesc] => "c:\program files (x86)\kingsoft\kingsoft antiviruskxetray.exe" -autorun
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-06] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Spotify Web Helper] => C:\Users\Jake\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Spotify] => C:\Users\Jake\AppData\Roaming\Spotify\Spotify.exe [7334968 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2692608 2015-04-12] (i-Funbox.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [MyComGames] => C:\Users\Jake\AppData\Local\MyComGames\MyComGames.exe [4159432 2015-09-18] (MY.COM B.V.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [MediaFire Tray] => C:\Users\Jake\AppData\Local\MediaFire Desktop\mf_watch.exe [4003840 2015-04-23] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jake\AppData\Roaming\Auto Clicker\AutoClicker.exe [120304 2015-03-29] (MurGee.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [C] => C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol [782 2015-09-18] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000\...\Run: [Torrentex] => "C:\Torrentex\Torrentex.exe" /hide
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Jake\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Jake\AppData\Roaming\Spotify\Spotify.exe [7334968 2015-07-29] (Spotify Ltd)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2692608 2015-04-12] (i-Funbox.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MyComGames] => C:\Users\Jake\AppData\Local\MyComGames\MyComGames.exe [4159432 2015-09-18] (MY.COM B.V.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MediaFire Tray] => C:\Users\Jake\AppData\Local\MediaFire Desktop\mf_watch.exe [4003840 2015-04-23] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jake\AppData\Roaming\Auto Clicker\AutoClicker.exe [120304 2015-03-29] (MurGee.com)
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [C] => C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol [782 2015-09-18] ()
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Torrentex] => "C:\Torrentex\Torrentex.exe" /hide
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_82ba4.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_82ba4.dll [2015-04-23] (TODO: <Company name>)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{5828315c-66c0-4e4c-a622-2202bd3b7bea}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.0.124
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
URLSearchHook: [S-1-5-21-446222923-3578191987-212603048-1000] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-446222923-3578191987-212603048-1000 - (No Name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - No File
URLSearchHook: [S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q=
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q=
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-13] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-13] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-05] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-05] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-13] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-05] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @my.com/Games -> C:\Users\Jake\AppData\Local\MyComGames\NPMyComDetector.dll [2015-08-27] (My.com, Inc)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @nsroblox.roblox.com/launcher -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jake\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @my.com/Games -> C:\Users\Jake\AppData\Local\MyComGames\NPMyComDetector.dll [2015-08-27] (My.com, Inc)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher64 -> C:\Users\Jake\AppData\Local\Roblox\Versions\version-7d64c9ce01664bca\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-446222923-3578191987-212603048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jake\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\user.js [2015-05-31]
FF SearchPlugin: C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\searchplugins\safesearch.xml [2015-08-30]
FF Extension: d57c9ff1638948fcb770f78bd89b6e8a - C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a} [2015-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn [2015-09-19]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-30]
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-25]
CHR Extension: (Google Drive) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (YouTube) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Norton Security Toolbar) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-05]
CHR Extension: (Google Search) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Roblox Group Enhancer by Merely) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjfhkkpgfghimddaekfocbahebohdim [2015-06-28]
CHR Extension: (Google Sheets) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Norton Identity Safe) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-11]
CHR Extension: (AgarioMods Evergreen Script) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2015-07-11]
CHR Extension: (Norton Safe) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-08]
CHR Extension: (Listen on Repeat Youtube Video Repeater) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjcgpbffennccofdpganblbjiglnbip [2015-06-27]
CHR Extension: (Gmail) - C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASNB4LDRSvc; C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe [33912 2014-03-11] (ASUS)
S2 AsusFPService; C:\Program Files (x86)\ASUS\FingerPrint\511\AsusFPService_x64.exe [840704 2014-03-25] (ASUSTek Computer Inc.) [File not signed]
R2 AsusService; c:\preload64\patch\AsusService.exe [224680 2013-01-08] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-07-27] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 DptfParticipantDisplayService; C:\Windows\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2014-09-15] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2015-07-28] (EasyAntiCheat Ltd)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [120016 2014-04-03] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-06] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MF NTFS Monitor; C:\Users\Jake\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456176 2015-04-23] ()
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-01] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7743472 2015-08-19] (Reimage®)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-01] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmPeStor; C:\Windows\system32\drivers\AmPeStor.sys [114456 2013-10-07] (Alcor Micro, Corp.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150904.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-08-02] (BitRaider)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation)
R3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation)
S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\drivers\DptfDevProc.sys [290256 2014-09-15] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\drivers\DptfManager.sys [495320 2014-09-15] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-06] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150918.002\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-04-23] (Windows ® Win 7 DDK provider)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-01] (Microsoft Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150918.018\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150918.018\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [73928 2013-09-14] (STMicroelectronics)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-23] (电脑管家)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [204184 2014-03-04] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 ETDSMBus; \SystemRoot\System32\drivers\ETDSMBus.sys [X]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-19 12:41 - 2015-09-19 12:41 - 03449921 _____ C:\Users\Jake\Downloads\Hot Marvel Girls! NEW.zip
2015-09-19 11:51 - 2015-09-19 12:12 - 00056772 _____ C:\Users\Jake\Downloads\Addition.txt
