Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My DNSAPI.DLL is infected.


  • This topic is locked This topic is locked
34 replies to this topic

#1 Huntchez

Huntchez

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 27 October 2015 - 10:38 AM

Hello everyone.

 

For the past few weeks, I have been having issues with my DNSAPI.dll . This problem occured around the beginning of the month. I'm not 100% sure if this occured because I did a force reboot (holding the power button), one of any of the 'Trojans' found by Microsoft Security Essentials that I removed, or all the mareware and viruses I caught in a bad download, which I had professional help with removing. I'm not which of the 3 is the cause.

 

This is my VirusTotal scan of my Dnsapi.dll : https://www.virustotal.com/en/file/a53e2e6742b772809ed22f80ef29b16bf8a4e2f44e23018791580c964fe98858/analysis/1445916953/

 

Whenever I did SFC /SCANNOW, it would make my Windows 7 no longer geniune and my connection would be stuck at 'identifying.' I don't know what's changed since around the 15th, but whatever I had uninstalled since then (MSE) along with downloading some Windows updates, upon doing SFC /SCANNOW my Windows remain genuine, but my connection remains at 'identifying' with every network I try to connect to.

 

Although I have this pop-up saying DNSAPI.DLL is missing, this can be bypassed by running programs as Admin.

 

When I tried Regsvr32 Dnsapi.dll in command prompt, I get:

 

kZ3KL.png

 

I also get that when I try registering clean Dnsapi dlls from valid sources, and even a clean copy from a friend.

 

I'm at a loss. My laptop lacks the partition to reboot to factory settings, and it will be awhile before I can afford a Windows 7 installation disc.

 

 

 



BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 30 October 2015 - 09:58 PM

Hello HuntChez  and welcome to BleepingComputer!                       :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be approved first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 3 days, feel free to PM me.                        :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 3 days I will bump the topic, if you didn't reply in next 3 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 Huntchez

Huntchez
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 01 November 2015 - 07:49 AM

This is the FRST.Txt

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Toshiba (administrator) on TOSHIBA-PC (01-11-2015 07:34:33)
Running from C:\Users\Toshiba\Downloads\Bleep
Loaded Profiles: Toshiba (Available Profiles: Toshiba)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\puush\puush.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Akamai Technologies, Inc.) C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe
(© 2015 Microsoft Corporation) C:\Users\Toshiba\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Akamai Technologies, Inc.) C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe
() C:\Users\Toshiba\Desktop\DDMM_v1.1\DDMM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\HexChat\hexchat.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Trion Worlds Inc.) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
(Trion Worlds Inc.) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5669480 2015-05-14] (FreeDownloadManager.ORG)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [BingSvc] => C:\Users\Toshiba\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [BitTorrent] => C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe [1977192 2015-10-20] (BitTorrent Inc.)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [GNE_DualMonitorTools] => C:\Users\Toshiba\Downloads\DualMonitorTools-2.0\DMT.exe
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [ddmm] => C:\Users\Toshiba\Desktop\DDMM_v1.1\DDMM.exe [48640 2010-04-09] ()
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\MountPoints2: {c7b338a4-174d-11e5-9461-edef1e93c3fe} - E:\setup.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 167.206.13.180 167.206.13.181
Tcpip\..\Interfaces\{2A421DBC-1C03-4EB6-9B60-25B9D476C5EA}: [DhcpNameServer] 167.206.13.180 167.206.13.181
Tcpip\..\Interfaces\{585248ED-47ED-4EF7-9DD3-50C3C2DBE810}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-92233877-364066824-1895237924-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com
hxxp://google.com/
HKU\S-1-5-21-92233877-364066824-1895237924-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2D&ocid=SK2DDHP&osmkt=en-us
HKU\S-1-5-21-92233877-364066824-1895237924-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
SearchScopes: HKU\S-1-5-21-92233877-364066824-1895237924-1000 -> {0D72E4A4-32FF-4C9F-95E8-8594B09D55CB} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16] (Oracle Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-05-14] (FreeDownloadManager.ORG)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SK2D&ocid=SK2DDHP&osmkt=en-us
hxxp://search.swagbucks.com/?f=51
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2DDF&PC=SK2D&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-92233877-364066824-1895237924-1000: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-a171864306c74d84\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-92233877-364066824-1895237924-1000: @nsroblox.roblox.com/launcher64 -> C:\Program Files (x86)\Roblox\Versions\version-a171864306c74d84\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation)
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\searchplugins\bing-.xml [2015-10-06]
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\searchplugins\swagbucks.xml [2015-09-19]
FF Extension: Avira Browser Safety - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\Extensions\abs@avira.com [2015-10-23] [not signed]
FF Extension: EPUBReader - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-09-21]
FF Extension: ExHentai Easy 2 - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2015-10-25]
FF HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14
FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14 [2015-08-11]

