Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

chromebrowser.exe


  • This topic is locked This topic is locked
3 replies to this topic

#1 Chi Hao

Chi Hao

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 03 November 2015 - 09:54 AM

Hey there,

 

Today I've noticed that my pc has a chromebrowser.exe runing in the background. I do not have chome on my pc so i suspect it's a virus. I cannot remove it so I hope you guys can help me out. Here are the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Chi Hao (administrator) on DESKTOP-M2MK112 (03-11-2015 15:52:01)
Running from C:\Users\Chi Hao\Desktop
Loaded Profiles: Chi Hao (Available Profiles: Chi Hao)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\Smart Utilities\SuperRAIDSvc.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11328464 2015-09-11] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [830416 2015-08-03] (MSI)
HKLM-x32\...\Run: [chromebrowser] => "C:\Windows\chromebrowser.exe"
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\Run: [MurGee.com Auto Clicker] => C:\Users\Chi Hao\AppData\Roaming\Auto Clicker\AutoClicker.exe [120304 2015-03-29] (MurGee.com)
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\Run: [Spotify Web Helper] => C:\Users\Chi Hao\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-10-02] (Spotify Ltd)
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\Run: [Spotify] => C:\Users\Chi Hao\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-10-02] (Spotify Ltd)
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\RunOnce: [Uninstall C:\Users\Chi Hao\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Chi Hao\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\MountPoints2: F - "F:\setup.exe"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => No File
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-11-03]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{966d0704-fa42-481c-b904-782b404d58ae}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Chi Hao\AppData\Roaming\Mozilla\Firefox\Profiles\6cqbfw3i.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-10-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-02] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-02] (Dropbox, Inc.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [34984 2015-09-03] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [402432 2015-07-08] (Rivet Networks) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2106832 2015-06-29] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4048336 2015-08-13] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2123216 2015-07-08] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4177360 2015-07-07] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2002896 2015-07-28] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2285008 2015-09-07] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2072528 2015-06-29] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [599504 2015-07-28] (MSI)
R2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2266280 2015-03-28] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1768912 2015-09-11] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2015-02-10] (Micro-Star INT'L CO., LTD.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19216 2015-07-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [114736 2015-07-07] (Rivet Networks, LLC.)
S3 cpuz138; C:\Users\Chi Hao\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2015-09-30] (CPUID)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-11] (Disc Soft Ltd)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2015-09-30] ()
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [124464 2015-04-27] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-09-30] (Intel Corporation)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-24] (Intel Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-03 15:52 - 2015-11-03 15:52 - 00018025 _____ C:\Users\Chi Hao\Desktop\FRST.txt
2015-11-03 15:50 - 2015-11-03 15:52 - 00000000 ____D C:\FRST
2015-11-03 15:49 - 2015-11-03 15:49 - 02198016 _____ (Farbar) C:\Users\Chi Hao\Desktop\FRST64.exe
2015-11-03 15:43 - 2015-11-03 15:43 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-03 15:42 - 2015-11-03 15:42 - 02870984 _____ (ESET) C:\Users\Chi Hao\Desktop\esetsmartinstaller_enu.exe
2015-11-03 15:35 - 2015-11-03 15:35 - 00016148 _____ C:\Windows\system32\DESKTOP-M2MK112_Chi Hao_HistoryPrediction.bin
2015-11-03 15:18 - 2015-11-03 15:18 - 00000000 ____D C:\Windows\system32\appmgmt
2015-11-03 15:16 - 2015-11-03 15:16 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-03 15:15 - 2015-11-03 15:35 - 00000378 ____H C:\Windows\Tasks\YHYOYECBLBONYJAV.job
2015-11-03 15:15 - 2015-11-03 15:15 - 00003458 _____ C:\Windows\System32\Tasks\YHYOYECBLBONYJAV
2015-11-03 15:15 - 2015-11-03 15:15 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2015-11-03 15:14 - 2015-11-03 15:35 - 00001056 _____ C:\Windows\Tasks\RKDtiZu7NRNNRUJdmvAt3i.job
2015-11-03 15:14 - 2015-11-03 15:19 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-11-03 15:14 - 2015-11-03 15:15 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\Opera Software
2015-11-03 15:14 - 2015-11-03 15:15 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\Opera Software
2015-11-03 15:14 - 2015-11-03 15:15 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-03 15:14 - 2015-11-03 15:14 - 00004200 _____ C:\Windows\System32\Tasks\RKDtiZu7NRNNRUJdmvAt3i
2015-11-03 15:14 - 2015-11-03 15:14 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\DivX
2015-11-03 15:14 - 2015-11-03 15:14 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\globalUpdate
2015-11-03 15:14 - 2015-11-03 15:14 - 00000000 ____D C:\Program Files\DivX
2015-11-03 15:14 - 2015-07-10 12:02 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-11-03 15:13 - 2015-11-03 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-11-03 15:13 - 2015-11-03 15:13 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-03 15:13 - 2015-11-03 15:13 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\ComBroadcaster
2015-11-03 15:12 - 2015-11-03 15:14 - 00000000 ____D C:\ProgramData\DivX
2015-11-03 14:59 - 2015-11-03 15:25 - 00001256 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2015-11-03 14:59 - 2015-11-03 15:09 - 00000000 ____D C:\Users\Chi Hao\Downloads\PopcornTime
2015-11-03 14:58 - 2015-11-03 14:59 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2015-11-03 14:57 - 2015-11-03 14:58 - 48332813 _____ (Popcorn Time ) C:\Users\Chi Hao\Desktop\PopcornTime-latest.exe
2015-11-03 00:27 - 2015-11-03 15:25 - 00000900 _____ C:\Users\Chi Hao\Desktop\trine1_launcher - Shortcut.lnk
2015-11-03 00:27 - 2015-11-03 15:25 - 00000889 _____ C:\Users\Chi Hao\Desktop\trine1_32bit - Shortcut.lnk
2015-11-03 00:27 - 2015-11-03 00:27 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\Trine1
2015-11-03 00:24 - 2015-11-03 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trine Enchanted Edition