2015-09-19 11:51 - 2015-09-19 11:51 - 00016148 _____ C:\WINDOWS\system32\JAKE-PC_Jake_HistoryPrediction.bin
2015-09-19 11:43 - 2015-09-19 12:45 - 00042464 _____ C:\Users\Jake\Downloads\FRST.txt
2015-09-19 11:39 - 2015-09-19 12:39 - 00000000 ____D C:\FRST
2015-09-19 11:34 - 2015-09-19 11:34 - 02191360 _____ (Farbar) C:\Users\Jake\Downloads\FRST64.exe
2015-09-19 08:04 - 2015-09-19 08:06 - 00000000 ____D C:\Users\Jake\Desktop\Pokemon Sage 1.5.1
2015-09-18 21:37 - 2015-09-19 07:12 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-09-18 21:37 - 2015-09-18 21:38 - 00000000 ____D C:\ProgramData\Adobe
2015-09-18 21:26 - 2015-09-18 22:28 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-09-18 21:26 - 2015-09-18 22:28 - 00001282 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-09-18 21:24 - 2015-09-18 21:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-18 21:20 - 2015-09-18 21:20 - 00675504 _____ (Adobe Systems Incorporated) C:\Users\Jake\Downloads\CreativeCloudSet-Up.exe
2015-09-18 20:45 - 2015-09-19 09:25 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-18 20:44 - 2015-09-18 22:28 - 00001167 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-18 20:44 - 2015-09-18 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-18 20:44 - 2015-09-18 20:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-18 20:44 - 2015-09-18 20:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-18 20:44 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-18 20:44 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-18 20:44 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-18 20:42 - 2015-09-18 20:43 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jake\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-18 20:32 - 2015-09-18 20:33 - 00000109 ____H C:\iexplore.bat
2015-09-18 20:32 - 2015-09-18 20:32 - 00000103 ____H C:\launcher.bat
2015-09-18 20:32 - 2015-09-09 11:54 - 00931960 ____H (Opera Software) C:\lаunсhеr.bаt.exe
2015-09-18 20:32 - 2015-07-30 05:08 - 00818880 ____H (Microsoft Corporation) C:\iехplоrе.bаt.exe
2015-09-18 20:27 - 2015-09-18 22:28 - 00000651 _____ C:\Users\Public\Desktop\Torrentex.lnk
2015-09-18 20:27 - 2015-09-18 20:33 - 00000108 ____H C:\firefox.bat
2015-09-18 20:27 - 2015-09-18 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrentex
2015-09-18 20:27 - 2015-08-30 11:52 - 00377000 ____H (Mozilla Corporation) C:\firеfох.bаt.exe
2015-09-18 20:26 - 2015-09-19 07:06 - 00001032 __RSH C:\ProgramData\ntuser.pol
2015-09-18 20:26 - 2015-09-18 20:26 - 00000008 __RSH C:\Users\Jake\ntuser.pol
2015-09-18 20:21 - 2015-09-18 20:21 - 03543792 _____ C:\Users\Jake\Downloads\adobe.snr.patch-painter.exe
2015-09-17 18:24 - 2015-09-17 18:25 - 196203893 _____ C:\Users\Jake\Downloads\Ethereal Gates Demo.zip
2015-09-17 17:55 - 2015-09-17 17:55 - 00000000 ___HD C:\OneDriveTemp
2015-09-14 19:13 - 2015-09-18 22:28 - 00001106 _____ C:\Users\Public\Desktop\RodiniaWar.lnk
2015-09-14 19:13 - 2015-09-14 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RodiniaWar
2015-09-14 19:13 - 2015-09-14 19:13 - 00000000 ____D C:\Program Files (x86)\RodiniaWar
2015-09-14 19:12 - 2015-09-14 19:12 - 02023232 _____ C:\Users\Jake\Downloads\rodiniawarinstall.exe
2015-09-14 17:22 - 2015-09-14 17:22 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Shooter
2015-09-14 17:14 - 2015-09-14 17:14 - 00000000 ____D C:\Users\Jake\Documents\My Games
2015-09-13 14:04 - 2015-09-13 14:05 - 07718846 _____ C:\Users\Jake\Downloads\Anime Pack.rar
2015-09-13 13:52 - 2015-09-13 13:55 - 42293049 _____ C:\Users\Jake\Downloads\Geometry Dash 2.0 hack By Liam Gamer.apk
2015-09-13 13:48 - 2015-09-13 13:48 - 42293049 _____ C:\Users\Jake\Downloads\GeometryDash2.0(mod) by ElGameTheTroll.apk
2015-09-13 13:47 - 2015-09-13 13:48 - 09983584 _____ (MEGA Limited) C:\Users\Jake\Downloads\MEGAsyncSetup.exe
2015-09-13 13:30 - 2015-09-13 13:30 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-09-13 13:28 - 2015-09-13 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-09-13 13:27 - 2015-09-13 13:29 - 00000000 ____D C:\Program Files\Java
2015-09-13 13:21 - 2015-09-13 13:23 - 195200088 _____ (Oracle Corporation) C:\Users\Jake\Downloads\jdk-8u60-windows-x64.exe
2015-09-13 13:14 - 2015-09-13 13:15 - 00031025 _____ C:\Users\Jake\Desktop\ModInfo.json
2015-09-13 12:38 - 2015-09-13 12:50 - 99831460 _____ C:\Users\Jake\Downloads\Pokemon Sage 1.5.1.rar
2015-09-12 19:52 - 2015-09-18 22:28 - 00001184 _____ C:\Users\Public\Desktop\Icecream Screen Recorder.lnk
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\Users\Jake\AppData\Local\Icecream
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\Users\Jake\.Icecream Screen Recorder
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2015-09-12 19:52 - 2015-09-12 19:52 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2015-09-12 19:51 - 2015-09-12 19:51 - 18349776 _____ (Icecream Apps ) C:\Users\Jake\Downloads\screen_recorder_setup.exe
2015-09-12 19:46 - 2015-09-12 19:46 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Esenthel
2015-09-12 19:43 - 2015-09-12 19:43 - 00000222 _____ C:\Users\Jake\Desktop\Esenthel Engine.url
2015-09-11 21:34 - 2015-09-18 20:32 - 00001772 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Оpеrа.lnk
2015-09-11 21:34 - 2015-09-11 21:34 - 00003926 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1442003632
2015-09-11 21:34 - 2015-09-11 21:34 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Opera Software
2015-09-11 21:34 - 2015-09-11 21:34 - 00000000 ____D C:\Users\Jake\AppData\Local\Opera Software
2015-09-11 21:33 - 2015-09-11 21:35 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-11 21:33 - 2015-09-11 21:33 - 00000000 ____D C:\Users\Jake\Documents\My Cheat Tables
2015-09-11 21:32 - 2015-09-18 22:27 - 00001156 _____ C:\Users\Jake\Desktop\Cheat Engine.lnk
2015-09-11 21:32 - 2015-09-11 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-09-11 21:32 - 2015-09-11 21:32 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-09-11 21:06 - 2015-09-17 19:14 - 00000000 ____D C:\Users\Jake\AppData\Local\GeometryDash
2015-09-11 20:54 - 2015-09-11 20:54 - 00000222 _____ C:\Users\Jake\Desktop\Geometry Dash.url
2015-09-09 18:07 - 2015-09-09 18:07 - 00000000 ____D C:\Users\Jake\AppData\Roaming\TownOfSalem
2015-09-09 15:59 - 2015-09-09 15:59 - 00000222 _____ C:\Users\Jake\Desktop\Town of Salem.url
2015-09-08 20:23 - 2015-09-18 22:27 - 00001097 _____ C:\Users\Jake\Desktop\Auto Clicker for Games.lnk
2015-09-08 20:23 - 2015-09-18 22:27 - 00001057 _____ C:\Users\Jake\Desktop\Auto Clicker.lnk
2015-09-08 20:23 - 2015-09-08 20:23 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Auto Clicker
2015-09-08 20:23 - 2015-09-08 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2015-09-08 20:22 - 2015-09-08 20:22 - 00822248 _____ (MurGee.com ) C:\Users\Jake\Downloads\setup.exe
2015-09-08 19:33 - 2015-09-08 19:35 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Tap_Dungeon
2015-09-08 17:08 - 2015-09-08 17:08 - 16717270 _____ C:\Users\Jake\Downloads\Leanna Decker Full Dubstep Dance.mp4
2015-09-08 16:44 - 2015-09-08 16:44 - 00002231 _____ C:\Users\Jake\Documents\Hackar 1.vpj
2015-09-08 16:44 - 2015-09-08 16:44 - 00000000 ____D C:\Users\Jake\Documents\VideoPad Projects
2015-09-08 16:34 - 2015-09-18 22:28 - 00001341 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2015-09-08 16:34 - 2015-09-18 22:28 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2015-09-08 16:34 - 2015-09-18 22:28 - 00001203 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2015-09-08 16:34 - 2015-09-08 17:11 - 00000000 ____D C:\Users\Jake\AppData\Roaming\NCH Software
2015-09-08 16:34 - 2015-09-08 17:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2015-09-08 16:34 - 2015-09-08 16:34 - 00000000 ____D C:\ProgramData\NCH Software
2015-09-08 16:34 - 2015-09-08 16:34 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-09-08 16:33 - 2015-09-08 16:33 - 05305088 _____ (NCH Software) C:\Users\Jake\Downloads\vpsetup.exe
2015-09-07 20:02 - 2015-09-07 20:02 - 00001815 _____ C:\Users\Jake\Documents\Hacker 1 EDIT.mxpl