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=Tightrope&dpid=Tightrope&co=US&userid=c6a584e7-ad5d-4be6-9f48-6d446a313ebc&searchtype=hp","hxxp://search.babylon.com/?affID=117023&tt=0313_2&babsrc=HP_ss&mntrId=14302a32000000000000001fe153d98d","hxxp://feed.snap.do/?publisher=Tightrope&dpid=Tightrope&co=US&userid=c6a584e7-ad5d-4be6-9f48-6d446a313ebc&searchtype=hp&installDate=01/01/1970","hxxp://feed.snap.do/?publisher=Tightrope&dpid=Tightrope&co=US&userid=c6a584e7-ad5d-4be6-9f48-6d446a313ebc&searchtype=hp&installDate={installDate}","hxxp://www.delta-search.com/?affID=119816&tt=190313_wctrl&babsrc=HP_ss&mntrId=FCBB047D7B382FFA","hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=032513","hxxp://www.search.delta-search.com/?affID=119816&tt=190313_wctrl&babsrc=HP_ss_d2sg&mntrId=FCBB047D7B382FFA","hxxp://start.sweetpacks.com/?barid={7C9C71EE-CED5-11E2-8EAF-047D7B382FFA}&src=10&crg=3.5000006.10042&st=23","hxxp://search.babylon.com/?affID=119816&tt=190313_wctrl&babsrc=HP_ss_bay2g&mntrId=FCBB047D7B382FFA","hxxp://search.conduit.com/?ctid=CT3298583&SearchSource=48&CUI=UN11294774832233024&UM=2","hxxp://www.msn.com/?pc=U040&ocid=U040DHP&dt=080213","hxxp://www.bing.com/?pc=U160&ocid=U160DHP&dt=080913","hxxp://google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2015-03-30]
CHR Extension: (Torrent Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2015-03-30]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2015-06-15]
CHR Extension: (Duolingo on the Web) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-03-30]
CHR Extension: (Theme Creator) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-17]
CHR Extension: (TV) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Form Filler) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2015-03-30]
CHR Extension: (Sad Panda) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2015-09-17]
CHR Extension: (JunkFill) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajejbcjfkhgmfbapmhopccephhjedeb [2015-06-16]
CHR Extension: (Adblock Plus) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-16]
CHR Extension: (WebCamera360) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfojbadjlaaiddllnogeohfgamgedcfd [2015-03-30]
CHR Extension: (Comics and Manga online) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmidfbpiiicmkfimcbcoagpmchgmkpl [2015-03-30]
CHR Extension: (Google Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Photoshop 4U) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\damhoidgnfbiidoiajljbdpgnojmemlf [2015-10-16]
CHR Extension: (Torrent Turbo Search App) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif [2015-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-20]
CHR Extension: (FabCam) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-08-03]
CHR Extension: (iPiccy Photo Editor) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2015-04-14]
CHR Extension: (Pixect) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh [2015-03-30]
CHR Extension: (Little Alchemy) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-06-11]
CHR Extension: (Build with Chrome) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-03-30]
CHR Extension: (Pix: Pixel Mixer) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbjiacdnbellpbhocabghholhnlboibg [2015-03-30]
CHR Extension: (Webcam Toy) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-08-26]
CHR Extension: (Comic Webcam) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffhmndpldceogndeognocbpmlgdemi [2015-03-30]
CHR Extension: (TextNow) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkjdngkmnogclafejjgbgjjegoaahihg [2015-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (GIFPAL) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2015-03-30]
CHR Extension: (Foto Rulez) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\odahhdimpaeigjcdbgcnhemlkejclmmk [2015-03-30]
CHR Extension: (My Chrome Theme) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-26]
CHR Extension: (Rollip - Photo Effects) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp [2015-03-30]
CHR Extension: (Psykopaint) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-92233877-364066824-1895237924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ahmpjcflkgiildlgicmcieglgoilbfdp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-10-23] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-07-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-07-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-16] (BlueStack Systems, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3460784 2015-01-05] (INCA Internet Co., Ltd.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-10-23] (BitRaider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-07-16] (BlueStack Systems)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-21] (REALiX™)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-10-21] (Qualcomm Atheros Co., Ltd.)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [402136 2015-10-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-10-21] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)
S3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx64.sys [34512 2015-04-01] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va020; \??\C:\Windows\SysWOW64\Drivers\X6va020 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 X6va031; \??\C:\Windows\SysWOW64\Drivers\X6va031 [X]
S3 X6va060; \??\C:\Windows\SysWOW64\Drivers\X6va060 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 07:34 - 2015-11-01 07:34 - 00000000 ____D C:\FRST
2015-10-31 18:46 - 2015-10-31 18:46 - 00000219 _____ C:\Users\Toshiba\Desktop\Team Fortress 2.url
2015-10-31 04:58 - 2015-10-31 04:58 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\Toshiba\Downloads\aurakingdom_us_downloader.exe
2015-10-30 23:16 - 2015-10-30 23:16 - 00001311 _____ C:\Users\Toshiba\Desktop\ROBLOX Player.lnk
2015-10-30 23:14 - 2015-10-30 23:14 - 00969584 _____ (ROBLOX Corporation) C:\Users\Toshiba\Downloads\RobloxPlayerLauncher(1).exe
2015-10-29 20:54 - 2015-10-29 21:49 - 00009728 _____ C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-28 14:39 - 2015-10-28 14:39 - 00000000 ____D C:\Users\Toshiba\AppData\Local\DDMM
2015-10-28 14:38 - 2015-10-28 14:38 - 00000000 ____D C:\Users\Toshiba\Desktop\DDMM_v1.1
2015-10-28 14:37 - 2015-10-28 14:37 - 00030715 _____ C:\Users\Toshiba\Desktop\DDMM_v1.1.zip
2015-10-28 13:46 - 2015-10-28 13:46 - 00001243 _____ C:\Users\Toshiba\AppData\Local\recently-used.xbel
2015-10-28 13:44 - 2015-10-31 14:01 - 00000504 _____ C:\Windows\setupact.log
2015-10-28 13:44 - 2015-10-28 13:44 - 00000000 _____ C:\Windows\setuperr.log
2015-10-28 12:34 - 2015-10-28 12:34 - 00000000 ____D C:\Users\Toshiba\Downloads\Darkflower
2015-10-26 22:51 - 2015-10-26 22:34 - 01956086 _____ C:\Users\Toshiba\Desktop\CBS.log
2015-10-26 21:26 - 2015-10-26 21:26 - 01440440 _____ C:\Users\Toshiba\Desktop\kekek.7z
2015-10-26 21:26 - 2015-10-26 21:26 - 00000000 ____D C:\Users\Toshiba\Desktop\kekek
2015-10-25 19:31 - 2015-10-25 19:32 - 00208650 _____ C:\Users\Toshiba\Downloads\DualMonitorTools-2.0.zip
2015-10-23 21:51 - 2015-10-23 21:51 - 00000000 ____D C:\Users\Toshiba\AppData\Local\SWTOR
2015-10-23 19:43 - 2015-10-26 21:49 - 00000000 ____D C:\ProgramData\BitRaider
2015-10-23 19:43 - 2015-10-23 19:43 - 00000000 ____D C:\Users\Toshiba\AppData\Local\SWTORPerf
2015-10-23 19:43 - 2015-10-23 19:43 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2015-10-23 19:30 - 2015-10-23 19:30 - 00001445 _____ C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2015-10-23 19:29 - 2015-10-23 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-10-23 19:29 - 2015-10-23 19:29 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-10-23 19:28 - 2015-10-23 19:30 - 00014234 _____ C:\Users\Toshiba\Documents\Install STAR WARS The Old Republic.log
2015-10-23 19:27 - 2015-10-23 19:27 - 29720272 _____ C:\Users\Toshiba\Downloads\SWTOR_setup.exe
2015-10-23 16:37 - 2015-11-01 07:34 - 00000000 ____D C:\Users\Toshiba\Downloads\Bleep
2015-10-23 16:37 - 2015-10-23 17:01 - 00000000 ____D C:\BlackDesertOnline
2015-10-23 16:37 - 2015-10-23 16:37 - 12808280 _____ (Daum Games) C:\Users\Toshiba\Downloads\BlackDesertAlphaLauncher.exe
2015-10-21 19:13 - 2015-10-21 19:13 - 00000000 ____D C:\Windows\DEA314C409294250BC9298E4C105F28D.TMP
2015-10-21 09:40 - 2015-10-21 09:40 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-10-21 09:39 - 2015-10-21 09:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-10-21 09:39 - 2015-10-21 09:39 - 03709656 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2015-10-21 09:39 - 2015-10-21 09:39 - 00402136 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2015-10-21 09:39 - 2015-10-21 09:39 - 00129224 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C62x64.sys
2015-10-21 09:39 - 2015-10-21 09:39 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 01577600 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64AP62.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 01576576 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
2015-10-21 09:38 - 2015-10-21 09:38 - 00531072 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A85.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00252760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00234840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00050304 _____ (Conexant Systems Inc.) C:\Windows\system32\CxPageMaster64.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00030893 _____ C:\Windows\system32\Drivers\Mixer.ini
2015-10-21 09:38 - 2015-10-21 09:38 - 00000000 ____D C:\Program Files\CONEXANT
2015-10-21 09:31 - 2015-10-28 13:52 - 00003260 _____ C:\Windows\System32\Tasks\Driver Booster Beta Scheduler
2015-10-21 09:31 - 2015-10-28 13:52 - 00002892 _____ C:\Windows\System32\Tasks\Driver Booster Beta SkipUAC (Toshiba)
2015-10-21 09:31 - 2015-10-21 09:40 - 00002181 _____ C:\Users\Public\Desktop\Driver Booster 3 Beta.lnk
2015-10-21 09:31 - 2015-10-21 09:31 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-10-21 09:31 - 2015-10-21 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 Beta
2015-10-21 09:30 - 2015-10-21 09:30 - 13670056 _____ (IObit ) C:\Users\Toshiba\Downloads\driver_booster_setup_beta.exe
2015-10-20 22:36 - 2015-10-20 22:36 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Skyrim
2015-10-20 22:36 - 2015-10-20 22:36 - 00000000 ____D C:\ProgramData\Steam
2015-10-20 10:53 - 2015-10-20 10:53 - 00001500 _____ C:\Users\Public\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk
2015-10-20 10:53 - 2015-10-20 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2015-10-20 09:23 - 2015-10-20 09:23 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2015-10-20 02:23 - 2015-10-20 04:59 - 00000000 ____D C:\Users\Toshiba\Downloads\The.Elder.Scrolls.V.Skyrim.Legendary.Edition.MULTi8-PROPHET
2015-10-18 13:14 - 2015-10-18 13:15 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Roblox
2015-10-18 13:13 - 2015-10-30 23:16 - 00001130 _____ C:\Users\Toshiba\Desktop\ROBLOX Studio.lnk
2015-10-18 13:13 - 2015-10-30 23:16 - 00000247 _____ C:\Users\Toshiba\AppData\LocalLow\rbxcsettings.rbx
2015-10-18 13:13 - 2015-10-30 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2015-10-18 13:13 - 2015-10-18 13:13 - 00000000 ____D C:\ProgramData\Roblox
2015-10-18 13:13 - 2015-10-18 13:13 - 00000000 ____D C:\Program Files (x86)\Roblox
2015-10-18 13:12 - 2015-10-18 13:13 - 00969584 _____ (ROBLOX Corporation) C:\Users\Toshiba\Downloads\RobloxPlayerLauncher.exe
2015-10-17 18:08 - 2015-09-18 14:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-17 18:08 - 2015-09-18 13:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-17 18:08 - 2015-09-15 23:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-17 18:08 - 2015-09-15 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-17 18:08 - 2015-09-15 23:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-17 18:08 - 2015-09-15 23:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-17 18:08 - 2015-09-15 23:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-17 18:08 - 2015-09-15 23:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-17 18:08 - 2015-09-15 23:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-17 18:08 - 2015-09-15 23:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-17 18:08 - 2015-09-15 23:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-17 18:08 - 2015-09-15 23:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-17 18:08 - 2015-09-15 23:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-17 18:08 - 2015-09-15 23:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-17 18:08 - 2015-09-15 23:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-17 18:08 - 2015-09-15 23:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-17 18:08 - 2015-09-15 22:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-17 18:08 - 2015-09-15 22:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-17 18:08 - 2015-09-15 22:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-17 18:08 - 2015-09-15 22:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-17 18:08 - 2015-09-15 22:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-17 18:08 - 2015-09-15 22:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-17 18:08 - 2015-09-15 22:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-17 18:08 - 2015-09-15 22:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-17 18:08 - 2015-09-15 22:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-17 18:08 - 2015-09-15 22:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-17 18:08 - 2015-09-15 22:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-17 18:08 - 2015-09-15 22:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-17 18:08 - 2015-09-15 22:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-17 18:08 - 2015-09-15 22:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-17 18:08 - 2015-09-15 22:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-17 18:08 - 2015-09-15 22:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-17 18:08 - 2015-09-15 22:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-17 18:08 - 2015-09-15 22:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-17 18:08 - 2015-09-15 22:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-17 18:08 - 2015-09-15 22:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-17 18:08 - 2015-09-15 22:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-17 18:08 - 2015-09-15 22:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-17 18:08 - 2015-09-15 22:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-17 18:08 - 2015-09-15 22:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-17 18:08 - 2015-09-15 22:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-17 18:08 - 2015-09-15 22:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-17 18:08 - 2015-09-15 22:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-17 18:08 - 2015-09-15 22:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-17 18:08 - 2015-09-15 22:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-17 18:08 - 2015-09-15 22:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-17 18:08 - 2015-09-15 22:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-17 18:08 - 2015-09-15 22:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-17 18:08 - 2015-09-15 22:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-17 18:08 - 2015-09-15 22:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-17 18:08 - 2015-09-15 21:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-17 18:08 - 2015-09-15 21:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-17 18:08 - 2015-09-15 21:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-17 18:08 - 2015-09-15 21:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-17 18:08 - 2015-09-15 21:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-17 18:08 - 2015-09-15 21:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-17 18:08 - 2015-09-15 21:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-17 18:08 - 2015-09-15 21:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-17 18:08 - 2015-09-15 21:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-17 18:08 - 2015-09-15 21:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-17 18:07 - 2015-07-18 08:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-17 18:06 - 2015-08-06 13:06 - 14182912 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-17 18:06 - 2015-08-06 13:06 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-17 18:06 - 2015-08-06 12:38 - 12878848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-17 18:06 - 2015-08-06 12:37 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-17 18:01 - 2015-09-25 13:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-17 18:01 - 2015-09-25 13:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-17 18:01 - 2015-09-25 13:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-17 18:01 - 2015-09-25 13:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-17 18:01 - 2015-09-25 12:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-17 18:00 - 2015-09-18 14:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-17 18:00 - 2015-09-18 14:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-17 18:00 - 2015-09-18 14:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-17 17:59 - 2015-10-01 13:12 - 00706496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-17 17:59 - 2015-10-01 13:10 - 00631384 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-17 17:59 - 2015-10-01 13:09 - 01729984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 01166336 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-17 17:59 - 2015-10-01 13:06 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-17 17:59 - 2015-10-01 13:06 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-17 17:59 - 2015-10-01 13:05 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-17 17:59 - 2015-10-01 13:05 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-17 17:59 - 2015-10-01 13:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-17 17:59 - 2015-10-01 13:05 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-17 17:59 - 2015-10-01 13:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-17 17:59 - 2015-10-01 13:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:43 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-17 17:59 - 2015-10-01 12:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-17 17:59 - 2015-10-01 11:47 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-17 17:59 - 2015-10-01 11:46 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-17 17:59 - 2015-10-01 11:46 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-17 17:59 - 2015-09-28 15:21 - 03996608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-17 17:59 - 2015-09-28 15:21 - 03940800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-17 17:59 - 2015-09-28 15:19 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-17 17:59 - 2015-09-28 15:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-17 17:59 - 2015-09-28 15:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-17 17:59 - 2015-09-28 15:15 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-17 17:59 - 2015-09-28 15:15 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-17 17:59 - 2015-09-28 15:15 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-17 17:59 - 2015-09-28 15:15 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-17 17:59 - 2015-09-28 15:11 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-17 17:59 - 2015-09-28 15:11 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 13:22 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-17 17:59 - 2015-09-28 11:35 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-17 17:59 - 2015-09-28 11:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-17 17:59 - 2015-09-28 11:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 11:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 11:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 11:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-17 17:59 - 2015-09-15 18:45 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-17 17:59 - 2015-09-15 18:45 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-17 17:59 - 2015-09-15 18:37 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-17 17:59 - 2015-09-15 18:37 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-17 17:59 - 2015-09-15 18:25 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-17 17:59 - 2015-09-15 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-17 17:59 - 2015-09-15 18:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-17 17:59 - 2015-09-15 18:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-17 17:59 - 2015-09-14 16:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-17 16:30 - 2015-10-17 16:30 - 00000000 ____D C:\Users\Toshiba\Documents\NCSOFT
2015-10-17 14:12 - 2015-10-17 14:12 - 00001176 _____ C:\Users\Public\Desktop\WildStar.lnk
2015-10-17 14:12 - 2015-10-17 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2015-10-17 14:12 - 2015-10-17 14:12 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2015-10-17 14:09 - 2015-10-17 14:09 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\NCSOFT
2015-10-17 14:09 - 2015-10-17 14:09 - 00000000 ____D C:\Users\Toshiba\AppData\Local\NCSOFT
2015-10-17 14:06 - 2015-10-17 14:07 - 01404376 _____ (NCSOFT) C:\Users\Toshiba\Downloads\Wildstar.exe
2015-10-15 23:23 - 2015-10-27 06:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-11 15:24 - 2015-10-11 15:25 - 00001901 _____ C:\Users\Toshiba\Downloads\Reset_Windows_Update_Full.bat
2015-10-11 11:07 - 2015-10-11 11:07 - 00985600 _____ C:\Users\Toshiba\Downloads\MicrosoftFixit50123.msi
2015-10-10 21:10 - 2015-10-10 21:10 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Solid State Networks
2015-10-10 21:09 - 2015-10-10 21:09 - 00002559 _____ C:\Users\Public\Desktop\Gigantic Launcher (64-bit).lnk
2015-10-10 21:09 - 2015-10-10 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motiga Games
2015-10-10 21:09 - 2015-10-10 21:09 - 00000000 ____D C:\Program Files\Motiga
2015-10-10 21:06 - 2015-10-10 21:07 - 51706040 _____ (Motiga Inc.) C:\Users\Toshiba\Downloads\GiganticSetup.exe
2015-10-07 01:02 - 2015-10-07 01:03 - 00844200 _____ (Akeo Consulting (http://akeo.ie)) C:\Users\Toshiba\Downloads\rufus-2.4.exe
2015-10-07 00:58 - 2015-10-07 00:59 - 00001975 _____ C:\Users\Toshiba\Downloads\Darkflower.zip
2015-10-06 23:31 - 2015-10-07 00:00 - 3320903680 _____ C:\Users\Toshiba\Downloads\0BxJgS33zZl9bZF9LWXJhakZaVGs.iso
2015-10-06 23:05 - 2015-10-06 23:05 - 00026288 _____ C:\Users\Toshiba\Downloads\GWXWebWindows.exe
2015-10-06 20:32 - 2015-10-06 20:32 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-06 20:32 - 2015-10-06 20:32 - 00001143 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-06 20:27 - 2015-10-06 20:27 - 00020886 _____ C:\Users\Toshiba\Documents\cc_20151006_212718.reg
2015-10-06 20:09 - 2015-10-06 20:09 - 00002029 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2015-10-06 20:09 - 2015-10-06 20:09 - 00002020 _____ C:\Users\Public\Desktop\Smite.lnk
2015-10-06 20:09 - 2015-10-06 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2015-10-06 19:59 - 2015-10-06 19:59 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-06 19:59 - 2015-10-06 19:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-06 19:59 - 2015-10-06 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-06 19:58 - 2015-10-06 19:58 - 43716224 _____ (Skype Technologies S.A.) C:\Users\Toshiba\Downloads\SkypeSetupFull.exe
2015-10-06 19:56 - 2015-10-06 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2015-10-06 19:56 - 2015-10-06 19:56 - 00000000 ____D C:\Program Files\HexChat
2015-10-06 19:55 - 2015-10-06 19:55 - 07660352 _____ (HexChat ) C:\Users\Toshiba\Downloads\HexChat 2.10.2 x64.exe
2015-10-06 19:53 - 2015-10-06 19:54 - 00016886 _____ C:\Users\Toshiba\Documents\cc_20151006_205355.reg
2015-10-06 19:40 - 2015-10-10 21:31 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Solvusoft
2015-10-06 19:40 - 2015-10-06 19:39 - 03895432 ____N (solvusoft Corporation ) C:\Users\Toshiba\Desktop\Setup_WinThruster_2015.exe
2015-10-06 19:40 - 2012-10-15 16:02 - 00019888 _____ (solvusoft) C:\Windows\system32\roboot64.exe
2015-10-06 19:24 - 2015-09-16 02:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 07:40 - 2015-03-27 14:15 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Skype
2015-11-01 07:36 - 2015-06-26 18:39 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-01 07:22 - 2014-07-17 12:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-01 06:51 - 2015-03-27 14:14 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 03:00 - 2015-03-27 12:13 - 01585310 _____ C:\Windows\WindowsUpdate.log
2015-10-31 21:25 - 2009-07-13 23:45 - 00023040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-31 21:25 - 2009-07-13 23:45 - 00023040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-31 18:46 - 2015-06-26 19:09 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-31 17:51 - 2015-03-27 14:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-31 17:16 - 2015-06-19 20:18 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\.minecraft
2015-10-31 14:02 - 2015-04-14 18:48 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\vlc
2015-10-30 23:59 - 2009-07-13 21:34 - 00000430 _____ C:\Windows\win.ini
2015-10-30 16:10 - 2015-06-29 01:59 - 00000000 ____D C:\Program Files (x86)\SmilegateWest
2015-10-29 21:11 - 2015-06-10 23:12 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2
2015-10-29 13:32 - 2015-06-29 01:06 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\HexChat
2015-10-29 01:00 - 2015-03-30 23:09 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Adobe
2015-10-28 17:25 - 2015-05-08 23:13 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Kodi
2015-10-28 13:52 - 2015-04-14 14:48 - 00000000 ____D C:\ProgramData\ProductData
2015-10-28 13:48 - 2015-05-28 12:37 - 00003238 _____ C:\Windows\System32\Tasks\Run LSI
2015-10-28 13:47 - 2015-06-15 05:37 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Free Download Manager
2015-10-28 13:47 - 2015-05-28 12:30 - 00000000 ____D C:\Program Files (x86)\LSI
2015-10-28 13:47 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-28 05:49 - 2015-04-14 22:19 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Raptr
2015-10-27 14:04 - 2015-06-19 22:13 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\TS3Client
2015-10-27 14:02 - 2015-06-19 22:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-26 22:57 - 2015-09-16 16:56 - 00001945 _____ C:\Windows\epplauncher.mif
2015-10-26 22:47 - 2015-04-03 19:45 - 00000000 ____D C:\Users\Toshiba\AppData\Local\gtk-2.0
2015-10-26 22:18 - 2015-06-21 00:23 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\DAEMON Tools Lite
2015-10-26 22:18 - 2015-04-12 22:18 - 00000000 ____D C:\Windows\Minidump
2015-10-26 22:18 - 2015-04-03 19:37 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\BitTorrent
2015-10-26 21:50 - 2015-03-27 12:14 - 00000000 ____D C:\Users\Toshiba
2015-10-26 21:49 - 2015-06-10 23:41 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-26 21:49 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-26 21:49 - 2015-03-27 14:47 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\puush
2015-10-26 21:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2015-10-24 00:58 - 2015-03-27 14:17 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 19:29 - 2015-09-17 13:10 - 00000000 _____ C:\end
2015-10-23 19:29 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-23 16:56 - 2015-04-04 22:44 - 00000000 ____D C:\ProgramData\NexonUS
2015-10-23 16:47 - 2015-09-17 23:57 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-10-23 16:47 - 2015-09-17 23:34 - 00000000 ____D C:\AeriaGames
2015-10-23 15:19 - 2015-03-27 14:41 - 00000000 ____D C:\Users\Toshiba\AppData\Local\IceChat
2015-10-23 13:57 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-21 09:31 - 2015-04-14 14:48 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\IObit
2015-10-21 09:31 - 2015-04-14 14:48 - 00000000 ____D C:\ProgramData\IObit
2015-10-21 09:30 - 2015-04-14 14:48 - 00000000 ____D C:\Program Files (x86)\IObit
2015-10-20 10:53 - 2015-03-27 19:14 - 00000000 ____D C:\Users\Toshiba\Documents\My Games
2015-10-20 02:13 - 2015-06-23 10:06 - 05359135 _____ C:\Users\Toshiba\Desktop\ENPatch.rar
2015-10-20 02:13 - 2015-06-23 10:06 - 00795228 _____ C:\Users\Toshiba\Desktop\lf.stripped.db.7z
2015-10-20 01:50 - 2015-08-26 03:01 - 03352084 _____ C:\Users\Toshiba\Desktop\win32list_DO_NOT_DELETE_ME.txt
2015-10-20 01:50 - 2015-07-21 16:41 - 00034034 _____ C:\Users\Toshiba\Desktop\missingfiles.txt
2015-10-20 01:10 - 2015-06-23 10:03 - 00000012 _____ C:\Users\Toshiba\Desktop\precede.txt
2015-10-18 14:47 - 2009-07-14 00:13 - 00006166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-18 07:51 - 2015-03-27 12:15 - 00000000 ___RD C:\Users\Toshiba\Virtual Machines
2015-10-18 03:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-10-18 02:22 - 2015-04-18 03:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-18 02:22 - 2014-07-15 18:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-18 02:01 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-17 12:22 - 2014-07-17 12:04 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 12:22 - 2014-07-17 12:04 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 12:22 - 2014-07-17 12:04 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 11:01 - 2015-07-05 05:56 - 00000000 ____D C:\Windows\SysWOW64\DCS
2015-10-17 10:59 - 2015-09-17 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-11 13:20 - 2015-09-09 17:51 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-10-10 21:08 - 2015-03-30 23:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-07 00:08 - 2015-09-06 15:09 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-10-06 22:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\catroot2.bak
2015-10-06 20:09 - 2015-03-27 15:35 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-10-06 19:59 - 2014-07-17 12:06 - 00000000 ____D C:\ProgramData\Skype
2015-10-06 19:53 - 2014-07-17 12:13 - 00000000 ____D C:\Program Files\CCleaner
2015-10-03 22:52 - 2015-09-17 23:34 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Akamai
2015-10-03 22:52 - 2015-06-09 08:08 - 00000000 ____D C:\Users\Toshiba\Desktop\RJ155956
2015-10-03 22:52 - 2015-04-14 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2015-10-03 22:52 - 2015-04-14 22:19 - 00000000 ____D C:\Program Files (x86)\Raptr

==================== Files in the root of some directories =======

2015-04-01 17:04 - 2015-04-01 17:04 - 0001181 _____ () C:\Users\Toshiba\AppData\Roaming\trace_FilterInstaller.txt
2015-04-01 17:04 - 2015-04-01 17:04 - 0000000 _____ () C:\Users\Toshiba\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-10-29 20:54 - 2015-10-29 21:49 - 0009728 _____ () C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-28 13:46 - 2015-10-28 13:46 - 0001243 _____ () C:\Users\Toshiba\AppData\Local\recently-used.xbel

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2015-10-06 19:24] - [2015-09-16 02:48] - 0357888 ____A (Microsoft Corporation) A7A17A96EB45D10D58E6F5B61F44CA1B

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-18 02:53

==================== End of FRST.txt ============================

 

 

 

 

 

This is Addition.txt

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Toshiba (2015-11-01 07:42:00)
Running from C:\Users\Toshiba\Downloads\Bleep
Windows 7 Ultimate Service Pack 1 (X64) (2015-03-27 17:14:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-92233877-364066824-1895237924-500 - Administrator - Disabled)
Guest (S-1-5-21-92233877-364066824-1895237924-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-92233877-364066824-1895237924-1002 - Limited - Enabled)
Toshiba (S-1-5-21-92233877-364066824-1895237924-1000 - Administrator - Enabled) => C:\Users\Toshiba

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version:  - )
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Ancient Weapon Sounds (HKLM-x32\...\{E00A5837-482C-4DCE-B4CC-D16B343374E1}) (Version: 2.1.1 - Screaming Bee)
Archeblade (HKLM-x32\...\Steam App 207230) (Version:  - CodeBrush Games)
AutoHotkey 1.1.21.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.21.00 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitTorrent (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.34.4278 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{09D96B90-87D9-410A-A1E8-BF2F2CF6394A}) (Version: 0.9.34.4278 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comic Sound Pack (HKLM-x32\...\{91C78DA1-800F-4ACE-B6F6-206F7617D69E}) (Version: 2.1.1 - Screaming Bee)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.2.64 - Conexant)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
CrystalDiskInfo 6.3.2 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DC Universe Online Live (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Driver Booster 3.0 Beta2 (HKLM-x32\...\Driver Booster Beta_is1) (Version: 3.0 - IObit)
Fantasy Sound Pack (HKLM-x32\...\{B53415F5-4060-48DA-ABB8-00F768158F47}) (Version: 1.1.1 - Screaming Bee)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Free Download Manager 3.9.5 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Galactic Voices (HKLM-x32\...\{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}) (Version: 1.3.1 - Screaming Bee)
Gigantic Installer (HKLM-x32\...\{fb714f96-ecf3-484b-b780-edbd9e241da7}) (Version: 1.0.0.2 - Motiga Inc.)
Gigantic Launcher (64-bit) (Version: 1.3.0.1 - Motiga Inc.) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
IceChat 7.80 (Build 20141213) (HKLM-x32\...\IceChat_is1) (Version: 7.80 - IceChat Networks)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kodi (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Kodi) (Version:  - XBMC-Foundation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LSI - LoL Summoner Information (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.7.4 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Modern War Sounds (HKLM-x32\...\{A514E94F-C436-44C3-A1E9-1F58CD352669}) (Version: 1.0.1 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{4bfc0d50-0417-46a0-ab1e-475fb1a90916}) (Version: 4.4.17.22603 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OldSchool RuneScape Launcher 1.2.4 (HKLM-x32\...\{5D394B1B-03A1-43BC-BBA9-53BC880F86F3}) (Version: 1.2.4 - Jagex Ltd)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Phantasy Star Online 2: EPISODE 3 (HKLM-x32\...\{38CA1868-3A03-4B5D-93A1-FD6F61D6723A}_is1) (Version:  - SEGA)
Prime World version 10.2 (HKLM-x32\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 10.2 - Nival)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.)
ReadPlease 2003/ReadPlease PLUS 2003 (HKLM-x32\...\ReadPlease 2003_is1) (Version: 2003.1.10 - ReadPlease Corporation)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
Sci-Fi 2 Sound Pack (HKLM-x32\...\{62DC2D57-7AB8-4181-994B-C62D55FCE6F4}) (Version: 1.3.1 - Screaming Bee)
Sci-Fi Sound Pack (HKLM-x32\...\{D16C611D-CA6F-402B-9EDA-9862CF4A701B}) (Version: 1.1.1 - Screaming Bee)
Sci-Fi Voice Pack (HKLM-x32\...\{BC038C91-D3C6-4E43-8439-B65976FE7937}) (Version: 1.3.1 - Screaming Bee)
Skype Voice Changer (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\d8f4b4d52e33052f) (Version: 1.4.0.0 - Mark Heath)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.16.3039.0 - Hi-Rez Studios)
Special Effects Voices (HKLM-x32\...\{913C4C4F-9E3E-41A6-A614-1BDC1352A225}) (Version: 1.0.2 - Screaming Bee)
Spooky Sounds (HKLM-x32\...\{F71EBF86-9A73-44C0-A674-55FA3E4A8428}) (Version: 2.1.1 - Screaming Bee)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - Bluehole Inc.)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version:  - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - )
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Update for Outlook 2007 Junk Email Filter (kb943597) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A751F0DB-8476-4207-956E-20AEBBA4B1DA}) (Version:  - )
Vindictus (HKLM-x32\...\Steam App 212160) (Version:  - Nexon)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.11 - NCH Software)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.0.3 - Shark007)
Window NetManager (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Window NetManager) (Version: 1.08 - Green Air Computing)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

30-10-2015 09:03:09 Windows Update

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {078940E3-3589-4DF9-84BE-A4FA7065764D} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => C:\Windows\system32\WorkFoldersSystemTray.exe [2014-04-08] (Microsoft Corporation)
Task: {0DE517FB-0CF0-4719-86F1-4B6E53241EFD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {1E24495A-E2B3-4795-BC12-8115CDA802EE} - System32\Tasks\Uninstaller_SkipUac_Toshiba => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {23C75D9A-C478-4269-8454-B25BCEE663FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-27] (Google Inc.)
Task: {2D581C7F-93F7-45F5-A8E6-039A23426817} - System32\Tasks\Driver Booster Beta Scheduler => C:\Program Files (x86)\IObit\Driver Booster Beta\Scheduler.exe [2015-08-14] (IObit)
Task: {2EC6396F-062A-41F9-8F22-0F4DF1B7E90D} - \amiupdaterExd -> No File <==== ATTENTION
Task: {3EB3D77D-CEF2-4A5A-B99B-4534B548EE58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-27] (Google Inc.)
Task: {421AB410-2807-47D8-BB82-87AE7C397E5C} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-6 -> No File <==== ATTENTION
Task: {492AAC68-71F9-408F-9FFA-8B87FF77EBC6} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-3 -> No File <==== ATTENTION
Task: {4A9C7A5E-FDE6-4B03-8A2C-78888F859A78} - System32\Tasks\{12A9FE9B-9834-4EEA-A85A-B95777572264} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.3.0.120&amp;LastError=404
Task: {4CC061E5-B81C-4C50-852B-0C567D572CE5} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-4 -> No File <==== ATTENTION
Task: {4D319222-355F-43C9-B658-65DA3F4DE4B7} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {61A5E90B-F317-4675-901E-874AD8DFCA68} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> No File <==== ATTENTION
Task: {6996E5B9-F8F0-46EF-8922-D6ABA90C8275} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {7B66E274-3C28-4E64-93EA-DDD1845257E0} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-1-6 -> No File <==== ATTENTION
Task: {847C55E7-3D36-4759-8579-08C65EFF2E2C} - \amiupdaterExi -> No File <==== ATTENTION
Task: {87CAD1C1-BA72-4E41-B2E5-28AB17C16803} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-05-19] (Aequus Gaming)
Task: {9E70D02D-340E-445A-8910-C96CB692B8BF} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-1-7 -> No File <==== ATTENTION
Task: {A0BFE176-291C-489F-8750-FD82FE2C748B} - System32\Tasks\{58FA387B-8379-43E5-B61F-31E62BA99B4B} => C:\Program Files (x86)\SmilegateWest\LostSaga\LoginLauncherN.exe
Task: {A980FE22-72A6-4406-A89B-441758E658B7} - System32\Tasks\AdobeAAMUpdater-1.0-Toshiba-PC-Toshiba => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {AE44B1D7-F246-4C9D-87A6-E7AD94460983} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> No File <==== ATTENTION
Task: {AF52978C-F2CA-41E7-A20E-262C3EC1CE35} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe
Task: {BAA1FB98-4453-41C4-904B-96A3DA89137C} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-7 -> No File <==== ATTENTION
Task: {BAAA6E38-5A43-426E-AC78-BF1FC4A4E5D4} - \OAHAKSUGBN1 -> No File <==== ATTENTION
Task: {C98F6AFF-1261-4183-A6F2-4BB388B8C665} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-5 -> No File <==== ATTENTION
Task: {D0773902-C262-4E2F-A596-4252A880ADBC} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-10_user -> No File <==== ATTENTION
Task: {D09648E2-2AFB-44E2-A9AE-B0EF4CB4DB5E} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D0D4F27C-A40D-4178-97B8-84AAF70A6C1A} - \bvxvdxvx -> No File <==== ATTENTION
Task: {D7B6E652-5243-47B9-8C50-C94831E472E5} - System32\Tasks\Driver Booster Beta SkipUAC (Toshiba) => C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe [2015-08-14] (IObit)
Task: {F2DAFDAD-6291-49C0-8672-2C0533ADF391} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-5_user -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-10 13:20 - 2015-03-10 13:20 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-11 14:13 - 2015-02-11 14:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2011-04-05 01:18 - 2011-04-05 01:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-01-10 13:41 - 2015-03-30 11:34 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2015-04-01 14:51 - 2015-04-01 14:51 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-10-28 14:38 - 2010-04-09 23:03 - 00048640 _____ () C:\Users\Toshiba\Desktop\DDMM_v1.1\DDMM.exe
2015-10-06 19:56 - 2014-11-25 18:09 - 00741888 _____ () C:\Program Files\HexChat\hexchat.exe
2015-10-06 19:56 - 2014-11-22 18:48 - 00028160 _____ () C:\Program Files\HexChat\iconv.dll
2015-10-06 19:56 - 2014-11-22 18:50 - 01394688 _____ () C:\Program Files\HexChat\cairo.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 00682496 _____ () C:\Program Files\HexChat\fontconfig.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 01502720 _____ () C:\Program Files\HexChat\libxml2.dll
2015-10-06 19:56 - 2014-11-22 18:49 - 00613888 _____ () C:\Program Files\HexChat\pixman-1.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 00225280 _____ () C:\Program Files\HexChat\libpng16.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 00076288 _____ () C:\Program Files\HexChat\zlib1.dll
2015-10-06 19:56 - 2014-11-22 18:50 - 00783360 _____ () C:\Program Files\HexChat\harfbuzz.dll
2015-10-06 19:56 - 2014-11-22 18:51 - 00056832 _____ () C:\Program Files\HexChat\lib\gtk-2.0\i686-pc-vs10\engines\libwimp.dll
2015-10-06 19:56 - 2014-11-22 18:50 - 00287744 _____ () C:\Program Files\HexChat\lib\enchant\libenchant_myspell.dll
2015-10-06 19:56 - 2014-11-25 18:09 - 00011264 _____ () C:\Program Files\HexChat\plugins\hcupd.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-13 19:37 - 2014-08-13 19:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-13 19:37 - 2014-08-13 19:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2015-10-01 16:39 - 2015-07-27 14:32 - 02551040 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2010-11-22 17:56 - 2010-11-22 17:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2015-06-26 18:09 - 2013-11-20 19:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-17 19:56 - 2014-06-17 19:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 18:06 - 2010-11-22 18:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-10-21 09:30 - 2014-10-08 14:51 - 00348992 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\madExcept_.bpl
2015-10-21 09:30 - 2014-10-08 14:50 - 00183616 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\madBasic_.bpl
2015-10-21 09:30 - 2014-10-08 14:50 - 00051008 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\madDisAsm_.bpl
2015-10-21 09:30 - 2014-08-22 14:19 - 00893248 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\webres.dll
2015-10-21 09:30 - 2012-02-16 09:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\sqlite3.dll
2015-06-26 18:42 - 2015-10-05 11:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-26 18:42 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-26 18:42 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-26 18:42 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-26 18:42 - 2015-10-30 20:40 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-26 18:42 - 2015-10-30 20:40 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-21 18:05 - 2015-10-09 13:13 - 00193024 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-06-26 18:42 - 2015-10-08 17:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-26 18:41 - 2015-09-24 18:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-07-12 13:33 - 2015-11-01 07:29 - 01019904 _____ () C:\Program Files (x86)\Steam\steamapps\common\Trove\xlpack.dll
2015-06-26 18:42 - 2015-10-30 20:40 - 00373840 _____ () C:\Program Files (x86)\Steam\steam.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Folacaanl => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WWatcherProxy => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\sony.com -> sony.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-92233877-364066824-1895237924-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 167.206.13.180 - 167.206.13.181
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\startupfolder: C:^Users^Toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: BitTorrent => "C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{19AB3E21-927B-49A1-BC67-A5C5994ACF9F}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [UDP Query User{2EBFA2D4-67A4-40B2-8AA7-35BE39D22AE3}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [TCP Query User{9EC1248C-E841-42FB-B19E-94EFADF0F1A2}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [UDP Query User{A7FA18E8-5217-4666-84CF-6F5F634E5657}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [{8BA6E19E-45C7-4A9B-8A23-64E154ADC3E7}] => (Allow) C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B4E7BB01-C525-417B-A62A-D53BD4F1F640}] => (Allow) C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AC53D5D9-BFA9-4D24-91C9-9BFC9ACAD122}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{867C8A75-236D-40EF-9912-AB408577F942}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [TCP Query User{2445798B-1416-4755-89E5-A50320886965}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{8C49E1E6-3438-405E-B651-9B38CA6030F6}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{8BFDD7D2-80E3-45AE-B46B-09EF5B876E9C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{90A7C2A4-79B6-4687-8731-769F57F2261B}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{6E0BE764-28AD-4DFA-9D42-010091C0FC8F}C:\games\prime world\pvp\bin\pw_game.exe] => (Allow) C:\games\prime world\pvp\bin\pw_game.exe
FirewallRules: [UDP Query User{029F1A05-01F5-45AD-8EFE-C3D521E6C57A}C:\games\prime world\pvp\bin\pw_game.exe] => (Allow) C:\games\prime world\pvp\bin\pw_game.exe
FirewallRules: [{F6CB07D5-7158-4CAD-BB17-C7CAD2BF3133}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7C9A9ED0-ADC3-4167-89B2-AFEDB8D1D90D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{721D9BDF-E4A2-43A9-8C1B-CB000EFC3161}C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{9A17D573-2907-4FD5-8271-0419090FEFB9}C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7BFA0455-3799-4A03-B4F7-D32D0C8FD7EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A703CC86-6418-4E13-A0A4-233F6685916F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3EBE64ED-FBA2-4C9C-8514-176F69250766}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D5B9423F-CEC7-4CC9-BA60-28B4DCAEBCA4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D786C4C-EDB6-4C0F-88B1-C835C65BF169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C4F6FD75-666B-4D09-A943-F3B1F1A5EBEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{CE83A6DB-128A-4D57-A6D2-A7DB2548C9A8}C:\program files (x86)\steam\steamapps\common\archeblade\binaries\win32\archeblade.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\archeblade\binaries\win32\archeblade.exe
FirewallRules: [UDP Query User{1173A0C1-C378-4101-94A6-7957C73E76EE}C:\program files (x86)\steam\steamapps\common\archeblade\binaries\win32\archeblade.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\archeblade\binaries\win32\archeblade.exe
FirewallRules: [{76EA6D96-0842-41E2-A574-85F6CD42A2F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{D127A1EC-60F9-4772-BC13-B0C3F745EBC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{DF537C1D-2EEE-4639-814D-9FCB688C224D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GunZ 2 The Second Duel\Gunz2_Steam.exe
FirewallRules: [{26F912FF-3400-47E2-8831-4C703ED70BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GunZ 2 The Second Duel\Gunz2_Steam.exe
FirewallRules: [{B6AC3470-938C-408A-8300-DF063A0A1904}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{BDE31F20-8965-4D64-8CF3-DFB8CCAF1726}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{806751E4-4CC0-4FFA-A3CA-105DA1621465}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{A6B5FE13-DD7A-478F-9402-9DDED31C12C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{F4AD4B9F-E28F-476A-8132-7AB76F5F0A14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{3445AE7C-4257-4AAA-8A58-4A8341BBC9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{D9AC912A-5E21-4133-BE5D-4A003077F044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{18049FB1-D727-4C80-B38D-63FD4A77D244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{285F756B-1BE3-4A48-821E-ABCCDEC85508}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9CA8F47D-43A4-43AE-86B7-97E66DE07ED7}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{DCFF61DA-7D53-45D8-BBEC-6F6FD64C2242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{BBCCDB16-94EB-4584-A2D7-CEFE48EF7B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [TCP Query User{5193D9B1-7E9C-45C0-96AB-4EADFEC19940}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{99CA93BA-694E-46AF-AC8E-2B9160E24DFA}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{6CC118A1-7174-4AC6-9823-51C7B3081362}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7B1849FC-11C5-4E9B-B5F4-D1D65085251D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7D8E653A-55C7-4634-8FEF-393E9D20CA0B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6A8EDB95-2EFC-4881-BFE7-8E71F9F639D0}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{12B746C2-A3C1-4548-A8B5-74AA8319CF10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F56A236F-FB09-4C61-A8E2-1DAA78BCF140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FC316330-1B28-46BF-BF71-F5DDF9AE11A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F2665051-9873-4A5D-B4B1-45CA4DB6C7B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B8E8619B-7553-49A0-8AEC-34CE8C65BEAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{6940F642-104B-4968-A4AA-781C2B6F07BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{8A19B139-2D2D-401B-B8D8-F8CAF7A7484A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{DFD79C1C-0FA1-4439-AFD3-D8DD824AB145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C41C61E4-0220-43AB-8A48-988D68AF73CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{04C81816-D12F-442D-86A6-E945E03107DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{639A892F-EB7C-4901-A593-442F1D560A8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D8CA7FD3-6FBC-4135-AD34-D2DB0CDCFAC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{67C8E991-9E5D-48AB-B394-F7032D2C808C}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [UDP Query User{D2EF853F-5868-4BFC-8A76-41E63D865523}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [{931F3E56-346A-4629-BE45-1356D43F4609}] => (Allow) C:\Program Files (x86)\SmilegateWest\autoupgrade.exe
FirewallRules: [{A564AD2C-0818-4A6E-8CC8-5B19F4B39907}] => (Allow) C:\Program Files (x86)\SmilegateWest\autoupgrade.exe
FirewallRules: [{E821558B-7D65-456D-999E-74FB1847C66A}] => (Allow) C:\Program Files (x86)\SmilegateWest\lostsaga.exe
FirewallRules: [{CD201941-2824-4A28-B998-DDE884C16719}] => (Allow) C:\Program Files (x86)\SmilegateWest\lostsaga.exe
FirewallRules: [TCP Query User{8DCC723B-AB58-4524-961A-A4E822436307}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{07D8F30E-85A2-4399-A304-E625DA90971F}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{05F10480-F387-4A50-8CDC-34FBB4CC2490}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮睜湩敮浴杮攮數
FirewallRules: [{4E7E159A-378B-4FF9-A435-377E217355E7}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮牜獥睴湩敮浴杮攮數
FirewallRules: [{44A8A453-6F54-43C5-8410-6F0CB28623F1}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮睜湩敮浴杮⹟硥e
FirewallRules: [{34FC8D47-989E-4709-A706-D3410AF51974}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮牜獥睴湩敮浴杮⹟硥e
FirewallRules: [TCP Query User{6274B7FB-8A47-41CB-8DFC-EA3AC608BE32}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{016CB3FB-AC77-436F-82D8-0B49CC88ED2F}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AF8253FB-CAA2-4DDA-9367-EB8F18383DD1}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B51362F1-E9F5-44EE-AD2B-B2227A47515E}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E9E75FE4-AA49-43F9-BE6C-D43B5805A1EE}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{F954312B-1707-4B3E-B3D3-680D5EEE294F}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{3CC674D3-372B-4259-BE99-2229782495D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD07DDEE-F92B-4532-9F0B-B7BBFB44D5EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A586ACAF-BE9F-4BEB-9E4B-A359409B16F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D1B53CC0-1CA2-436F-8ED3-4C31DC1271EE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{0FD70A5F-9637-43CF-9C29-955A1BB68886}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{604441FB-571C-42B2-8626-3A04DC41704F}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{18BCCD58-3EF0-42C5-87D3-B269A92C6138}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{96721650-60C8-49C2-8FD5-840ADCE49FDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F13FB1FB-D00A-48EA-A649-38641656FA7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F0BB2FDC-1692-426A-B031-85542D6C0355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{75A459FF-22DD-4569-A4FC-1D97CF577D9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{5B557B1E-780E-419D-A76B-DB4A7234327E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\strife\bin\strife.exe
FirewallRules: [{83F55BB9-20AD-431D-A24A-12A45C9C6A1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\strife\bin\strife.exe
FirewallRules: [{2217CCB6-89E9-48B5-941B-DDC38FCC6A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{AABBCBC4-C2FA-4690-9247-ED24CBFB4B4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{5808569A-6700-4DF4-9E0C-929DAF483D51}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{C2D6E9FE-CF7B-4654-9A39-D07C6AB66A59}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{AEC90502-8C1B-4FB7-8D3E-27F62A2B34EE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{12029FBF-E293-4313-B652-CD9E2D691646}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{96076C14-E229-4559-807A-8938B736C558}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3128769F-7D27-4B9B-BA5D-59EE31982BDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A5B27F5D-59C0-452B-BF0C-6D93F95AA1DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Description: Qualcomm Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2015 08:58:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Steam.exe version 3.6.82.37 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 743c