2015-09-06 15:18 - 2015-09-11 20:21 - 00259832 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2015-09-06 15:10 - 2015-09-18 22:28 - 00000733 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2015-09-06 15:10 - 2015-09-06 15:10 - 00000000 ____D C:\Users\Jake\Desktop\Guild Wars 2
2015-09-06 15:10 - 2015-09-06 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-09-06 15:08 - 2015-09-06 15:09 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Guild Wars 2
2015-09-06 15:07 - 2015-09-06 15:07 - 26068984 _____ (ArenaNet) C:\Users\Jake\Downloads\Gw2Setup.exe
2015-09-06 10:54 - 2015-09-19 10:15 - 00000000 ____D C:\Users\Jake\AppData\Local\Purplizer
2015-09-05 23:10 - 2015-09-05 23:12 - 52696098 _____ C:\Users\Jake\Downloads\SmartGesture_Win10_64_VER406.zip
2015-09-05 19:20 - 2015-09-05 19:21 - 35222911 _____ C:\Users\Jake\Downloads\Medieval Town by Joebricksy.zip
2015-09-05 18:34 - 2015-09-05 18:34 - 00612652 _____ C:\Users\Jake\Downloads\big-church.schematic
2015-09-05 16:52 - 2015-09-05 16:52 - 01782413 _____ C:\Users\Jake\Downloads\jungle-village.schematic
2015-09-05 15:56 - 2015-07-14 06:57 - 02238176 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\ETDUninst.dll
2015-09-05 14:03 - 2015-09-19 12:42 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.minecraft
2015-09-05 14:01 - 2015-09-05 14:01 - 00000000 ____D C:\Users\Jake\Desktop\world saves
2015-09-05 13:46 - 2015-08-20 07:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-05 13:46 - 2015-08-20 06:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-05 13:46 - 2015-08-13 05:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-05 13:46 - 2015-08-13 05:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-05 13:46 - 2015-08-11 10:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-05 13:46 - 2015-08-11 09:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-05 13:45 - 2015-08-20 07:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-05 13:45 - 2015-08-20 07:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-05 13:45 - 2015-08-20 06:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-05 13:45 - 2015-08-20 06:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-05 13:45 - 2015-08-20 06:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-05 13:45 - 2015-08-20 06:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-05 13:45 - 2015-08-20 06:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-05 13:45 - 2015-08-20 06:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-05 13:45 - 2015-08-20 05:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-05 13:45 - 2015-08-18 08:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-05 13:45 - 2015-08-18 08:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-09-05 13:45 - 2015-08-18 08:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-05 13:45 - 2015-08-18 08:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-05 13:45 - 2015-08-18 08:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-05 13:45 - 2015-08-18 08:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-09-05 13:45 - 2015-08-18 08:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-09-05 13:45 - 2015-08-18 08:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-05 13:45 - 2015-08-18 08:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-05 13:45 - 2015-08-18 08:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-09-05 13:45 - 2015-08-18 08:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-05 13:45 - 2015-08-18 07:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-09-05 13:45 - 2015-08-18 07:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-09-05 13:45 - 2015-08-18 07:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-09-05 13:45 - 2015-08-18 07:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-09-05 13:45 - 2015-08-18 07:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-09-05 13:45 - 2015-08-18 07:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-05 13:45 - 2015-08-18 07:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-09-05 13:45 - 2015-08-18 07:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-09-05 13:45 - 2015-08-18 07:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-05 13:45 - 2015-08-18 07:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-05 13:45 - 2015-08-18 07:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-05 13:45 - 2015-08-18 07:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-09-05 13:45 - 2015-08-18 07:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-09-05 13:45 - 2015-08-18 07:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-09-05 13:45 - 2015-08-18 07:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-09-05 13:45 - 2015-08-18 07:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-09-05 13:45 - 2015-08-18 07:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-09-05 13:45 - 2015-08-18 07:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-05 13:45 - 2015-08-18 07:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-09-05 13:45 - 2015-08-18 05:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-09-05 13:45 - 2015-08-13 05:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-05 13:45 - 2015-08-13 05:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-05 13:45 - 2015-08-13 04:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-05 13:45 - 2015-08-11 11:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-05 13:45 - 2015-08-11 11:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-05 13:45 - 2015-08-11 11:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-05 13:45 - 2015-08-11 11:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-09-05 13:45 - 2015-08-11 11:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-05 13:45 - 2015-08-11 11:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-05 13:45 - 2015-08-11 11:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-09-05 13:45 - 2015-08-11 10:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-05 13:45 - 2015-08-11 10:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-05 13:45 - 2015-08-11 10:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-05 13:45 - 2015-08-11 10:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-05 13:45 - 2015-08-11 10:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-05 13:45 - 2015-08-11 10:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-05 13:45 - 2015-08-11 10:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-05 13:45 - 2015-08-11 10:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-05 13:45 - 2015-08-11 10:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-05 13:45 - 2015-08-11 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-05 13:45 - 2015-08-11 10:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-05 13:45 - 2015-08-11 10:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-09-05 13:45 - 2015-08-11 10:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-05 13:45 - 2015-08-11 10:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-05 13:45 - 2015-08-11 10:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-09-05 13:45 - 2015-08-11 10:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-05 13:45 - 2015-08-11 10:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-05 13:45 - 2015-08-11 10:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-05 13:45 - 2015-08-11 10:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-05 13:45 - 2015-08-11 10:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-05 13:45 - 2015-08-11 10:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-05 13:45 - 2015-08-11 10:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-05 13:45 - 2015-08-11 10:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-09-05 13:45 - 2015-08-11 10:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-09-05 13:45 - 2015-08-11 10:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-09-05 13:45 - 2015-08-11 10:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-05 13:45 - 2015-08-11 10:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-05 13:45 - 2015-08-11 10:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-05 13:45 - 2015-08-11 10:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-09-05 13:45 - 2015-08-11 10:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-05 13:45 - 2015-08-11 10:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-09-05 13:45 - 2015-08-11 10:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-09-05 13:45 - 2015-08-11 10:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-05 13:45 - 2015-08-11 10:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-05 13:45 - 2015-08-11 10:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-05 13:45 - 2015-08-11 10:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-05 13:45 - 2015-08-11 10:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-05 13:45 - 2015-08-11 10:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-05 13:45 - 2015-08-11 10:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-05 13:45 - 2015-08-11 09:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-09-05 13:45 - 2015-08-11 09:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-05 13:45 - 2015-08-11 09:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-09-05 13:45 - 2015-08-11 09:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-05 13:45 - 2015-08-11 09:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-05 13:45 - 2015-08-11 09:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-05 13:45 - 2015-08-11 09:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-09-05 13:45 - 2015-08-11 09:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-09-05 13:45 - 2015-08-11 09:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-05 13:45 - 2015-08-11 09:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-05 13:45 - 2015-08-11 09:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-09-05 13:45 - 2015-08-11 09:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-05 13:45 - 2015-08-11 09:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-05 13:45 - 2015-08-11 09:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-09-05 13:45 - 2015-08-11 09:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-05 13:45 - 2015-08-11 09:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-05 13:45 - 2015-08-11 09:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-05 13:45 - 2015-08-11 09:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-09-05 13:45 - 2015-08-11 09:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-05 10:33 - 2015-09-13 13:30 - 00000000 ____D C:\Users\Jake\.oracle_jre_usage
2015-09-05 10:33 - 2015-09-05 10:33 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Sun
2015-09-04 17:27 - 2015-09-04 17:27 - 01201328 _____ (Symantec Corporation) C:\Users\Jake\Downloads\AutoDetectPkg.exe
2015-09-04 16:30 - 2015-01-03 12:21 - 00661165 _____ C:\Users\Jake\Downloads\Towny.jar
2015-09-04 16:30 - 2014-12-29 16:35 - 00088318 _____ C:\Users\Jake\Downloads\TownyChat.jar
2015-09-04 16:30 - 2014-04-27 11:21 - 00044682 _____ C:\Users\Jake\Downloads\Questioner.jar
2015-09-04 16:29 - 2015-09-04 16:29 - 00745440 _____ C:\Users\Jake\Downloads\plugins%2F1420306292wpdm_TownyAdvanced.zip
2015-09-04 16:27 - 2015-09-04 16:28 - 00745440 _____ C:\Users\Jake\Downloads\1420306292wpdm_TownyAdvanced.zip
2015-08-31 17:19 - 2015-08-31 18:20 - 543854835 _____ C:\Users\Jake\Downloads\Pokemon Insurgence 1.1.6.zip
2015-08-31 17:19 - 2015-08-31 17:33 - 544288148 _____ C:\Users\Jake\Downloads\Pokemon Insurgence 1.1.6 (1).zip
2015-08-30 13:17 - 2015-08-30 13:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-30 13:15 - 2015-09-18 22:28 - 00001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-30 13:15 - 2015-08-30 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-30 13:14 - 2015-08-30 13:15 - 00000000 ____D C:\Program Files\iTunes
2015-08-30 13:14 - 2015-08-30 13:14 - 00000000 ____D C:\Program Files\iPod
2015-08-30 13:14 - 2015-08-30 13:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-30 12:50 - 2015-08-30 12:52 - 155835672 _____ (Apple Inc.) C:\Users\Jake\Downloads\iTunes6464Setup.exe
2015-08-30 12:47 - 2015-08-30 12:47 - 00118432 _____ C:\Users\Jake\Desktop\CCGameManager.dat
2015-08-30 11:52 - 2015-09-04 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 11:36 - 2015-08-28 11:36 - 00001696 _____ C:\WINDOWS\SysWOW64\NOISE.CHS
2015-08-28 11:36 - 2015-08-28 11:36 - 00001696 _____ C:\WINDOWS\system32\NOISE.CHS
2015-08-28 11:36 - 2015-07-09 20:38 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0804.dll
2015-08-28 11:36 - 2015-07-09 20:36 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70804.dll
2015-08-28 11:36 - 2015-07-09 20:26 - 03445248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0804.dll
2015-08-28 11:36 - 2015-07-09 20:26 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll
2015-08-28 11:36 - 2015-07-09 20:25 - 02964480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0804.dll
2015-08-28 11:36 - 2015-07-09 20:25 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0804.dll
2015-08-28 11:18 - 2015-08-28 11:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-28 11:18 - 2015-08-28 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-27 11:58 - 2015-08-27 11:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-08-27 11:46 - 2015-09-18 22:27 - 00001297 _____ C:\Users\Jake\Desktop\Action Replay DSi Code Manager.lnk
2015-08-27 11:46 - 2015-08-27 11:46 - 00000533 _____ C:\WINDOWS\KB893803v2.log
2015-08-27 11:46 - 2015-08-27 11:46 - 00000000 ____D C:\Users\Jake\Documents\Datel
2015-08-27 11:46 - 2015-08-27 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay DSi Code Manager
2015-08-27 11:46 - 2015-08-27 11:46 - 00000000 ____D C:\Program Files (x86)\Datel
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-19 12:46 - 2015-03-31 12:05 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-19 12:46 - 2015-03-24 16:54 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Skype
2015-09-19 12:40 - 2015-03-08 20:17 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-19 12:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-19 10:42 - 2015-06-28 14:16 - 00000000 ____D C:\Users\Jake\AppData\Local\CrashDumps
2015-09-19 10:20 - 2015-03-07 20:19 - 00000432 _____ C:\Users\Jake\AppData\Roaming\sp_data.sys
2015-09-19 09:43 - 2015-03-10 19:16 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-19 07:30 - 2015-08-16 12:13 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DAB085F-362D-4A6D-AE01-DDB73CCDDCC2}
2015-09-19 07:17 - 2015-08-10 16:31 - 00000000 ___HD C:\Users\Jake\.mediafire
2015-09-19 07:16 - 2015-08-13 10:04 - 00000000 ____D C:\Users\Jake\AppData\Local\Overwolf
2015-09-19 07:15 - 2015-03-08 03:43 - 02846210 _____ C:\Users\Public\CAFADEBUG.log
2015-09-19 07:13 - 2015-08-14 12:57 - 00000000 ____D C:\Users\Jake\AppData\Local\LogMeIn Hamachi
2015-09-19 07:12 - 2015-07-27 12:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2015-09-19 07:11 - 2015-08-08 10:30 - 00000000 ____D C:\Users\Jake\AppData\Local\MyComGames
2015-09-19 07:10 - 2015-08-10 16:32 - 00000000 ___RD C:\Users\Jake\MediaFire
2015-09-19 07:10 - 2015-08-02 09:35 - 00000000 ____D C:\Users\Jake\OneDrive
2015-09-19 07:09 - 2015-08-10 16:34 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-09-19 07:09 - 2015-03-08 20:15 - 00000000 ____D C:\Users\Jake\AppData\Local\Adobe
2015-09-19 07:08 - 2015-08-01 20:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-19 07:08 - 2015-03-31 12:05 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-19 07:07 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-19 07:07 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-19 07:06 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-18 22:31 - 2015-08-01 20:58 - 00000000 ____D C:\Users\Jake
2015-09-18 22:31 - 2015-08-01 20:27 - 00052696 _____ C:\WINDOWS\PFRO.log
2015-09-18 22:31 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\security
2015-09-18 22:30 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-18 22:28 - 2015-08-15 10:10 - 00001205 _____ C:\Users\Public\Desktop\GROOVE Pro Edition.lnk
2015-09-18 22:28 - 2015-08-15 10:08 - 00001147 _____ C:\Users\Public\Desktop\Pixelmon Launcher.lnk