Start Time: 01d1139218c3b63a

Termination Time: 1246

Application Path: C:\Program Files (x86)\Steam\Steam.exe

Report Id: dc42490c-803b-11e5-9ef6-88a0ddb5cbf0

Error: (10/30/2015 01:32:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x1560
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (10/29/2015 09:59:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hexchat.exe, version: 2.10.2.0, time stamp: 0x5474c5e6
Faulting module name: MSVCR120.dll, version: 12.0.21005.1, time stamp: 0x524f83ff
Exception code: 0xc0000417
Fault offset: 0x000000000006dd3d
Faulting process id: 0x4e4
Faulting application start time: 0xhexchat.exe0
Faulting application path: hexchat.exe1
Faulting module path: hexchat.exe2
Report Id: hexchat.exe3

Error: (10/29/2015 09:27:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Exception code: 0x40000015
Fault offset: 0x00052d24
Faulting process id: 0x2c24
Faulting application start time: 0xjucheck.exe0
Faulting application path: jucheck.exe1
Faulting module path: jucheck.exe2
Report Id: jucheck.exe3

Error: (10/28/2015 01:45:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x4ef4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (10/27/2015 10:18:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x3a8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (10/26/2015 09:29:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x7f50
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (10/25/2015 08:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x4fd4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (10/25/2015 09:27:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Exception code: 0x40000015
Fault offset: 0x00052d24
Faulting process id: 0x1058
Faulting application start time: 0xjucheck.exe0
Faulting application path: jucheck.exe1
Faulting module path: jucheck.exe2
Report Id: jucheck.exe3

Error: (10/24/2015 01:09:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x4674
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3


System errors:
=============
Error: (11/01/2015 07:28:08 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/01/2015 07:14:29 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/31/2015 08:44:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (10/31/2015 08:44:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (10/31/2015 07:14:23 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/31/2015 07:14:07 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/31/2015 07:14:06 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/31/2015 07:13:49 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/31/2015 12:17:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/31/2015 12:14:04 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.


CodeIntegrity:
===================================
  Date: 2015-09-16 04:12:25.639
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:12:25.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:12:25.464
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:12:25.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:09:03.549
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:09:03.470
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:06:57.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:06:56.953
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:05:21.103
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:05:21.008
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 56%
Total physical RAM: 4043.86 MB
Available physical RAM: 1766.1 MB
Total Virtual: 10174.14 MB
Available Virtual: 6191.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:50.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2F424B59)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#4 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 02 November 2015 - 12:02 AM

Hi HuntChez.

 

Going over your logs I noticed that you have BitTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so viaStart > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

 

----------------

 

We'll need a flash drive and a clean computer with internet now. Please install Panda USB Vaccine in your clean computer. After that, plugged a USB drive to your clean computer and wait for Panda USB vaccine to vaccinate your flash drive.

 

Then, download these programs to your vaccinated flash drive:

After those files were downloaded, please unplug your flash drive and plug it to your infected machine and follow steps below.

 

--------------------

 

Defogger - Disable CD emulators

  • In your flash drive, double-click on the DeFogger icon to start the tool.
  • The application window will appear.
  • You should now click on the Disable button to disable your CD Emulation drivers.
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.

-------------------

 

From your first log I've identified the infections and confident about removal, but to be sure I will need some more information.

Plus, please don't make any changes not instructed by me to the computer until it's clean.

 

Please copy FRST64.exe from your flash drive to your desktop so the fixing process is easier.

 

Then create a new FRST log for me. But this time please select "90 days files" additional scan before you push the Scan button. Copy FRST.txt to your flash drive. Plug the flash drive to your clean computer, then copy and paste contents of FRST.txt in your next reply.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#5 Huntchez

Huntchez
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 02 November 2015 - 06:12 PM

That could be quite troublesome, I do not have a spare computer, and I do not know anyone in the area that does. Is there any way in which a trusted friend online can download them and send them over? Do they have to be specifically on a flash drive?



#6 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 03 November 2015 - 12:10 AM

Hi HuntChez.

 

How do you connect to the internet right now? Is this computer still lack of internet connection?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#7 Huntchez

Huntchez
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 04 November 2015 - 02:35 AM

Hi HuntChez.

 

How do you connect to the internet right now? Is this computer still lack of internet connection?

 

Thank you.

 

I am connected via wireless wifi. I know in my OP I mentioned SFC /SCANNOW gives issues with being unable to connect at all, but system restoring to before that returns my wifi back, though everything else described in the original post still persists.



#8 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 04 November 2015 - 10:53 AM

Hi HuntChez.

 

Oh, OK. I think you're still not having internet connection. Please use these instruction instead.

 

Please download DeFogger and save it to your desktop.

  • Once downloaded, double-click on the DeFogger icon to start the tool.
  • The application window will appear.
  • You should now click on the Disable button to disable your CD Emulation drivers.
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.

-------------------

 

From your first log I've identified the infections and confident about removal, but to be sure I will need some more information.

Plus, please don't make any changes not instructed by me to the computer until it's clean.

 

Please create a new FRST log for me. But this time please select "90 days files" additional scan before you push the Scan button. Copy and paste FRST.txt in your next reply.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#9 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 06 November 2015 - 11:44 PM

Are you still there?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#10 Huntchez

Huntchez
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 07 November 2015 - 02:14 PM

The DeFogger did not prompt me to restart my computer. That isn't an issue, is it?

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Toshiba (administrator) on TOSHIBA-PC (07-11-2015 14:11:03)
Running from C:\Users\Toshiba\Downloads\Bleep
Loaded Profiles: Toshiba (Available Profiles: Toshiba)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
() C:\Program Files (x86)\puush\puush.exe
(Akamai Technologies, Inc.) C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe
(© 2015 Microsoft Corporation) C:\Users\Toshiba\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Akamai Technologies, Inc.) C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Users\Toshiba\Desktop\DDMM_v1.1\DDMM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\HexChat\hexchat.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe
() C:\Users\Toshiba\Downloads\Defogger.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5669480 2015-05-14] (FreeDownloadManager.ORG)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [BingSvc] => C:\Users\Toshiba\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [BitTorrent] => C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe [1977192 2015-10-20] (BitTorrent Inc.)
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [GNE_DualMonitorTools] => C:\Users\Toshiba\Downloads\DualMonitorTools-2.0\DMT.exe
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Run: [ddmm] => C:\Users\Toshiba\Desktop\DDMM_v1.1\DDMM.exe [48640 2010-04-09] ()
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\MountPoints2: {c7b338a4-174d-11e5-9461-edef1e93c3fe} - E:\setup.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 167.206.13.180 167.206.13.181
Tcpip\..\Interfaces\{2A421DBC-1C03-4EB6-9B60-25B9D476C5EA}: [DhcpNameServer] 167.206.13.180 167.206.13.181
Tcpip\..\Interfaces\{585248ED-47ED-4EF7-9DD3-50C3C2DBE810}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-92233877-364066824-1895237924-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com
hxxp://google.com/
HKU\S-1-5-21-92233877-364066824-1895237924-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2D&ocid=SK2DDHP&osmkt=en-us
HKU\S-1-5-21-92233877-364066824-1895237924-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
SearchScopes: HKU\S-1-5-21-92233877-364066824-1895237924-1000 -> {0D72E4A4-32FF-4C9F-95E8-8594B09D55CB} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16] (Oracle Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-05-14] (FreeDownloadManager.ORG)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SK2D&ocid=SK2DDHP&osmkt=en-us
hxxp://search.swagbucks.com/?f=51
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2DDF&PC=SK2D&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-92233877-364066824-1895237924-1000: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-a171864306c74d84\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-92233877-364066824-1895237924-1000: @nsroblox.roblox.com/launcher64 -> C:\Program Files (x86)\Roblox\Versions\version-a171864306c74d84\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation)
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\searchplugins\bing-.xml [2015-10-06]
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\searchplugins\swagbucks.xml [2015-09-19]
FF Extension: Avira Browser Safety - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\Extensions\abs@avira.com [2015-10-23] [not signed]
FF Extension: EPUBReader - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-09-21]
FF Extension: ExHentai Easy 2 - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\VqpGlYnG.default\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2015-10-25]
FF HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14
FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14 [2015-08-11]