2015-09-18 22:28 - 2015-08-13 10:08 - 00002034 _____ C:\Users\Public\Desktop\Overwolf.lnk
2015-09-18 22:28 - 2015-08-11 16:11 - 00001246 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-09-18 22:28 - 2015-08-11 15:37 - 00001164 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-09-18 22:28 - 2015-08-10 12:48 - 00001026 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-09-18 22:28 - 2015-08-07 21:49 - 00000595 _____ C:\Users\Public\Desktop\Wooxy.lnk
2015-09-18 22:28 - 2015-08-01 21:06 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-18 22:28 - 2015-08-01 20:52 - 00002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2015-09-18 22:28 - 2015-08-01 20:52 - 00002150 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2015-09-18 22:28 - 2015-07-10 12:01 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2015-09-18 22:28 - 2015-07-10 12:01 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2015-09-18 22:28 - 2015-07-10 12:01 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2015-09-18 22:28 - 2015-07-10 12:00 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2015-09-18 22:28 - 2015-07-10 12:00 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-09-18 22:28 - 2015-07-10 12:00 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2015-09-18 22:28 - 2015-07-04 16:09 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-09-18 22:28 - 2015-07-04 16:09 - 00001172 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-09-18 22:28 - 2015-06-11 21:00 - 00002221 _____ C:\Users\Public\Desktop\Norton 360.LNK
2015-09-18 22:28 - 2015-06-11 19:44 - 00001820 _____ C:\Users\Public\Desktop\eFix Pro.lnk
2015-09-18 22:28 - 2015-06-03 16:22 - 00001052 _____ C:\Users\Public\Desktop\iFunbox.lnk
2015-09-18 22:28 - 2015-05-24 21:34 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-18 22:28 - 2015-03-10 19:16 - 00000959 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-18 22:28 - 2015-03-08 03:15 - 00001628 _____ C:\Users\Public\Desktop\ASUS Install.lnk
2015-09-18 22:28 - 2015-03-07 20:20 - 00002445 _____ C:\Users\Public\Desktop\ASUSPRO Business Center Powered by Intel® Small Business Advantage.lnk
2015-09-18 22:28 - 2015-03-07 20:19 - 00001080 _____ C:\Users\Public\Desktop\Splendid Utility.Lnk
2015-09-18 22:28 - 2015-03-07 20:17 - 00000710 _____ C:\Users\Public\Desktop\eManual.Lnk
2015-09-18 22:28 - 2015-03-07 20:11 - 00002006 _____ C:\Users\Public\Desktop\Intel® WiDi.lnk
2015-09-18 22:28 - 2014-03-28 11:16 - 00001972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-09-18 22:28 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-18 22:27 - 2015-08-13 10:04 - 00001318 _____ C:\Users\Jake\Desktop\TeamSpeak 3 Client.lnk
2015-09-18 22:27 - 2015-08-08 10:30 - 00002121 _____ C:\Users\Jake\Desktop\My.com Game Center.lnk
2015-09-18 22:27 - 2015-08-02 09:56 - 00001049 _____ C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-09-18 22:27 - 2015-08-02 09:35 - 00002372 _____ C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-18 22:27 - 2015-08-01 20:53 - 00001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2015-09-18 22:27 - 2015-07-23 11:33 - 00001873 _____ C:\Users\Jake\Desktop\IMVU.lnk
2015-09-18 22:27 - 2015-06-11 20:16 - 00001291 _____ C:\Users\Jake\Desktop\Norton Installation Files.lnk
2015-09-18 22:27 - 2015-06-08 18:00 - 00001244 _____ C:\Users\Jake\Desktop\Command Prompt.lnk
2015-09-18 22:27 - 2015-04-12 18:29 - 00001803 _____ C:\Users\Jake\Desktop\Spotify.lnk
2015-09-18 22:27 - 2015-04-12 18:29 - 00001789 _____ C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-09-18 22:26 - 2015-04-01 12:50 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Imminent
2015-09-18 21:38 - 2015-03-07 19:53 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Adobe
2015-09-18 21:34 - 2015-03-07 20:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-18 20:41 - 2015-03-31 12:05 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 20:41 - 2015-03-31 12:05 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-18 20:32 - 2015-08-01 20:58 - 00000000 ___RD C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-18 20:32 - 2015-06-27 14:09 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-09-18 20:32 - 2015-06-09 12:26 - 00001599 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2015-09-18 20:31 - 2015-03-31 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-18 20:31 - 2015-03-31 12:05 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-18 20:28 - 2015-07-27 13:44 - 00002133 ____R C:\Users\Public\Desktop\Stаr Wаrs - Тhе Оld Rеpubliс.lnk
2015-09-18 20:28 - 2015-07-27 13:44 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-09-18 20:28 - 2015-06-09 12:26 - 00001685 ____R C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2015-09-18 20:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-09-18 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-09-18 20:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-16 19:06 - 2015-08-02 10:06 - 00000000 ____D C:\Users\Jake\AppData\Local\PackageStaging
2015-09-16 19:05 - 2015-08-01 22:04 - 00000000 ____D C:\Users\Jake\AppData\Local\Packages
2015-09-16 18:47 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-16 18:15 - 2015-08-10 12:48 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-09-13 19:33 - 2015-08-13 10:06 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-09-13 13:34 - 2015-08-04 09:49 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.crazycraft3
2015-09-13 13:30 - 2015-03-08 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-13 13:14 - 2015-08-05 10:43 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.crazycraft2
2015-09-13 13:14 - 2015-08-03 15:28 - 00000000 ____D C:\Users\Jake\AppData\Roaming\.VoidLauncher
2015-09-12 19:43 - 2015-03-10 19:27 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-11 21:23 - 2015-03-31 12:05 - 00000000 ____D C:\Users\Jake\AppData\Local\Google
2015-09-08 19:10 - 2015-04-12 14:46 - 00000000 ____D C:\Users\Jake\Desktop\Games
2015-09-08 18:44 - 2015-08-01 22:11 - 00000000 ____D C:\Users\Jake\AppData\Local\VirtualStore
2015-09-07 18:17 - 2015-08-11 15:37 - 00000000 ____D C:\Users\Jake\AppData\Local\Battle.net
2015-09-06 19:18 - 2015-08-11 16:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-06 19:13 - 2015-08-11 15:37 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-06 09:58 - 2015-08-13 10:05 - 00000000 ____D C:\ProgramData\Overwolf
2015-09-05 22:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-05 22:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-05 22:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-05 21:25 - 2015-08-01 21:16 - 00000000 ____D C:\Windows.old
2015-09-05 16:52 - 2015-07-29 10:01 - 00000000 ____D C:\Users\Jake\Desktop\mcedit2-win64-2.0.0alpha-591
2015-09-05 14:32 - 2015-08-11 18:30 - 00000000 ____D C:\Users\Jake\Desktop\mods
2015-09-05 14:01 - 2015-08-06 10:34 - 00000000 ____D C:\Users\Jake\Desktop\shaderpacks
2015-09-05 11:04 - 2015-08-18 14:22 - 00000000 ____D C:\Users\Jake\Desktop\1.8
2015-09-05 10:45 - 2015-03-08 10:07 - 00000000 ____D C:\ProgramData\Oracle
2015-09-05 10:34 - 2015-03-08 10:07 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-04 17:27 - 2015-06-11 20:15 - 00000000 ____D C:\ProgramData\Norton
2015-09-04 10:52 - 2015-07-10 13:20 - 00261280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-04 10:52 - 2015-05-28 13:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 14:20 - 2015-08-13 10:07 - 00000000 ____D C:\Users\Jake\AppData\Roaming\TS3Client
2015-08-30 13:17 - 2015-07-10 13:20 - 00016786 _____ C:\WINDOWS\setupact.log
2015-08-30 13:14 - 2015-05-24 21:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-30 13:13 - 2015-06-27 07:43 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-30 11:55 - 2015-08-08 09:33 - 00000000 ____D C:\Users\Jake\Desktop\OreSpawn
2015-08-28 11:36 - 2015-07-10 17:26 - 00000000 ____D C:\WINDOWS\OCR
2015-08-28 11:18 - 2015-03-24 16:54 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 11:00 - 2015-06-11 19:41 - 00000144 _____ C:\WINDOWS\Reimage.ini
2015-08-27 11:00 - 2015-06-11 19:41 - 00000120 _____ C:\WINDOWS\efix.ini
 