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://feed.snap.do/?publisher=Tightrope&dpid=Tightrope&co=US&userid=c6a584e7-ad5d-4be6-9f48-6d446a313ebc&searchtype=hp","hxxp://search.babylon.com/?affID=117023&tt=0313_2&babsrc=HP_ss&mntrId=14302a32000000000000001fe153d98d","hxxp://feed.snap.do/?publisher=Tightrope&dpid=Tightrope&co=US&userid=c6a584e7-ad5d-4be6-9f48-6d446a313ebc&searchtype=hp&installDate=01/01/1970","hxxp://feed.snap.do/?publisher=Tightrope&dpid=Tightrope&co=US&userid=c6a584e7-ad5d-4be6-9f48-6d446a313ebc&searchtype=hp&installDate={installDate}","hxxp://www.delta-search.com/?affID=119816&tt=190313_wctrl&babsrc=HP_ss&mntrId=FCBB047D7B382FFA","hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=032513","hxxp://www.search.delta-search.com/?affID=119816&tt=190313_wctrl&babsrc=HP_ss_d2sg&mntrId=FCBB047D7B382FFA","hxxp://start.sweetpacks.com/?barid={7C9C71EE-CED5-11E2-8EAF-047D7B382FFA}&src=10&crg=3.5000006.10042&st=23","hxxp://search.babylon.com/?affID=119816&tt=190313_wctrl&babsrc=HP_ss_bay2g&mntrId=FCBB047D7B382FFA","hxxp://search.conduit.com/?ctid=CT3298583&SearchSource=48&CUI=UN11294774832233024&UM=2","hxxp://www.msn.com/?pc=U040&ocid=U040DHP&dt=080213","hxxp://www.bing.com/?pc=U160&ocid=U160DHP&dt=080913","hxxp://google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2015-03-30]
CHR Extension: (Torrent Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2015-03-30]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2015-06-15]
CHR Extension: (Duolingo on the Web) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-03-30]
CHR Extension: (Theme Creator) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-17]
CHR Extension: (TV) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Form Filler) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2015-03-30]
CHR Extension: (Sad Panda) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2015-09-17]
CHR Extension: (JunkFill) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajejbcjfkhgmfbapmhopccephhjedeb [2015-06-16]
CHR Extension: (Adblock Plus) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-16]
CHR Extension: (WebCamera360) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfojbadjlaaiddllnogeohfgamgedcfd [2015-03-30]
CHR Extension: (Comics and Manga online) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmidfbpiiicmkfimcbcoagpmchgmkpl [2015-03-30]
CHR Extension: (Google Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Photoshop 4U) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\damhoidgnfbiidoiajljbdpgnojmemlf [2015-10-16]
CHR Extension: (Torrent Turbo Search App) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif [2015-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-05]
CHR Extension: (FabCam) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-08-03]
CHR Extension: (iPiccy Photo Editor) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2015-04-14]
CHR Extension: (Pixect) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh [2015-03-30]
CHR Extension: (Little Alchemy) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-06-11]
CHR Extension: (Build with Chrome) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-03-30]
CHR Extension: (Pix: Pixel Mixer) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbjiacdnbellpbhocabghholhnlboibg [2015-03-30]
CHR Extension: (Webcam Toy) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-08-26]
CHR Extension: (Comic Webcam) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffhmndpldceogndeognocbpmlgdemi [2015-03-30]
CHR Extension: (TextNow) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkjdngkmnogclafejjgbgjjegoaahihg [2015-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (GIFPAL) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2015-03-30]
CHR Extension: (Foto Rulez) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\odahhdimpaeigjcdbgcnhemlkejclmmk [2015-03-30]
CHR Extension: (My Chrome Theme) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-26]
CHR Extension: (Rollip - Photo Effects) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp [2015-03-30]
CHR Extension: (Psykopaint) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-92233877-364066824-1895237924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ahmpjcflkgiildlgicmcieglgoilbfdp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-10-23] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-07-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-07-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-16] (BlueStack Systems, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3460784 2015-01-05] (INCA Internet Co., Ltd.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-10-23] (BitRaider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-07-16] (BlueStack Systems)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-21] (REALiX™)
S3 hxsyol; C:\Windows\system32\hxsy64.sys [86352 2015-11-03] ()
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-10-21] (Qualcomm Atheros Co., Ltd.)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [402136 2015-10-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-10-21] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)
S3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx64.sys [34512 2015-04-01] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va020; \??\C:\Windows\SysWOW64\Drivers\X6va020 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 X6va031; \??\C:\Windows\SysWOW64\Drivers\X6va031 [X]
R3 X6va060; \??\C:\Windows\SysWOW64\Drivers\X6va060 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-07 14:06 - 2015-11-07 14:06 - 00000476 _____ C:\Users\Toshiba\Downloads\defogger_disable.log
2015-11-07 14:06 - 2015-11-07 14:06 - 00000000 _____ C:\Users\Toshiba\defogger_reenable
2015-11-07 14:05 - 2015-11-07 14:05 - 00050477 _____ C:\Users\Toshiba\Downloads\Defogger.exe
2015-11-07 14:01 - 2015-11-07 14:01 - 00000000 ____D C:\Users\Toshiba\AppData\Local\LucasArts
2015-11-07 08:09 - 2015-11-07 11:29 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\CDisplayEx
2015-11-07 08:09 - 2015-11-07 08:09 - 00000836 _____ C:\Users\Toshiba\Desktop\CDisplayEx.lnk
2015-11-07 08:09 - 2015-11-07 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2015-11-07 08:09 - 2015-11-07 08:09 - 00000000 ____D C:\Program Files\CDisplayEx
2015-11-07 08:05 - 2015-11-07 08:06 - 07151352 _____ (Progdigy Software S.A.R.L. ) C:\Users\Toshiba\Downloads\CDisplayExWin64v1.10.29.exe
2015-11-07 05:00 - 2015-11-07 05:29 - 00000000 ____D C:\Users\Toshiba\Downloads\Umemaro 3D Collection 2015-09-13
2015-11-07 03:02 - 2015-11-07 03:10 - 00000000 ____D C:\Users\Toshiba\Downloads\Codename Kids Next Door
2015-11-07 02:56 - 2015-11-07 08:59 - 00000000 ____D C:\Users\Toshiba\Downloads\BOBCAMO's small collection of Hentai & Yiff
2015-11-07 02:21 - 2015-11-07 02:45 - 00000000 ____D C:\Users\Toshiba\Downloads\Sexyfur Siterip (January 2015)
2015-11-07 02:18 - 2015-11-07 11:06 - 2840351220 _____ C:\Users\Toshiba\Downloads\Furchee's Fur Collection.rar
2015-11-07 02:18 - 2015-11-07 02:19 - 00000000 ____D C:\Users\Toshiba\Downloads\Milffur.com
2015-11-07 02:17 - 2015-11-07 11:30 - 00000000 ____D C:\Users\Toshiba\Downloads\Lego.Star.Wars.The.Complete.Saga.PC.Game(djDEVASTATE™)
2015-11-07 02:17 - 2015-11-07 03:15 - 00000000 ____D C:\Users\Toshiba\Downloads\Sonic.Generations.MULTi6-PROPHET
2015-11-07 02:14 - 2015-11-07 02:14 - 00000000 ____D C:\Users\Toshiba\AppData\LocalLow\BitTorrent
2015-11-06 02:21 - 2015-11-06 02:21 - 00001939 _____ C:\Users\Toshiba\AppData\Local\recently-used.xbel
2015-11-04 09:16 - 2015-11-04 09:16 - 00000003 _____ C:\Users\Toshiba\Desktop\working.txt
2015-11-03 15:21 - 2015-11-03 15:21 - 00086352 _____ C:\Windows\system32\hxsy64.sys
2015-11-03 15:21 - 2015-11-03 15:21 - 00029008 _____ C:\Windows\system32\hxsken64.sys
2015-11-03 00:07 - 2015-11-03 00:07 - 00000000 ____D C:\Users\Toshiba\Downloads\second_world_vol_1
2015-11-03 00:06 - 2015-11-03 00:07 - 64845172 _____ C:\Users\Toshiba\Downloads\second_world_vol_1.rar
2015-11-02 19:07 - 2015-11-02 19:07 - 00000222 _____ C:\Users\Toshiba\Desktop\Aura Kingdom.url
2015-11-01 07:34 - 2015-11-07 14:11 - 00000000 ____D C:\FRST
2015-10-31 04:58 - 2015-10-31 04:58 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\Toshiba\Downloads\aurakingdom_us_downloader.exe
2015-10-30 23:16 - 2015-10-30 23:16 - 00001311 _____ C:\Users\Toshiba\Desktop\ROBLOX Player.lnk
2015-10-30 23:14 - 2015-10-30 23:14 - 00969584 _____ (ROBLOX Corporation) C:\Users\Toshiba\Downloads\RobloxPlayerLauncher(1).exe
2015-10-29 20:54 - 2015-10-29 21:49 - 00009728 _____ C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-28 14:39 - 2015-10-28 14:39 - 00000000 ____D C:\Users\Toshiba\AppData\Local\DDMM
2015-10-28 14:38 - 2015-10-28 14:38 - 00000000 ____D C:\Users\Toshiba\Desktop\DDMM_v1.1
2015-10-28 14:37 - 2015-10-28 14:37 - 00030715 _____ C:\Users\Toshiba\Desktop\DDMM_v1.1.zip
2015-10-28 13:44 - 2015-11-04 14:05 - 00000840 _____ C:\Windows\setupact.log
2015-10-28 13:44 - 2015-10-28 13:44 - 00000000 _____ C:\Windows\setuperr.log
2015-10-28 12:34 - 2015-10-28 12:34 - 00000000 ____D C:\Users\Toshiba\Downloads\Darkflower
2015-10-26 22:51 - 2015-10-26 22:34 - 01956086 _____ C:\Users\Toshiba\Desktop\CBS.log
2015-10-26 21:26 - 2015-10-26 21:26 - 01440440 _____ C:\Users\Toshiba\Desktop\kekek.7z
2015-10-26 21:26 - 2015-10-26 21:26 - 00000000 ____D C:\Users\Toshiba\Desktop\kekek
2015-10-25 19:31 - 2015-10-25 19:32 - 00208650 _____ C:\Users\Toshiba\Downloads\DualMonitorTools-2.0.zip
2015-10-23 21:51 - 2015-10-23 21:51 - 00000000 ____D C:\Users\Toshiba\AppData\Local\SWTOR
2015-10-23 19:43 - 2015-10-26 21:49 - 00000000 ____D C:\ProgramData\BitRaider
2015-10-23 19:43 - 2015-10-23 19:43 - 00000000 ____D C:\Users\Toshiba\AppData\Local\SWTORPerf
2015-10-23 19:43 - 2015-10-23 19:43 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2015-10-23 19:30 - 2015-10-23 19:30 - 00001445 _____ C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2015-10-23 19:29 - 2015-10-23 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-10-23 19:29 - 2015-10-23 19:29 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-10-23 19:28 - 2015-10-23 19:30 - 00014234 _____ C:\Users\Toshiba\Documents\Install STAR WARS The Old Republic.log
2015-10-23 19:27 - 2015-10-23 19:27 - 29720272 _____ C:\Users\Toshiba\Downloads\SWTOR_setup.exe
2015-10-23 16:37 - 2015-11-07 14:11 - 00000000 ____D C:\Users\Toshiba\Downloads\Bleep
2015-10-23 16:37 - 2015-10-23 17:01 - 00000000 ____D C:\BlackDesertOnline
2015-10-23 16:37 - 2015-10-23 16:37 - 12808280 _____ (Daum Games) C:\Users\Toshiba\Downloads\BlackDesertAlphaLauncher.exe
2015-10-21 19:13 - 2015-10-21 19:13 - 00000000 ____D C:\Windows\DEA314C409294250BC9298E4C105F28D.TMP
2015-10-21 09:40 - 2015-10-21 09:40 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-10-21 09:39 - 2015-10-21 09:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-10-21 09:39 - 2015-10-21 09:39 - 03709656 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2015-10-21 09:39 - 2015-10-21 09:39 - 00402136 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2015-10-21 09:39 - 2015-10-21 09:39 - 00129224 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C62x64.sys
2015-10-21 09:39 - 2015-10-21 09:39 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 01577600 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64AP62.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 01576576 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
2015-10-21 09:38 - 2015-10-21 09:38 - 00531072 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A85.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00252760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00234840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00050304 _____ (Conexant Systems Inc.) C:\Windows\system32\CxPageMaster64.dll
2015-10-21 09:38 - 2015-10-21 09:38 - 00030893 _____ C:\Windows\system32\Drivers\Mixer.ini
2015-10-21 09:38 - 2015-10-21 09:38 - 00000000 ____D C:\Program Files\CONEXANT
2015-10-21 09:31 - 2015-11-07 11:10 - 00003260 _____ C:\Windows\System32\Tasks\Driver Booster Beta Scheduler
2015-10-21 09:31 - 2015-11-07 11:10 - 00002892 _____ C:\Windows\System32\Tasks\Driver Booster Beta SkipUAC (Toshiba)
2015-10-21 09:31 - 2015-10-21 09:40 - 00002181 _____ C:\Users\Public\Desktop\Driver Booster 3 Beta.lnk
2015-10-21 09:31 - 2015-10-21 09:31 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-10-21 09:31 - 2015-10-21 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 Beta
2015-10-21 09:30 - 2015-10-21 09:30 - 13670056 _____ (IObit ) C:\Users\Toshiba\Downloads\driver_booster_setup_beta.exe
2015-10-20 22:36 - 2015-10-20 22:36 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Skyrim
2015-10-20 22:36 - 2015-10-20 22:36 - 00000000 ____D C:\ProgramData\Steam
2015-10-20 10:53 - 2015-10-20 10:53 - 00001500 _____ C:\Users\Public\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk
2015-10-20 10:53 - 2015-10-20 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2015-10-20 09:23 - 2015-10-20 09:23 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2015-10-20 02:23 - 2015-10-20 04:59 - 00000000 ____D C:\Users\Toshiba\Downloads\The.Elder.Scrolls.V.Skyrim.Legendary.Edition.MULTi8-PROPHET
2015-10-18 13:14 - 2015-10-18 13:15 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Roblox
2015-10-18 13:13 - 2015-10-30 23:16 - 00001130 _____ C:\Users\Toshiba\Desktop\ROBLOX Studio.lnk
2015-10-18 13:13 - 2015-10-30 23:16 - 00000247 _____ C:\Users\Toshiba\AppData\LocalLow\rbxcsettings.rbx
2015-10-18 13:13 - 2015-10-30 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2015-10-18 13:13 - 2015-10-18 13:13 - 00000000 ____D C:\ProgramData\Roblox
2015-10-18 13:13 - 2015-10-18 13:13 - 00000000 ____D C:\Program Files (x86)\Roblox
2015-10-18 13:12 - 2015-10-18 13:13 - 00969584 _____ (ROBLOX Corporation) C:\Users\Toshiba\Downloads\RobloxPlayerLauncher.exe
2015-10-17 18:08 - 2015-09-18 14:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-17 18:08 - 2015-09-18 13:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-17 18:08 - 2015-09-15 23:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-17 18:08 - 2015-09-15 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-17 18:08 - 2015-09-15 23:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-17 18:08 - 2015-09-15 23:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-17 18:08 - 2015-09-15 23:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-17 18:08 - 2015-09-15 23:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-17 18:08 - 2015-09-15 23:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-17 18:08 - 2015-09-15 23:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-17 18:08 - 2015-09-15 23:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-17 18:08 - 2015-09-15 23:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-17 18:08 - 2015-09-15 23:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-17 18:08 - 2015-09-15 23:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-17 18:08 - 2015-09-15 23:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-17 18:08 - 2015-09-15 23:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-17 18:08 - 2015-09-15 23:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-17 18:08 - 2015-09-15 22:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-17 18:08 - 2015-09-15 22:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-17 18:08 - 2015-09-15 22:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-17 18:08 - 2015-09-15 22:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-17 18:08 - 2015-09-15 22:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-17 18:08 - 2015-09-15 22:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-17 18:08 - 2015-09-15 22:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-17 18:08 - 2015-09-15 22:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-17 18:08 - 2015-09-15 22:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-17 18:08 - 2015-09-15 22:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-17 18:08 - 2015-09-15 22:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-17 18:08 - 2015-09-15 22:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-17 18:08 - 2015-09-15 22:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-17 18:08 - 2015-09-15 22:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-17 18:08 - 2015-09-15 22:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-17 18:08 - 2015-09-15 22:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-17 18:08 - 2015-09-15 22:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-17 18:08 - 2015-09-15 22:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-17 18:08 - 2015-09-15 22:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-17 18:08 - 2015-09-15 22:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-17 18:08 - 2015-09-15 22:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-17 18:08 - 2015-09-15 22:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-17 18:08 - 2015-09-15 22:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-17 18:08 - 2015-09-15 22:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-17 18:08 - 2015-09-15 22:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-17 18:08 - 2015-09-15 22:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-17 18:08 - 2015-09-15 22:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-17 18:08 - 2015-09-15 22:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-17 18:08 - 2015-09-15 22:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-17 18:08 - 2015-09-15 22:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-17 18:08 - 2015-09-15 22:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-17 18:08 - 2015-09-15 22:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-17 18:08 - 2015-09-15 22:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-17 18:08 - 2015-09-15 22:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-17 18:08 - 2015-09-15 21:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-17 18:08 - 2015-09-15 21:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-17 18:08 - 2015-09-15 21:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-17 18:08 - 2015-09-15 21:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-17 18:08 - 2015-09-15 21:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-17 18:08 - 2015-09-15 21:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-17 18:08 - 2015-09-15 21:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-17 18:08 - 2015-09-15 21:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-17 18:08 - 2015-09-15 21:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-17 18:08 - 2015-09-15 21:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-17 18:08 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-17 18:07 - 2015-07-18 08:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-17 18:06 - 2015-08-06 13:06 - 14182912 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-17 18:06 - 2015-08-06 13:06 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-17 18:06 - 2015-08-06 12:38 - 12878848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-17 18:06 - 2015-08-06 12:37 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-17 18:01 - 2015-09-25 13:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-17 18:01 - 2015-09-25 13:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-17 18:01 - 2015-09-25 13:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-17 18:01 - 2015-09-25 13:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-17 18:01 - 2015-09-25 13:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-17 18:01 - 2015-09-25 12:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-17 18:01 - 2015-09-25 12:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-17 18:00 - 2015-09-18 14:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-17 18:00 - 2015-09-18 14:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-17 18:00 - 2015-09-18 14:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-17 18:00 - 2015-09-18 14:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-17 17:59 - 2015-10-01 13:12 - 00706496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-17 17:59 - 2015-10-01 13:10 - 00631384 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-17 17:59 - 2015-10-01 13:09 - 01729984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-17 17:59 - 2015-10-01 13:07 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 01166336 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-17 17:59 - 2015-10-01 13:06 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-17 17:59 - 2015-10-01 13:06 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-17 17:59 - 2015-10-01 13:06 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-17 17:59 - 2015-10-01 13:05 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-17 17:59 - 2015-10-01 13:05 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-17 17:59 - 2015-10-01 13:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-17 17:59 - 2015-10-01 13:05 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-17 17:59 - 2015-10-01 13:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-17 17:59 - 2015-10-01 13:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-17 17:59 - 2015-10-01 12:43 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-17 17:59 - 2015-10-01 12:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-17 17:59 - 2015-10-01 11:47 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-17 17:59 - 2015-10-01 11:46 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-17 17:59 - 2015-10-01 11:46 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-17 17:59 - 2015-09-28 15:21 - 03996608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-17 17:59 - 2015-09-28 15:21 - 03940800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-17 17:59 - 2015-09-28 15:19 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-17 17:59 - 2015-09-28 15:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-17 17:59 - 2015-09-28 15:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-17 17:59 - 2015-09-28 15:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-17 17:59 - 2015-09-28 15:15 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-17 17:59 - 2015-09-28 15:15 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-17 17:59 - 2015-09-28 15:15 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-17 17:59 - 2015-09-28 15:15 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-17 17:59 - 2015-09-28 15:11 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-17 17:59 - 2015-09-28 15:11 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 15:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 13:22 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-17 17:59 - 2015-09-28 11:35 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-17 17:59 - 2015-09-28 11:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-17 17:59 - 2015-09-28 11:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 11:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 11:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-17 17:59 - 2015-09-28 11:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-17 17:59 - 2015-09-15 18:45 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-17 17:59 - 2015-09-15 18:45 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-17 17:59 - 2015-09-15 18:37 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-17 17:59 - 2015-09-15 18:37 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-17 17:59 - 2015-09-15 18:37 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-17 17:59 - 2015-09-15 18:25 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-17 17:59 - 2015-09-15 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-17 17:59 - 2015-09-15 18:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-17 17:59 - 2015-09-15 18:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-17 17:59 - 2015-09-14 16:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-17 16:30 - 2015-10-17 16:30 - 00000000 ____D C:\Users\Toshiba\Documents\NCSOFT
2015-10-17 14:12 - 2015-10-17 14:12 - 00001176 _____ C:\Users\Public\Desktop\WildStar.lnk
2015-10-17 14:12 - 2015-10-17 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2015-10-17 14:12 - 2015-10-17 14:12 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2015-10-17 14:09 - 2015-10-17 14:09 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\NCSOFT
2015-10-17 14:09 - 2015-10-17 14:09 - 00000000 ____D C:\Users\Toshiba\AppData\Local\NCSOFT
2015-10-17 14:06 - 2015-10-17 14:07 - 01404376 _____ (NCSOFT) C:\Users\Toshiba\Downloads\Wildstar.exe
2015-10-15 23:23 - 2015-11-06 15:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-11 15:24 - 2015-10-11 15:25 - 00001901 _____ C:\Users\Toshiba\Downloads\Reset_Windows_Update_Full.bat
2015-10-11 11:07 - 2015-10-11 11:07 - 00985600 _____ C:\Users\Toshiba\Downloads\MicrosoftFixit50123.msi
2015-10-10 21:10 - 2015-10-10 21:10 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Solid State Networks
2015-10-10 21:09 - 2015-10-10 21:09 - 00002559 _____ C:\Users\Public\Desktop\Gigantic Launcher (64-bit).lnk
2015-10-10 21:09 - 2015-10-10 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motiga Games
2015-10-10 21:09 - 2015-10-10 21:09 - 00000000 ____D C:\Program Files\Motiga
2015-10-10 21:06 - 2015-10-10 21:07 - 51706040 _____ (Motiga Inc.) C:\Users\Toshiba\Downloads\GiganticSetup.exe
2015-10-07 01:02 - 2015-10-07 01:03 - 00844200 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Toshiba\Downloads\rufus-2.4.exe
2015-10-07 00:58 - 2015-10-07 00:59 - 00001975 _____ C:\Users\Toshiba\Downloads\Darkflower.zip
2015-10-06 23:31 - 2015-10-07 00:00 - 3320903680 _____ C:\Users\Toshiba\Downloads\0BxJgS33zZl9bZF9LWXJhakZaVGs.iso
2015-10-06 23:05 - 2015-10-06 23:05 - 00026288 _____ C:\Users\Toshiba\Downloads\GWXWebWindows.exe
2015-10-06 20:32 - 2015-10-06 20:32 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-06 20:32 - 2015-10-06 20:32 - 00001143 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-06 20:27 - 2015-10-06 20:27 - 00020886 _____ C:\Users\Toshiba\Documents\cc_20151006_212718.reg
2015-10-06 20:09 - 2015-10-06 20:09 - 00002029 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2015-10-06 20:09 - 2015-10-06 20:09 - 00002020 _____ C:\Users\Public\Desktop\Smite.lnk
2015-10-06 20:09 - 2015-10-06 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2015-10-06 19:59 - 2015-10-06 19:59 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-06 19:59 - 2015-10-06 19:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-06 19:59 - 2015-10-06 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-06 19:58 - 2015-10-06 19:58 - 43716224 _____ (Skype Technologies S.A.) C:\Users\Toshiba\Downloads\SkypeSetupFull.exe
2015-10-06 19:56 - 2015-10-06 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2015-10-06 19:56 - 2015-10-06 19:56 - 00000000 ____D C:\Program Files\HexChat
2015-10-06 19:55 - 2015-10-06 19:55 - 07660352 _____ (HexChat ) C:\Users\Toshiba\Downloads\HexChat 2.10.2 x64.exe
2015-10-06 19:53 - 2015-10-06 19:54 - 00016886 _____ C:\Users\Toshiba\Documents\cc_20151006_205355.reg
2015-10-06 19:40 - 2015-10-10 21:31 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Solvusoft
2015-10-06 19:40 - 2015-10-06 19:39 - 03895432 ____N (solvusoft Corporation ) C:\Users\Toshiba\Desktop\Setup_WinThruster_2015.exe
2015-10-06 19:40 - 2012-10-15 16:02 - 00019888 _____ (solvusoft) C:\Windows\system32\roboot64.exe
2015-10-06 19:24 - 2015-09-16 02:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-09-21 05:23 - 2015-09-21 05:23 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\MultiForce
2015-09-21 05:01 - 2015-09-21 05:01 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\MultiForce Backup
2015-09-20 08:07 - 2015-09-20 08:10 - 919889242 _____ C:\Users\Toshiba\Desktop\Art Books.rar
2015-09-18 05:07 - 2015-09-18 05:07 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Aeria Games
2015-09-18 05:06 - 2015-09-18 05:06 - 00000000 ____D C:\ProgramData\Aeria Games
2015-09-17 23:57 - 2015-10-23 16:47 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-09-17 23:48 - 2015-09-17 23:48 - 00002028 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-09-17 23:48 - 2015-09-17 23:48 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2015-09-17 23:48 - 2015-09-17 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-09-17 23:48 - 2015-09-17 23:48 - 00000000 ____D C:\Program Files (x86)\Aeria Games
2015-09-17 23:34 - 2015-10-23 16:47 - 00000000 ____D C:\AeriaGames
2015-09-17 23:34 - 2015-10-03 22:52 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Akamai
2015-09-17 20:30 - 2015-09-17 21:29 - 00000037 _____ C:\Users\Toshiba\Documents\Notepad.txt
2015-09-17 15:51 - 2015-09-20 11:26 - 00000000 ____D C:\ftb
2015-09-17 15:50 - 2015-09-17 15:51 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\ftblauncher
2015-09-17 13:58 - 2015-09-17 13:58 - 00008224 _____ C:\Users\Toshiba\Documents\hijackthis.log
2015-09-17 13:10 - 2015-10-23 19:29 - 00000000 _____ C:\end
2015-09-17 12:45 - 2015-10-17 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-16 21:54 - 2015-09-16 21:54 - 00001222 _____ C:\Users\Toshiba\Documents\Virus 2.reg
2015-09-16 21:54 - 2015-09-16 21:54 - 00001196 _____ C:\Users\Toshiba\Documents\Virus 1.reg
2015-09-16 21:30 - 2015-09-17 12:28 - 00000000 ____D C:\AdwCleaner
2015-09-16 20:57 - 2015-09-16 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-16 18:22 - 2015-09-16 18:22 - 00000243 _____ C:\Users\Toshiba\Desktop\login.srf
2015-09-16 16:56 - 2015-10-26 22:57 - 00001945 _____ C:\Windows\epplauncher.mif
2015-09-16 16:24 - 2015-09-16 16:24 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-16 16:23 - 2015-09-16 16:23 - 00584288 _____ (Oracle Corporation) C:\Users\Toshiba\Desktop\chromeinstall-8u60.exe
2015-09-16 13:19 - 2015-09-16 17:49 - 00000000 ___HD C:\c85bb1a3
2015-09-16 10:59 - 2015-09-16 10:59 - 00003017 _____ C:\Users\Toshiba\Desktop\HitLeap Viewer.lnk
2015-09-16 10:59 - 2015-09-16 10:59 - 00002933 _____ C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HitLeap Viewer.lnk
2015-09-16 10:59 - 2015-09-16 10:59 - 00000000 ____D C:\Program Files (x86)\HitLeap
2015-09-16 09:03 - 2015-09-16 09:03 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Foxit Software
2015-09-16 07:49 - 2015-09-16 08:48 - 00000000 ____D C:\Users\Toshiba\AppData\Local\oerkt2vtmki1ltr
2015-09-16 07:48 - 2015-09-16 08:48 - 00000000 ____D C:\Users\Toshiba\AppData\Local\oedkbgvvmmi1ytr
2015-09-16 07:40 - 2015-09-16 07:40 - 00000000 ____D C:\ProgramData\KeyStream
2015-09-16 07:08 - 2015-09-16 17:27 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-16 07:05 - 2015-09-16 07:05 - 00001098 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-16 07:05 - 2015-09-16 07:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-16 07:04 - 2015-09-16 07:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-16 07:04 - 2015-06-18 07:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-16 07:04 - 2015-06-18 07:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-16 07:04 - 2015-06-18 07:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-16 06:56 - 2015-09-16 06:56 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-09-16 03:45 - 2015-09-16 03:45 - 00000292 _____ C:\task.vbs
2015-09-16 03:45 - 2015-09-16 03:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simple Media Player
2015-09-16 02:49 - 2015-09-16 08:48 - 00000000 ____D C:\Program Files (x86)\1e7161e4-e163-4053-9ffa-e5cff4ce8d48
2015-09-16 02:48 - 2015-09-16 08:49 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Tempfolder
2015-09-16 02:48 - 2015-09-16 03:04 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-16 02:48 - 2015-09-16 02:48 - 00004672 _____ C:\Windows\SysWOW64\Folacaanl.ini
2015-09-16 02:48 - 2015-09-16 02:48 - 00002392 _____ C:\Windows\SysWOW64\FolacaanlOff.ini
2015-09-16 02:48 - 2015-09-16 02:48 - 00002392 _____ C:\Windows\system32\FolacaanlOff.ini
2015-09-16 02:48 - 2015-09-16 02:48 - 00000000 ____D C:\Windows\system32\thx
2015-09-16 02:47 - 2015-09-16 02:47 - 00000000 ____D C:\Users\Toshiba\AppData\LocalLow\Company
2015-09-16 02:46 - 2015-09-16 03:11 - 00000000 ____D C:\Program Files (x86)\MiniBrowser
2015-09-16 02:46 - 2015-09-16 02:53 - 00000000 ____D C:\Program Files (x86)\winnetmng.bak
2015-09-16 02:44 - 2015-09-16 02:44 - 00860738 _____ C:\Users\Toshiba\Desktop\Installer.rar
2015-09-14 07:31 - 2015-09-14 07:31 - 01259306 _____ C:\Users\Toshiba\Downloads\935440f07adeb2c60c3c0fe883ab1b57.webm
2015-09-13 10:15 - 2015-09-20 11:26 - 00000000 ____D C:\Users\Toshiba\AppData\Local\ftblauncher
2015-09-13 10:15 - 2015-09-13 10:15 - 07552083 _____ () C:\Users\Toshiba\Desktop\FTB_Launcher.exe
2015-09-12 12:47 - 2015-09-12 12:47 - 01247112 _____ (Mojang) C:\Users\Toshiba\Desktop\Minecraft.exe
2015-09-11 02:06 - 2015-09-11 02:06 - 00011264 _____ (Microsoft) C:\Windows\SysWOW64\Wimboldon.exe
2015-09-09 17:51 - 2015-10-11 13:20 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-09-09 17:51 - 2015-09-09 17:51 - 00002062 _____ C:\Users\Toshiba\Desktop\RuneScape.lnk
2015-09-09 08:29 - 2015-09-09 08:29 - 00000596 _____ C:\Windows\SysWOW64\sc.bat
2015-09-09 00:01 - 2015-09-09 00:01 - 13017351 _____ C:\Users\Toshiba\Desktop\Ochita Hanayome - Fallen Bride.zip
2015-09-09 00:01 - 2015-09-09 00:01 - 00000000 ____D C:\Users\Toshiba\Desktop\Ochita Hanayome - Fallen Bride
2015-09-08 20:39 - 2015-08-05 12:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 20:39 - 2015-08-05 12:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 20:39 - 2015-08-05 12:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-08 20:39 - 2015-08-05 12:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 20:39 - 2015-07-14 22:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-08 20:39 - 2015-07-14 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-08 20:39 - 2015-07-09 12:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-08 20:39 - 2015-07-09 12:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-08 20:39 - 2015-07-09 12:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-08 20:39 - 2015-07-09 12:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-08 20:37 - 2015-07-22 19:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 20:37 - 2015-07-22 18:57 - 00643072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-08 20:37 - 2015-07-22 18:57 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-08 20:37 - 2015-07-22 17:04 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 20:37 - 2015-07-22 17:03 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-08 20:37 - 2015-07-22 11:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 20:36 - 2015-08-27 13:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 20:36 - 2015-08-27 13:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 20:36 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-08 20:36 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-08 20:36 - 2015-08-27 12:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 20:36 - 2015-08-27 12:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 20:36 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-08 20:36 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-08 20:36 - 2015-06-25 04:58 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 20:36 - 2015-06-25 04:53 - 01942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 20:36 - 2015-06-25 04:53 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-08 20:36 - 2015-06-25 04:20 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 20:35 - 2015-09-01 22:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-08 20:35 - 2015-09-01 22:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 20:35 - 2015-09-01 22:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-08 20:35 - 2015-09-01 22:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-08 20:35 - 2015-09-01 21:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-08 20:35 - 2015-09-01 21:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 20:35 - 2015-09-01 21:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-08 20:35 - 2015-09-01 21:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-08 20:35 - 2015-09-01 20:56 - 03212288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 20:35 - 2015-09-01 20:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 20:35 - 2015-09-01 20:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-06 15:09 - 2015-10-07 00:08 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-09-04 11:20 - 2015-09-04 11:20 - 00000000 ____D C:\Users\Toshiba\Desktop\tools
2015-09-01 11:10 - 2015-09-01 11:10 - 00023552 _____ C:\Windows\SysWOW64\HardwareInformation.exe
2015-09-01 08:36 - 2015-09-01 08:36 - 00010240 _____ C:\Windows\SysWOW64\win.exe
2015-08-26 18:40 - 2015-08-26 18:40 - 00000000 ____D C:\Users\Toshiba\Desktop\[Denden-dou] Shikai Chapters 01-06 (Complete) [English]
2015-08-26 18:22 - 2015-08-26 18:37 - 165177979 _____ C:\Users\Toshiba\Desktop\[Denden-dou] Shikai Chapters 01-06 (Complete) [English].rar
2015-08-26 16:40 - 2015-08-26 16:40 - 00001120 _____ C:\Users\Toshiba\Desktop\LostSagaNA.lnk
2015-08-26 16:36 - 2015-08-26 16:36 - 00000000 ____D C:\Users\Toshiba\Desktop\Lost Saga Alice update (public)
2015-08-26 15:49 - 2015-08-26 16:00 - 958972465 _____ C:\Users\Toshiba\Desktop\Lost Saga Alice update (public).zip
2015-08-26 12:25 - 2015-09-16 16:25 - 00000000 ____D C:\Users\Toshiba\.oracle_jre_usage
2015-08-26 12:25 - 2015-08-26 12:25 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Sun
2015-08-26 12:11 - 2015-08-26 12:11 - 00003002 _____ C:\Windows\System32\Tasks\{58FA387B-8379-43E5-B61F-31E62BA99B4B}
2015-08-26 07:24 - 2015-08-26 07:24 - 00031582 _____ C:\Users\Toshiba\Desktop\LanguagePack.rar
2015-08-26 07:24 - 2013-12-02 14:53 - 00000000 ____D C:\Users\Toshiba\Desktop\ru
2015-08-26 07:24 - 2013-12-02 14:53 - 00000000 ____D C:\Users\Toshiba\Desktop\fr
2015-08-26 07:24 - 2013-12-02 14:53 - 00000000 ____D C:\Users\Toshiba\Desktop\de
2015-08-26 03:01 - 2015-11-02 19:05 - 03402230 _____ C:\Users\Toshiba\Desktop\win32list_DO_NOT_DELETE_ME.txt
2015-08-24 16:18 - 2015-08-24 16:18 - 00000000 ____D C:\Users\Toshiba\AppData\Local\GWX
2015-08-23 13:56 - 2015-08-23 13:56 - 00015806 _____ C:\Windows\system32\results.xml
2015-08-23 13:54 - 2012-05-15 06:13 - 00144896 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-08-23 13:54 - 2012-05-15 06:13 - 00020992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-23 13:54 - 2012-05-15 05:20 - 00104448 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-08-23 13:54 - 2012-05-15 05:20 - 00017920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-23 13:53 - 2015-08-23 13:54 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-23 13:40 - 2015-06-03 15:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-08-23 13:39 - 2015-05-25 13:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-08-23 13:39 - 2015-05-25 13:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-08-23 13:39 - 2015-05-25 13:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-08-23 13:39 - 2015-05-25 13:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-08-23 13:39 - 2015-05-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-08-23 13:39 - 2015-05-25 13:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-08-23 13:39 - 2015-05-25 13:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-08-23 13:39 - 2015-05-25 13:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-08-23 13:39 - 2015-05-25 13:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-08-23 13:39 - 2015-05-25 13:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-08-23 13:39 - 2015-05-25 13:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-08-23 13:39 - 2015-05-25 13:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-08-23 13:39 - 2015-04-27 14:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-23 13:39 - 2015-04-27 14:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-23 13:39 - 2015-04-27 14:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-23 13:39 - 2015-04-27 14:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-23 13:39 - 2015-04-27 14:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-23 13:39 - 2015-04-27 14:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-23 13:39 - 2015-04-27 14:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-08-23 13:39 - 2015-04-27 14:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-08-23 13:39 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-08-23 13:39 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-08-23 13:38 - 2015-04-10 22:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-08-23 13:38 - 2015-03-03 23:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-08-23 13:38 - 2015-03-03 23:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-08-23 13:38 - 2015-03-03 23:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-08-23 13:38 - 2015-03-03 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-08-23 13:38 - 2015-03-03 23:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-08-23 13:38 - 2015-03-03 23:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-08-23 13:38 - 2015-03-03 23:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-08-23 13:35 - 2015-08-23 13:54 - 00000000 ____D C:\ProgramData\Intel
2015-08-23 13:35 - 2015-08-23 13:35 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Intel
2015-08-19 02:09 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 02:09 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 01:07 - 2015-07-16 14:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-19 01:07 - 2015-07-16 14:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-19 01:07 - 2015-07-16 14:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-19 01:07 - 2015-07-16 14:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-19 01:07 - 2015-07-16 14:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-19 01:07 - 2015-07-16 14:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-19 01:07 - 2015-07-11 08:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-19 01:06 - 2015-07-15 13:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-19 01:06 - 2015-07-15 13:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-19 01:06 - 2015-07-15 13:09 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-19 01:06 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-19 01:06 - 2015-06-03 15:17 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-08-19 01:04 - 2015-07-30 13:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-19 01:04 - 2015-07-30 13:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-19 01:04 - 2015-07-30 13:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-19 01:04 - 2015-07-30 12:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-19 01:04 - 2015-07-30 12:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-19 01:04 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-19 01:04 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-19 01:04 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-19 01:04 - 2015-07-01 13:21 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-19 01:04 - 2015-07-01 13:20 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-19 01:04 - 2015-07-01 12:52 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-19 01:04 - 2015-07-01 12:52 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 16:30 - 2015-08-12 16:30 - 00000000 ____D C:\Users\Toshiba\.android
2015-08-12 16:20 - 2015-08-12 16:20 - 00001820 _____ C:\Users\Public\Desktop\Apps.lnk
2015-08-12 16:20 - 2015-08-12 16:20 - 00001807 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-08-12 16:19 - 2015-08-12 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-08-12 16:19 - 2015-08-12 16:19 - 00000000 ____D C:\ProgramData\BlueStacks
2015-08-12 16:19 - 2015-08-12 16:19 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-08-12 16:18 - 2015-09-16 21:31 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-08-12 16:18 - 2015-08-12 16:18 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Bluestacks
2015-08-12 14:50 - 2015-08-12 14:51 - 00000000 ____D C:\Program Files (x86)\ReadPlease 2003
2015-08-12 14:50 - 2015-08-12 14:50 - 00001144 _____ C:\Users\Toshiba\Desktop\ReadPlease PLUS.lnk
2015-08-12 14:50 - 2015-08-12 14:50 - 00001124 _____ C:\Users\Toshiba\Desktop\ReadPlease FREE.lnk
2015-08-12 14:50 - 2015-08-12 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReadPlease 2003