==================== Files in the root of some directories =======
 
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jake\AppData\Roaming\1EuVvV6t5DApC21tFX
2015-05-23 11:34 - 2015-06-11 19:16 - 0000024 _____ () C:\Users\Jake\AppData\Roaming\appdataFr25.bin
2015-03-07 20:19 - 2015-09-19 10:20 - 0000432 _____ () C:\Users\Jake\AppData\Roaming\sp_data.sys
2015-04-18 10:09 - 2015-04-18 10:13 - 0000402 _____ () C:\Users\Jake\AppData\Local\Temp-log.txt
2015-05-11 18:27 - 2015-05-11 18:27 - 0000000 _____ () C:\Users\Jake\AppData\Local\Temp.dat
2015-03-07 20:10 - 2015-03-07 20:12 - 0030325 _____ () C:\Users\Jake\AppData\Local\WiDiSetupLog.20150307.191024.wdl
2015-05-25 10:37 - 2015-06-11 19:19 - 0000112 _____ () C:\ProgramData\3LJcoQm.dat
2014-03-28 11:31 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2009-07-29 07:01 - 2009-07-28 19:31 - 0000223 _____ () C:\ProgramData\setwallpaper.cmd
2009-07-29 07:01 - 2009-07-23 02:04 - 0024576 _____ () C:\ProgramData\SetWallpaper.exe
 
Files to move or delete:
====================
C:\ProgramData\3LJcoQm.dat
C:\ProgramData\SetStretch.VBS
C:\ProgramData\SetWallpaper.exe
 
 
Some files in TEMP:
====================
C:\Users\Jake\AppData\Local\Temp\Gw2.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-04 17:34
 
==================== End of FRST.txt ============================


#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:02 PM

Posted 19 September 2015 - 06:58 AM

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 Leannachouir7

Leannachouir7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 07:40 AM

# AdwCleaner v5.008 - Logfile created 19/09/2015 at 13:15:34
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : Jake - JAKE-PC
# Running from : C:\Users\Jake\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : ReimageRealTimeProtector
Service Found : TSSKX64
 
***** [ Folders ] *****
 
Folder Found : C:\rei
Folder Found : C:\Program Files\Reimage
Folder Found : C:\Program Files\eFix
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\tencent
Folder Found : C:\Program Files (x86)\AllSavEir
Folder Found : C:\Program Files (x86)\BittSaveri
Folder Found : C:\Program Files (x86)\DigiiSAveer
Folder Found : C:\Program Files (x86)\DIgiSavoer
Folder Found : C:\Program Files (x86)\Fun2uSave
Folder Found : C:\Program Files (x86)\UnoiDDEalsi
Folder Found : C:\Program Files (x86)\Common Files\tencent
Folder Found : C:\Program Files\Common Files\tencent
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\ProgramData\tencent
Folder Found : C:\ProgramData\The AdBlocker
Folder Found : C:\ProgramData\28341ff220e0446c9fff27c4493d622e
Folder Found : C:\ProgramData\3a0ec2d4000077e8
Folder Found : C:\ProgramData\78cd8f3aba2f4344a6cb8054ab434371
Folder Found : C:\ProgramData\924de00000003de2
Folder Found : C:\ProgramData\{5de74830-1fd6-7dce-5de7-748301fd20c0}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrentex
Folder Found : C:\Users\Jake\AppData\Local\globalUpdate
Folder Found : C:\Users\Jake\AppData\Local\SmartWeb
Folder Found : C:\Users\Jake\AppData\Local\FileViewPro
Folder Found : C:\Users\Jake\AppData\Local\Max_Computer_Cleaner
Folder Found : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjcgpbffennccofdpganblbjiglnbip
Folder Found : C:\Users\Jake\AppData\Roaming\tencent
Folder Found : C:\Users\Jake\Documents\MaxComputerCleaner
 
***** [ Files ] *****
 
File Found : C:\END
File Found : C:\i??pl?r?.b?t.exe
File Found : C:\fir?f??.b?t.exe
File Found : C:\fir?f??.b?t.exe
File Found : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nociobghckdhokecfeajdpimjeapnopn_0.localstorage
File Found : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_videopad-video-editor.en.softonic.com_0.localstorage
File Found : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_videopad-video-editor.en.softonic.com_0.localstorage-journal
File Found : C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\searchplugins\safesearch.xml
File Found : C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\user.js
File Found : C:\Users\Public\Desktop\eFix Pro.lnk
File Found : C:\WINDOWS\efix.ini
File Found : C:\WINDOWS\Reimage.ini
File Found : C:\WINDOWS\Sysnative\drivers\TSSKX64.sys
File Found : C:\WINDOWS\Sysnative\drivers\TFsFltX64.sys
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
Task Found : Reimage Reminder
Task Found : ReimageUpdater
Task Found : MaxComputerCleaner_Start
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found : HKLM\SOFTWARE\CLASSES\METNSD
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\efix.exe
Key Found : HKLM\SOFTWARE\Classes\Pd3dc0328_a1c6_400c_9885_3a29552f1695_.Pd3dc0328_a1c6_400c_9885_3a29552f1695_
Key Found : HKLM\SOFTWARE\Classes\Pd3dc0328_a1c6_400c_9885_3a29552f1695_.Pd3dc0328_a1c6_400c_9885_3a29552f1695_.9
Key Found : HKLM\SOFTWARE\165e864f-78da-cdd7-2d83-950057ffd862
Key Found : HKLM\SOFTWARE\55d5f7f1-73c7-b895-9367-3f2a20ff899b
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{d3dc0328-a1c6-400c-9885-3a29552f1695}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{40951615-F2E2-4855-9BB0-68F80D247514}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{532ECD0F-E6C9-4ACE-860A-3730B1F6F1DD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d3dc0328-a1c6-400c-9885-3a29552f1695}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0633EE93-D776-472F-A0FF-E1416B8B2E3D}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{d3dc0328-a1c6-400c-9885-3a29552f1695}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3D}
Key Found : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\efixpro
Key Found : HKCU\Software\eFix
Key Found : HKCU\Software\MaxComputerCleanerLanguage
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Key Found : HKCU\Software\WEBAPP
Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AEF02C3-5159-4C81-A688-8D954F0DEE56}_NewSearch
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\efixpro
Key Found : [x64] HKCU\Software\eFix
Key Found : [x64] HKCU\Software\MaxComputerCleanerLanguage
Key Found : [x64] HKCU\Software\PRODUCTSETUP
Key Found : [x64] HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Key Found : [x64] HKCU\Software\WEBAPP
Key Found : [x64] HKLM\SOFTWARE\Reimage
Key Found : [x64] HKLM\SOFTWARE\eFix
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eFix Pro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q=
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q=
Data Found : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
Data Found : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://spacesearch.ru/?ri=1&rsid=964c5d1821aa8ebc0622aea2be638e0f&q={searchTerms}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}
Key Found : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
Key Found : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}
 
***** [ Web browsers ] *****
 
[C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ihokndmjeombjojnfkmapfnjeghjohim
[C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : pgjcgpbffennccofdpganblbjiglnbip
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10421 bytes] ##########


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:02 PM

Posted 19 September 2015 - 07:45 AM

 

# Option : Scan

 

Please follow the instructions

 

 

click on the Clean button.