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-07 14:08 - 2015-03-27 14:15 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Skype
2015-11-07 14:06 - 2015-03-27 12:14 - 00000000 ____D C:\Users\Toshiba
2015-11-07 13:51 - 2015-03-27 14:14 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 13:24 - 2015-06-19 22:13 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\TS3Client
2015-11-07 13:22 - 2014-07-17 12:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-07 11:30 - 2015-05-08 23:13 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Kodi
2015-11-07 11:11 - 2015-04-14 14:48 - 00000000 ____D C:\ProgramData\ProductData
2015-11-07 11:05 - 2015-04-03 19:37 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\BitTorrent
2015-11-07 09:22 - 2015-06-26 19:09 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-07 08:23 - 2009-07-13 23:45 - 00023040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-07 08:23 - 2009-07-13 23:45 - 00023040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-07 03:00 - 2015-03-27 12:13 - 01972797 _____ C:\Windows\WindowsUpdate.log
2015-11-06 18:51 - 2015-03-27 14:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-06 17:45 - 2015-06-29 01:59 - 00000000 ____D C:\Program Files (x86)\SmilegateWest
2015-11-06 11:56 - 2015-04-03 19:45 - 00000000 ____D C:\Users\Toshiba\AppData\Local\gtk-2.0
2015-11-06 02:21 - 2015-04-03 19:43 - 00000000 ____D C:\Users\Toshiba\.gimp-2.8
2015-11-06 02:00 - 2015-03-30 23:09 - 00000000 ____D C:\Users\Toshiba\AppData\Local\Adobe
2015-11-05 22:57 - 2015-06-26 18:39 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-04 22:35 - 2015-06-19 20:18 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\.minecraft
2015-11-04 19:11 - 2009-07-13 21:34 - 00000430 _____ C:\Windows\win.ini
2015-11-04 14:11 - 2009-07-14 00:13 - 00006166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-04 14:08 - 2015-06-29 01:06 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\HexChat
2015-11-04 14:06 - 2015-05-28 12:37 - 00003238 _____ C:\Windows\System32\Tasks\Run LSI
2015-11-04 14:06 - 2015-05-28 12:30 - 00000000 ____D C:\Program Files (x86)\LSI
2015-11-04 14:05 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-04 09:16 - 2015-06-23 10:03 - 00000012 _____ C:\Users\Toshiba\Desktop\precede.txt
2015-11-02 19:05 - 2015-07-21 16:41 - 00023528 _____ C:\Users\Toshiba\Desktop\missingfiles.txt
2015-11-02 19:05 - 2015-06-23 10:06 - 05452703 _____ C:\Users\Toshiba\Desktop\ENPatch.rar
2015-11-02 19:05 - 2015-06-23 10:06 - 00795228 _____ C:\Users\Toshiba\Desktop\lf.stripped.db.7z
2015-11-02 18:57 - 2015-06-22 16:30 - 02770944 _____ (Arks-Layer) C:\Users\Toshiba\Desktop\PSO2 Tweaker.exe
2015-11-01 23:51 - 2015-04-14 22:19 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Raptr
2015-10-31 14:02 - 2015-04-14 18:48 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\vlc
2015-10-29 21:11 - 2015-06-10 23:12 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2
2015-10-28 13:47 - 2015-06-15 05:37 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\Free Download Manager
2015-10-27 14:02 - 2015-06-19 22:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-26 22:18 - 2015-06-21 00:23 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\DAEMON Tools Lite
2015-10-26 22:18 - 2015-04-12 22:18 - 00000000 ____D C:\Windows\Minidump
2015-10-26 21:49 - 2015-06-10 23:41 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-26 21:49 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-26 21:49 - 2015-03-27 14:47 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\puush
2015-10-26 21:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2015-10-24 00:58 - 2015-03-27 14:17 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 19:29 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-23 16:56 - 2015-04-04 22:44 - 00000000 ____D C:\ProgramData\NexonUS
2015-10-23 15:19 - 2015-03-27 14:41 - 00000000 ____D C:\Users\Toshiba\AppData\Local\IceChat
2015-10-23 13:57 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-21 09:31 - 2015-04-14 14:48 - 00000000 ____D C:\Users\Toshiba\AppData\Roaming\IObit
2015-10-21 09:31 - 2015-04-14 14:48 - 00000000 ____D C:\ProgramData\IObit
2015-10-21 09:30 - 2015-04-14 14:48 - 00000000 ____D C:\Program Files (x86)\IObit
2015-10-20 10:53 - 2015-03-27 19:14 - 00000000 ____D C:\Users\Toshiba\Documents\My Games
2015-10-18 07:51 - 2015-03-27 12:15 - 00000000 ___RD C:\Users\Toshiba\Virtual Machines
2015-10-18 03:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-10-18 02:22 - 2015-04-18 03:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-18 02:22 - 2014-07-15 18:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-18 02:01 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-17 12:22 - 2014-07-17 12:04 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 12:22 - 2014-07-17 12:04 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 12:22 - 2014-07-17 12:04 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 11:01 - 2015-07-05 05:56 - 00000000 ____D C:\Windows\SysWOW64\DCS
2015-10-10 21:08 - 2015-03-30 23:15 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2015-04-01 17:04 - 2015-04-01 17:04 - 0001181 _____ () C:\Users\Toshiba\AppData\Roaming\trace_FilterInstaller.txt
2015-04-01 17:04 - 2015-04-01 17:04 - 0000000 _____ () C:\Users\Toshiba\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-10-29 20:54 - 2015-10-29 21:49 - 0009728 _____ () C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-06 02:21 - 2015-11-06 02:21 - 0001939 _____ () C:\Users\Toshiba\AppData\Local\recently-used.xbel