 

and post the log. :)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 Leannachouir7

Leannachouir7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 07:52 AM

It's found GetSearch but I don't know where the clean button is :/


Edited by Leannachouir7, 19 September 2015 - 07:54 AM.


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:02 PM

Posted 19 September 2015 - 07:56 AM

Attached File  clean.PNG   1.56KB   0 downloads


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 Leannachouir7

Leannachouir7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 08:07 AM

Mine says Cleaning, 

 

# AdwCleaner v5.008 - Logfile created 19/09/2015 at 13:57:11
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : Jake - JAKE-PC
# Running from : C:\Users\Jake\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : ReimageRealTimeProtector
[-] Service Deleted : TSSKX64
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files\eFix
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\predm
[-] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\AllSavEir
[-] Folder Deleted : C:\Program Files (x86)\BittSaveri
[-] Folder Deleted : C:\Program Files (x86)\DigiiSAveer
[-] Folder Deleted : C:\Program Files (x86)\DIgiSavoer
[-] Folder Deleted : C:\Program Files (x86)\Fun2uSave
[-] Folder Deleted : C:\Program Files (x86)\UnoiDDEalsi
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[-] Folder Deleted : C:\Program Files\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\The AdBlocker
[-] Folder Deleted : C:\ProgramData\28341ff220e0446c9fff27c4493d622e
[-] Folder Deleted : C:\ProgramData\3a0ec2d4000077e8
[-] Folder Deleted : C:\ProgramData\78cd8f3aba2f4344a6cb8054ab434371
[-] Folder Deleted : C:\ProgramData\924de00000003de2
[-] Folder Deleted : C:\ProgramData\{5de74830-1fd6-7dce-5de7-748301fd20c0}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrentex
[-] Folder Deleted : C:\Users\Jake\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Jake\AppData\Local\SmartWeb
[-] Folder Deleted : C:\Users\Jake\AppData\Local\FileViewPro
[-] Folder Deleted : C:\Users\Jake\AppData\Local\Max_Computer_Cleaner
[-] Folder Deleted : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjcgpbffennccofdpganblbjiglnbip
[-] Folder Deleted : C:\Users\Jake\AppData\Roaming\tencent
[-] Folder Deleted : C:\Users\Jake\Documents\MaxComputerCleaner
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\i??pl?r?.b?t.exe
[-] File Deleted : C:\fir?f??.b?t.exe
[-] File Deleted : C:\fir?f??.b?t.exe
[-] File Deleted : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nociobghckdhokecfeajdpimjeapnopn_0.localstorage
[-] File Deleted : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_videopad-video-editor.en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_videopad-video-editor.en.softonic.com_0.localstorage-journal
[-] File Deleted : C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\searchplugins\safesearch.xml
[-] File Deleted : C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\okdhr6km.default\user.js
[-] File Deleted : C:\Users\Public\Desktop\eFix Pro.lnk
[-] File Deleted : C:\WINDOWS\efix.ini
[-] File Deleted : C:\WINDOWS\Reimage.ini
[-] File Deleted : C:\WINDOWS\Sysnative\drivers\TSSKX64.sys
[-] File Deleted : C:\WINDOWS\Sysnative\drivers\TFsFltX64.sys
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : MaxComputerCleaner_Start
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\efix.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Pd3dc0328_a1c6_400c_9885_3a29552f1695_.Pd3dc0328_a1c6_400c_9885_3a29552f1695_
[-] Key Deleted : HKLM\SOFTWARE\Classes\Pd3dc0328_a1c6_400c_9885_3a29552f1695_.Pd3dc0328_a1c6_400c_9885_3a29552f1695_.9
[-] Key Deleted : HKLM\SOFTWARE\165e864f-78da-cdd7-2d83-950057ffd862
[-] Key Deleted : HKLM\SOFTWARE\55d5f7f1-73c7-b895-9367-3f2a20ff899b
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{d3dc0328-a1c6-400c-9885-3a29552f1695}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{40951615-F2E2-4855-9BB0-68F80D247514}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{532ECD0F-E6C9-4ACE-860A-3730B1F6F1DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d3dc0328-a1c6-400c-9885-3a29552f1695}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0633EE93-D776-472F-A0FF-E1416B8B2E3D}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{d3dc0328-a1c6-400c-9885-3a29552f1695}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3D}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\efixpro
[-] Key Deleted : HKCU\Software\eFix
[-] Key Deleted : HKCU\Software\MaxComputerCleanerLanguage
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AEF02C3-5159-4C81-A688-8D954F0DEE56}_NewSearch
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\IM
[!] Key Not Deleted : [x64] HKCU\Software\efixpro
[!] Key Not Deleted : [x64] HKCU\Software\eFix
[!] Key Not Deleted : [x64] HKCU\Software\MaxComputerCleanerLanguage
[!] Key Not Deleted : [x64] HKCU\Software\PRODUCTSETUP
[!] Key Not Deleted : [x64] HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\eFix
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eFix Pro
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Data Restored : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}
[!] Key Not Deleted : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
[!] Key Not Deleted : HKU\S-1-5-21-446222923-3578191987-212603048-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
[-] [C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : pokemon-battle-revolution-pc-game.en.softonic.com
[-] [C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : getsearch
[-] [C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ihokndmjeombjojnfkmapfnjeghjohim
[-] [C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pgjcgpbffennccofdpganblbjiglnbip
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11234 bytes] ##########


#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:02 PM

Posted 19 September 2015 - 08:10 AM

Mine says Cleaning,


Thanks for letting me know. :)

Step 1

v21logo.PNG

Scan with Malwarebytes Anti-Malware.
  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].
mbamv21.gif

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

Edited by deeprybka, 19 September 2015 - 08:10 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 Leannachouir7

Leannachouir7
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 19 September 2015 - 08:10 AM

Atleast I already have Malware Bytes downloaded :D






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users