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2015-10-06 19:24] - [2015-09-16 02:48] - 0357888 ____A (Microsoft Corporation) A7A17A96EB45D10D58E6F5B61F44CA1B

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-02 02:59

==================== End of FRST.txt ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Toshiba (2015-11-07 14:13:07)
Running from C:\Users\Toshiba\Downloads\Bleep
Windows 7 Ultimate Service Pack 1 (X64) (2015-03-27 17:14:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-92233877-364066824-1895237924-500 - Administrator - Disabled)
Guest (S-1-5-21-92233877-364066824-1895237924-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-92233877-364066824-1895237924-1002 - Limited - Enabled)
Toshiba (S-1-5-21-92233877-364066824-1895237924-1000 - Administrator - Enabled) => C:\Users\Toshiba

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version:  - )
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Ancient Weapon Sounds (HKLM-x32\...\{E00A5837-482C-4DCE-B4CC-D16B343374E1}) (Version: 2.1.1 - Screaming Bee)
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version:  - X-Legend)
AutoHotkey 1.1.21.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.21.00 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitTorrent (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.34.4278 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{09D96B90-87D9-410A-A1E8-BF2F2CF6394A}) (Version: 0.9.34.4278 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comic Sound Pack (HKLM-x32\...\{91C78DA1-800F-4ACE-B6F6-206F7617D69E}) (Version: 2.1.1 - Screaming Bee)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.2.64 - Conexant)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
CrystalDiskInfo 6.3.2 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DC Universe Online Live (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Driver Booster 3.0 Beta2 (HKLM-x32\...\Driver Booster Beta_is1) (Version: 3.0 - IObit)
Fantasy Sound Pack (HKLM-x32\...\{B53415F5-4060-48DA-ABB8-00F768158F47}) (Version: 1.1.1 - Screaming Bee)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Free Download Manager 3.9.5 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Galactic Voices (HKLM-x32\...\{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}) (Version: 1.3.1 - Screaming Bee)
Gigantic Installer (HKLM-x32\...\{fb714f96-ecf3-484b-b780-edbd9e241da7}) (Version: 1.0.0.2 - Motiga Inc.)
Gigantic Launcher (64-bit) (Version: 1.3.0.1 - Motiga Inc.) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
IceChat 7.80 (Build 20141213) (HKLM-x32\...\IceChat_is1) (Version: 7.80 - IceChat Networks)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kodi (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Kodi) (Version:  - XBMC-Foundation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LSI - LoL Summoner Information (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.7.4 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Modern War Sounds (HKLM-x32\...\{A514E94F-C436-44C3-A1E9-1F58CD352669}) (Version: 1.0.1 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{4bfc0d50-0417-46a0-ab1e-475fb1a90916}) (Version: 4.4.17.22603 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OldSchool RuneScape Launcher 1.2.4 (HKLM-x32\...\{5D394B1B-03A1-43BC-BBA9-53BC880F86F3}) (Version: 1.2.4 - Jagex Ltd)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Phantasy Star Online 2: EPISODE 3 (HKLM-x32\...\{38CA1868-3A03-4B5D-93A1-FD6F61D6723A}_is1) (Version:  - SEGA)
Prime World version 10.2 (HKLM-x32\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 10.2 - Nival)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.)
ReadPlease 2003/ReadPlease PLUS 2003 (HKLM-x32\...\ReadPlease 2003_is1) (Version: 2003.1.10 - ReadPlease Corporation)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
Sci-Fi 2 Sound Pack (HKLM-x32\...\{62DC2D57-7AB8-4181-994B-C62D55FCE6F4}) (Version: 1.3.1 - Screaming Bee)
Sci-Fi Sound Pack (HKLM-x32\...\{D16C611D-CA6F-402B-9EDA-9862CF4A701B}) (Version: 1.1.1 - Screaming Bee)
Sci-Fi Voice Pack (HKLM-x32\...\{BC038C91-D3C6-4E43-8439-B65976FE7937}) (Version: 1.3.1 - Screaming Bee)
Skype Voice Changer (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\d8f4b4d52e33052f) (Version: 1.4.0.0 - Mark Heath)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.17.3072.0 - Hi-Rez Studios)
Special Effects Voices (HKLM-x32\...\{913C4C4F-9E3E-41A6-A614-1BDC1352A225}) (Version: 1.0.2 - Screaming Bee)
Spooky Sounds (HKLM-x32\...\{F71EBF86-9A73-44C0-A674-55FA3E4A8428}) (Version: 2.1.1 - Screaming Bee)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version:  - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - )
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Update for Outlook 2007 Junk Email Filter (kb943597) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A751F0DB-8476-4207-956E-20AEBBA4B1DA}) (Version:  - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.11 - NCH Software)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.0.3 - Shark007)
Window NetManager (HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\Window NetManager) (Version: 1.08 - Green Air Computing)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {078940E3-3589-4DF9-84BE-A4FA7065764D} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => C:\Windows\system32\WorkFoldersSystemTray.exe [2014-04-08] (Microsoft Corporation)
Task: {0DE517FB-0CF0-4719-86F1-4B6E53241EFD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {1E24495A-E2B3-4795-BC12-8115CDA802EE} - System32\Tasks\Uninstaller_SkipUac_Toshiba => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {23C75D9A-C478-4269-8454-B25BCEE663FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-27] (Google Inc.)
Task: {2D581C7F-93F7-45F5-A8E6-039A23426817} - System32\Tasks\Driver Booster Beta Scheduler => C:\Program Files (x86)\IObit\Driver Booster Beta\Scheduler.exe [2015-08-14] (IObit)
Task: {2EC6396F-062A-41F9-8F22-0F4DF1B7E90D} - \amiupdaterExd -> No File <==== ATTENTION
Task: {3EB3D77D-CEF2-4A5A-B99B-4534B548EE58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-27] (Google Inc.)
Task: {421AB410-2807-47D8-BB82-87AE7C397E5C} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-6 -> No File <==== ATTENTION
Task: {492AAC68-71F9-408F-9FFA-8B87FF77EBC6} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-3 -> No File <==== ATTENTION
Task: {4A9C7A5E-FDE6-4B03-8A2C-78888F859A78} - System32\Tasks\{12A9FE9B-9834-4EEA-A85A-B95777572264} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.3.0.120&amp;LastError=404
Task: {4CC061E5-B81C-4C50-852B-0C567D572CE5} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-4 -> No File <==== ATTENTION
Task: {4D319222-355F-43C9-B658-65DA3F4DE4B7} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {61A5E90B-F317-4675-901E-874AD8DFCA68} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> No File <==== ATTENTION
Task: {6996E5B9-F8F0-46EF-8922-D6ABA90C8275} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {7B66E274-3C28-4E64-93EA-DDD1845257E0} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-1-6 -> No File <==== ATTENTION
Task: {847C55E7-3D36-4759-8579-08C65EFF2E2C} - \amiupdaterExi -> No File <==== ATTENTION
Task: {87CAD1C1-BA72-4E41-B2E5-28AB17C16803} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-05-19] (Aequus Gaming)
Task: {9E70D02D-340E-445A-8910-C96CB692B8BF} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-1-7 -> No File <==== ATTENTION
Task: {A0BFE176-291C-489F-8750-FD82FE2C748B} - System32\Tasks\{58FA387B-8379-43E5-B61F-31E62BA99B4B} => C:\Program Files (x86)\SmilegateWest\LostSaga\LoginLauncherN.exe
Task: {A980FE22-72A6-4406-A89B-441758E658B7} - System32\Tasks\AdobeAAMUpdater-1.0-Toshiba-PC-Toshiba => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {AE44B1D7-F246-4C9D-87A6-E7AD94460983} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> No File <==== ATTENTION
Task: {AF52978C-F2CA-41E7-A20E-262C3EC1CE35} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe
Task: {BAA1FB98-4453-41C4-904B-96A3DA89137C} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-7 -> No File <==== ATTENTION
Task: {BAAA6E38-5A43-426E-AC78-BF1FC4A4E5D4} - \OAHAKSUGBN1 -> No File <==== ATTENTION
Task: {C98F6AFF-1261-4183-A6F2-4BB388B8C665} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-5 -> No File <==== ATTENTION
Task: {D0773902-C262-4E2F-A596-4252A880ADBC} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-10_user -> No File <==== ATTENTION
Task: {D09648E2-2AFB-44E2-A9AE-B0EF4CB4DB5E} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D0D4F27C-A40D-4178-97B8-84AAF70A6C1A} - \bvxvdxvx -> No File <==== ATTENTION
Task: {D7B6E652-5243-47B9-8C50-C94831E472E5} - System32\Tasks\Driver Booster Beta SkipUAC (Toshiba) => C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe [2015-08-14] (IObit)
Task: {F2DAFDAD-6291-49C0-8672-2C0533ADF391} - \13ad9eba-1dab-471a-bd14-e7c27b0bdaaf-5_user -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-10 13:20 - 2015-03-10 13:20 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-11 14:13 - 2015-02-11 14:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-11-07 08:09 - 2014-06-16 16:28 - 00210944 _____ () C:\Program Files\CDisplayEx\unrarshell.dll
2015-11-07 08:09 - 2014-08-14 20:30 - 00402944 _____ () C:\Program Files\CDisplayEx\libwebp.dll
2015-11-07 08:09 - 2014-08-14 20:30 - 00044544 _____ () C:\Program Files\CDisplayEx\libwebpdemux.dll
2011-04-05 01:18 - 2011-04-05 01:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-01-10 13:41 - 2015-03-30 11:34 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2015-04-01 14:51 - 2015-04-01 14:51 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-10-28 14:38 - 2010-04-09 23:03 - 00048640 _____ () C:\Users\Toshiba\Desktop\DDMM_v1.1\DDMM.exe
2015-10-06 19:56 - 2014-11-25 18:09 - 00741888 _____ () C:\Program Files\HexChat\hexchat.exe
2015-10-06 19:56 - 2014-11-22 18:48 - 00028160 _____ () C:\Program Files\HexChat\iconv.dll
2015-10-06 19:56 - 2014-11-22 18:50 - 01394688 _____ () C:\Program Files\HexChat\cairo.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 00682496 _____ () C:\Program Files\HexChat\fontconfig.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 01502720 _____ () C:\Program Files\HexChat\libxml2.dll
2015-10-06 19:56 - 2014-11-22 18:49 - 00613888 _____ () C:\Program Files\HexChat\pixman-1.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 00225280 _____ () C:\Program Files\HexChat\libpng16.dll
2015-10-06 19:56 - 2014-11-22 18:48 - 00076288 _____ () C:\Program Files\HexChat\zlib1.dll
2015-10-06 19:56 - 2014-11-22 18:50 - 00783360 _____ () C:\Program Files\HexChat\harfbuzz.dll
2015-10-06 19:56 - 2014-11-22 18:51 - 00056832 _____ () C:\Program Files\HexChat\lib\gtk-2.0\i686-pc-vs10\engines\libwimp.dll
2015-10-06 19:56 - 2014-11-22 18:50 - 00287744 _____ () C:\Program Files\HexChat\lib\enchant\libenchant_myspell.dll
2015-10-06 19:56 - 2014-11-25 18:09 - 00011264 _____ () C:\Program Files\HexChat\plugins\hcupd.dll
2015-11-07 14:05 - 2015-11-07 14:05 - 00050477 _____ () C:\Users\Toshiba\Downloads\Defogger.exe
2015-06-15 05:37 - 2015-05-14 17:28 - 04912744 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-13 19:37 - 2014-08-13 19:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-13 19:37 - 2014-08-13 19:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2015-10-01 16:39 - 2015-07-27 14:32 - 02551040 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2015-06-26 18:09 - 2013-11-20 19:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-17 19:56 - 2014-06-17 19:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 18:06 - 2010-11-22 18:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-06-26 18:42 - 2015-10-05 11:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-26 18:42 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-26 18:42 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-26 18:42 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-26 18:42 - 2015-11-05 11:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-26 18:41 - 2015-09-23 19:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-26 18:42 - 2015-11-05 11:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-21 18:05 - 2015-11-03 17:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-06-26 18:42 - 2015-10-08 17:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-26 18:41 - 2015-09-24 18:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-10-17 12:22 - 2015-10-17 12:22 - 17599688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
2015-10-21 09:30 - 2014-10-08 14:51 - 00348992 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\madExcept_.bpl
2015-10-21 09:30 - 2014-10-08 14:50 - 00183616 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\madBasic_.bpl
2015-10-21 09:30 - 2014-10-08 14:50 - 00051008 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\madDisAsm_.bpl
2015-10-21 09:30 - 2014-08-22 14:19 - 00893248 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\webres.dll
2015-10-21 09:30 - 2012-02-16 09:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Driver Booster Beta\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Folacaanl => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WWatcherProxy => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-92233877-364066824-1895237924-1000\...\sony.com -> sony.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-92233877-364066824-1895237924-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 167.206.13.180 - 167.206.13.181
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\startupfolder: C:^Users^Toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: BitTorrent => "C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{19AB3E21-927B-49A1-BC67-A5C5994ACF9F}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [UDP Query User{2EBFA2D4-67A4-40B2-8AA7-35BE39D22AE3}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [TCP Query User{9EC1248C-E841-42FB-B19E-94EFADF0F1A2}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [UDP Query User{A7FA18E8-5217-4666-84CF-6F5F634E5657}C:\program files (x86)\icechat7\icechat7.exe] => (Allow) C:\program files (x86)\icechat7\icechat7.exe
FirewallRules: [{8BA6E19E-45C7-4A9B-8A23-64E154ADC3E7}] => (Allow) C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B4E7BB01-C525-417B-A62A-D53BD4F1F640}] => (Allow) C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AC53D5D9-BFA9-4D24-91C9-9BFC9ACAD122}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{867C8A75-236D-40EF-9912-AB408577F942}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [TCP Query User{2445798B-1416-4755-89E5-A50320886965}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{8C49E1E6-3438-405E-B651-9B38CA6030F6}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{8BFDD7D2-80E3-45AE-B46B-09EF5B876E9C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{90A7C2A4-79B6-4687-8731-769F57F2261B}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{6E0BE764-28AD-4DFA-9D42-010091C0FC8F}C:\games\prime world\pvp\bin\pw_game.exe] => (Allow) C:\games\prime world\pvp\bin\pw_game.exe
FirewallRules: [UDP Query User{029F1A05-01F5-45AD-8EFE-C3D521E6C57A}C:\games\prime world\pvp\bin\pw_game.exe] => (Allow) C:\games\prime world\pvp\bin\pw_game.exe
FirewallRules: [{F6CB07D5-7158-4CAD-BB17-C7CAD2BF3133}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7C9A9ED0-ADC3-4167-89B2-AFEDB8D1D90D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{721D9BDF-E4A2-43A9-8C1B-CB000EFC3161}C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{9A17D573-2907-4FD5-8271-0419090FEFB9}C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\toshiba\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7BFA0455-3799-4A03-B4F7-D32D0C8FD7EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A703CC86-6418-4E13-A0A4-233F6685916F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3EBE64ED-FBA2-4C9C-8514-176F69250766}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D5B9423F-CEC7-4CC9-BA60-28B4DCAEBCA4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D786C4C-EDB6-4C0F-88B1-C835C65BF169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{C4F6FD75-666B-4D09-A943-F3B1F1A5EBEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{76EA6D96-0842-41E2-A574-85F6CD42A2F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{D127A1EC-60F9-4772-BC13-B0C3F745EBC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{DF537C1D-2EEE-4639-814D-9FCB688C224D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GunZ 2 The Second Duel\Gunz2_Steam.exe
FirewallRules: [{26F912FF-3400-47E2-8831-4C703ED70BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GunZ 2 The Second Duel\Gunz2_Steam.exe
FirewallRules: [{806751E4-4CC0-4FFA-A3CA-105DA1621465}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{A6B5FE13-DD7A-478F-9402-9DDED31C12C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{F4AD4B9F-E28F-476A-8132-7AB76F5F0A14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{3445AE7C-4257-4AAA-8A58-4A8341BBC9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{D9AC912A-5E21-4133-BE5D-4A003077F044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{18049FB1-D727-4C80-B38D-63FD4A77D244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{285F756B-1BE3-4A48-821E-ABCCDEC85508}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9CA8F47D-43A4-43AE-86B7-97E66DE07ED7}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{DCFF61DA-7D53-45D8-BBEC-6F6FD64C2242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{BBCCDB16-94EB-4584-A2D7-CEFE48EF7B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [TCP Query User{5193D9B1-7E9C-45C0-96AB-4EADFEC19940}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{99CA93BA-694E-46AF-AC8E-2B9160E24DFA}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{6CC118A1-7174-4AC6-9823-51C7B3081362}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7B1849FC-11C5-4E9B-B5F4-D1D65085251D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7D8E653A-55C7-4634-8FEF-393E9D20CA0B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6A8EDB95-2EFC-4881-BFE7-8E71F9F639D0}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{12B746C2-A3C1-4548-A8B5-74AA8319CF10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F56A236F-FB09-4C61-A8E2-1DAA78BCF140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FC316330-1B28-46BF-BF71-F5DDF9AE11A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F2665051-9873-4A5D-B4B1-45CA4DB6C7B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B8E8619B-7553-49A0-8AEC-34CE8C65BEAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{6940F642-104B-4968-A4AA-781C2B6F07BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{8A19B139-2D2D-401B-B8D8-F8CAF7A7484A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{DFD79C1C-0FA1-4439-AFD3-D8DD824AB145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C41C61E4-0220-43AB-8A48-988D68AF73CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{04C81816-D12F-442D-86A6-E945E03107DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{639A892F-EB7C-4901-A593-442F1D560A8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D8CA7FD3-6FBC-4135-AD34-D2DB0CDCFAC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{67C8E991-9E5D-48AB-B394-F7032D2C808C}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [UDP Query User{D2EF853F-5868-4BFC-8A76-41E63D865523}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [{931F3E56-346A-4629-BE45-1356D43F4609}] => (Allow) C:\Program Files (x86)\SmilegateWest\autoupgrade.exe
FirewallRules: [{A564AD2C-0818-4A6E-8CC8-5B19F4B39907}] => (Allow) C:\Program Files (x86)\SmilegateWest\autoupgrade.exe
FirewallRules: [{E821558B-7D65-456D-999E-74FB1847C66A}] => (Allow) C:\Program Files (x86)\SmilegateWest\lostsaga.exe
FirewallRules: [{CD201941-2824-4A28-B998-DDE884C16719}] => (Allow) C:\Program Files (x86)\SmilegateWest\lostsaga.exe
FirewallRules: [TCP Query User{8DCC723B-AB58-4524-961A-A4E822436307}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{07D8F30E-85A2-4399-A304-E625DA90971F}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{05F10480-F387-4A50-8CDC-34FBB4CC2490}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮睜湩敮浴杮攮數
FirewallRules: [{4E7E159A-378B-4FF9-A435-377E217355E7}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮牜獥睴湩敮浴杮攮數
FirewallRules: [{44A8A453-6F54-43C5-8410-6F0CB28623F1}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮睜湩敮浴杮⹟硥e
FirewallRules: [{34FC8D47-989E-4709-A706-D3410AF51974}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶睜湩敮浴杮牜獥睴湩敮浴杮⹟硥e
FirewallRules: [TCP Query User{6274B7FB-8A47-41CB-8DFC-EA3AC608BE32}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{016CB3FB-AC77-436F-82D8-0B49CC88ED2F}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AF8253FB-CAA2-4DDA-9367-EB8F18383DD1}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B51362F1-E9F5-44EE-AD2B-B2227A47515E}C:\users\toshiba\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\toshiba\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E9E75FE4-AA49-43F9-BE6C-D43B5805A1EE}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{F954312B-1707-4B3E-B3D3-680D5EEE294F}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{3CC674D3-372B-4259-BE99-2229782495D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD07DDEE-F92B-4532-9F0B-B7BBFB44D5EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A586ACAF-BE9F-4BEB-9E4B-A359409B16F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D1B53CC0-1CA2-436F-8ED3-4C31DC1271EE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{0FD70A5F-9637-43CF-9C29-955A1BB68886}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{604441FB-571C-42B2-8626-3A04DC41704F}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{18BCCD58-3EF0-42C5-87D3-B269A92C6138}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{96721650-60C8-49C2-8FD5-840ADCE49FDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F13FB1FB-D00A-48EA-A649-38641656FA7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F0BB2FDC-1692-426A-B031-85542D6C0355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{75A459FF-22DD-4569-A4FC-1D97CF577D9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{5B557B1E-780E-419D-A76B-DB4A7234327E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\strife\bin\strife.exe
FirewallRules: [{83F55BB9-20AD-431D-A24A-12A45C9C6A1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\strife\bin\strife.exe
FirewallRules: [{2217CCB6-89E9-48B5-941B-DDC38FCC6A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{AABBCBC4-C2FA-4690-9247-ED24CBFB4B4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{5808569A-6700-4DF4-9E0C-929DAF483D51}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{C2D6E9FE-CF7B-4654-9A39-D07C6AB66A59}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{AEC90502-8C1B-4FB7-8D3E-27F62A2B34EE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{12029FBF-E293-4313-B652-CD9E2D691646}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{96076C14-E229-4559-807A-8938B736C558}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDA2D242-0DCD-489F-9C22-F11537434109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{791F3B06-62F6-4796-B5FA-EF51E765587B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{A0DD03FB-2D1E-4A0E-8561-746E9138604F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{1F1E5026-58AA-4D96-81F2-CAE320B829AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin

==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Description: Qualcomm Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2015 09:25:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x9dd8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (11/05/2015 12:43:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0x23e0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (11/05/2015 10:27:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Exception code: 0x40000015
Fault offset: 0x00052d24
Faulting process id: 0x43f4
Faulting application start time: 0xjucheck.exe0
Faulting application path: jucheck.exe1
Faulting module path: jucheck.exe2
Report Id: jucheck.exe3

Error: (11/04/2015 02:11:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (11/04/2015 02:11:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (11/04/2015 01:57:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 41.0.2.5765, time stamp: 0x561ef9f1
Faulting module name: mozglue.dll, version: 41.0.2.5765, time stamp: 0x561ee53f
Exception code: 0x80000003
Fault offset: 0x0000ec91
Faulting process id: 0xd544
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (11/01/2015 12:04:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (11/01/2015 12:04:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (11/01/2015 11:58:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LoLSummonerInfo.exe, version: 4.7.4.0, time stamp: 0x555af48a
Faulting module name: ltc_game32-99265.dll_unloaded, version: 0.0.0.0, time stamp: 0x559eccc7
Exception code: 0xc0000005
Fault offset: 0x5b01d2c0
Faulting process id: 0x9c4
Faulting application start time: 0xLoLSummonerInfo.exe0
Faulting application path: LoLSummonerInfo.exe1
Faulting module path: LoLSummonerInfo.exe2
Report Id: LoLSummonerInfo.exe3

Error: (11/01/2015 10:27:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1
Exception code: 0x40000015
Fault offset: 0x00052d24
Faulting process id: 0xc8bc
Faulting application start time: 0xjucheck.exe0
Faulting application path: jucheck.exe1
Faulting module path: jucheck.exe2
Report Id: jucheck.exe3


System errors:
=============
Error: (11/07/2015 02:06:49 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/07/2015 10:31:45 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.

Error: (11/07/2015 09:49:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.

Error: (11/07/2015 09:29:29 AM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.

Error: (11/07/2015 09:06:21 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.

Error: (11/07/2015 08:23:35 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.

Error: (11/07/2015 07:40:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.

Error: (11/07/2015 06:58:11 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.

Error: (11/07/2015 06:15:29 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.

Error: (11/07/2015 05:32:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 112.


CodeIntegrity:
===================================
  Date: 2015-09-16 04:12:25.639
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:12:25.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:12:25.464
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:12:25.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:09:03.549
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:09:03.470
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:06:57.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:06:56.953
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:05:21.103
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-16 04:05:21.008
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 70%
Total physical RAM: 4043.86 MB
Available physical RAM: 1181.7 MB
Total Virtual: 8085.91 MB
Available Virtual: 3196.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:88.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2F424B59)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Edited by Huntchez, 07 November 2015 - 02:16 PM.


#11 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 10 November 2015 - 11:11 AM

Hi HuntChez.

 

No problem with Defogger, we can continue.   :)

 

Please move FRST64.exe to your desktop. The location of this tool matters when running a fix.

 

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    Attached File  fixlist.txt   11.91KB   22 downloads
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

==========

 

We need to search for a file with FRST:

  • Double-click on FRST.exe/FRST64.exe to open it, in the search box, type the following: dnsapi.dll
  • Press the Search Files button, allow FRST to run
  • A log file Search.txt will appear when complete, please post this in your next reply

------------------

 

We need to perform files checking on virustotal.com

 

  1. C:\Windows\SysWOW64\sc.bat
  2. C:\Windows\SysWOW64\HardwareInformation.exe
  3. C:\Windows\SysWOW64\win.exe
  • If the website said that the files was already analyzed, press on the Reanalyze button.
  • Wait for the site to finish scanning.
  • Copy and paste the link to the scan result with your next reply.
  • Repeat above steps for each file I listed above.

-------------------

 

Please post fixlog.txt, search.txt and virustotal scan results with your next reply.

 

How's your computer running now?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#12 Huntchez

Huntchez
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 10 November 2015 - 10:41 PM

Computer is acting the same. Did get some interesting results from your instructions though.

 

https://www.virustotal.com/en/file/037a214d2ceba725d9709e56393ffd665ae03bbcc0fd54163fa790010bca79ce/analysis/1447212955/

 

https://www.virustotal.com/en/file/1dbdf1dd9ad5a3af7367c7a39df2ffae327a7d08ded09a59e90625441e562097/analysis/1447213046/ <-- This one is pretty nasty.

 

https://www.virustotal.com/en/file/ed0b576c50767a05f9c36b1529e07bd44cfa997e0843bc4e13ffb61ebd66d157/analysis/1447213169/ <--- This too.

Attached Files



#13 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 11 November 2015 - 09:48 AM

Hi HuntChez.

 

We need to use a flash drive now. Please copy FRST64.exe on your desktop to your flash drive. And download this fixlist to your flash drive too.

 

Attached File  fixlist.txt   231bytes   9 downloads

 

Important: FRST64.exe and fixlist.txt must be in the root of your flash drive!

 

Now when you have both files in your flash drive, reboot your machine. Before "Starting Windows" appears on the screen, tapping F8 key repeatedly until Advanced Boot Options window appears. If this doesn't happen and you see "Starting Windows" reboot and try again.

 

When you're at Advanced Boot Options windows, select Repair your computer with your arrow keys and press Enter. 

 

Then select US as your keyboard language, select your username and enter password (if you don't have one just leave it blank.)

 

You will now see System Recovery Options windows, select Command Prompt.

 

Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Change File type (Lower right corner) from Text Documents to All files.
  • Select "Computer" > Your flash drive > right click at FRST64.exe > Run as admin.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Fix button.
  • It will make a log (fixlog.txt) on the flash drive. Please copy and paste it to your reply.

------------------

 

After the fix has been completed, close FRST down and press Restart button on System Recovery Options window, then reboot into normal mode.

 

Please create a new FRST log for me. Select addition.txt additional scan option before you press Scan,

 

In your next reply please include FRST.txt, Addition.txt and fixlog.txt (in your flash drive) with your next reply.

 

How's your computer running now?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#14 Huntchez

Huntchez
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 11 November 2015 - 04:36 PM

This step could be problematic.

 

I do not own a flash drive.

 

Second thing is an old issue, but even though the password I use to log on my laptop is correct, the 'Repair your computer' screen says it's incorrect. I mean, it's in some other language, but the pop-up suggests it's not accepting my password.



#15 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:15 PM

Posted 12 November 2015 - 01:05 PM

Hi HuntChez.

 

No problem, we will use this instead.

 

 

Blitzblank

--------------------

Blitzblank is a powerful tool and care must be taken to follow the steps carefully. Please note the warning you will receive when the program is launched.

  • Download Blitzblank and save it to your Desktop <<< Important
  • Download this file to your desktop: Attached File  script.txt   506bytes   17 downloads
  • Right click at Blitzblank.exe and select Run as administrator.
  • Click OK on the warning screen
  • Click on Open icon on the top of the window.
  • Browse for script.txt file you've downloaded.
  • Click Execute Now
  • Click OK on the warning window
  • Click OK on the System reboot window
  • You will see a black screen with writing on it indicating the actions being taken
  • Locate C:\blitzblank.txt and copy and paste the contents of that document in your reply

 

How's your computer running now?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users