2015-10-30 00:21 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-10-30 00:21 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-10-30 00:21 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-10-30 00:21 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-10-30 00:21 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-10-30 00:21 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-30 00:21 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-30 00:21 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-10-30 00:21 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2015-10-30 00:21 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-10-30 00:21 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-10-30 00:21 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2015-10-30 00:21 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-30 00:21 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2015-10-30 00:21 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-10-30 00:21 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-30 00:21 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2015-10-30 00:21 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-30 00:21 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2015-10-30 00:21 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-10-30 00:21 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-10-30 00:21 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2015-10-30 00:21 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2015-10-30 00:21 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-10-30 00:21 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-30 00:21 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-30 00:21 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-10-30 00:21 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-10-30 00:21 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-10-30 00:21 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-30 00:21 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 00:21 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2015-10-30 00:21 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-10-30 00:21 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2015-10-21 19:31 - 2015-10-23 00:54 - 00024648 _____ C:\Users\Chi Hao\Desktop\footy.xlsx
2015-10-21 18:05 - 2015-10-21 18:05 - 00000000 __SHD C:\ProgramData\icsxml
2015-10-21 18:05 - 2015-10-21 18:05 - 00000000 __SHD C:\ProgramData\DIBsection
2015-10-21 18:05 - 2015-10-21 18:05 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\Maverick Software
2015-10-21 18:04 - 2015-10-21 18:04 - 00000000 __SHD C:\Users\Chi Hao\AppData\Local\icsxml
2015-10-21 18:04 - 2015-10-21 18:04 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\Maverick Software
2015-10-21 18:04 - 2015-10-21 18:04 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\Maverick_Software
2015-10-21 18:03 - 2015-11-03 15:25 - 00003111 _____ C:\Users\Chi Hao\Desktop\SoccerStato.lnk
2015-10-21 18:03 - 2015-11-03 15:25 - 00003065 _____ C:\Users\Chi Hao\AppData\Roaming\Microsoft\Windows\Start Menu\SoccerStato.lnk
2015-10-21 18:03 - 2015-10-21 18:03 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoccerStato
2015-10-21 18:03 - 2015-10-21 18:03 - 00000000 ____D C:\ProgramData\Maverick Software
2015-10-21 18:03 - 2015-10-21 18:03 - 00000000 ____D C:\Program Files (x86)\Maverick Software
2015-10-21 16:13 - 2015-10-21 16:13 - 00000000 _____ C:\Users\Chi Hao\Sti_Trace.log
2015-10-21 16:11 - 2015-10-21 16:11 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-10-21 16:11 - 2015-10-21 16:11 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\Canon
2015-10-21 16:10 - 2015-10-21 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-10-21 16:10 - 2015-10-21 16:10 - 00000000 ____D C:\Program Files (x86)\Canon
2015-10-21 16:09 - 2015-10-21 16:09 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-10-21 16:09 - 2015-10-21 16:09 - 00000000 ___HD C:\Program Files\CanonBJ
2015-10-21 16:09 - 2015-10-21 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series
2015-10-21 16:09 - 2012-03-14 04:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMXLMAA.DLL
2015-10-21 00:47 - 2015-10-21 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-16 01:25 - 2015-10-21 16:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 03:11 - 2015-10-15 03:11 - 00079322 _____ C:\Users\Chi Hao\Desktop\Jane00_99.MassEffectSave
2015-10-14 14:56 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 14:56 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-10-14 14:56 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 14:56 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 14:56 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-14 14:56 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 14:56 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-14 14:56 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 14:56 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-14 14:56 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-14 14:56 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-10-14 14:56 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 14:56 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2015-10-14 14:56 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-14 14:56 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 14:56 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2015-10-14 14:56 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2015-10-14 14:56 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 14:56 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2015-10-14 14:56 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 14:56 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2015-10-14 14:56 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2015-10-14 14:56 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 14:56 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2015-10-14 14:56 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 14:56 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:56 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 14:56 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-10-14 14:56 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2015-10-14 14:56 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-10-14 14:56 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2015-10-14 14:56 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2015-10-14 14:56 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2015-10-14 14:56 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2015-10-14 14:56 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2015-10-14 14:56 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2015-10-14 14:56 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2015-10-14 14:56 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2015-10-14 14:56 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-14 14:56 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-10-14 14:56 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 14:56 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 14:56 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 14:56 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2015-10-14 14:56 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 14:56 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 14:56 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2015-10-14 14:56 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:56 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 14:56 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2015-10-14 14:56 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2015-10-14 14:56 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2015-10-14 14:56 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2015-10-14 14:56 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2015-10-14 14:56 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2015-10-14 14:56 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2015-10-14 14:56 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-14 14:56 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-10-13 01:33 - 2015-11-03 15:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-11 23:35 - 2015-10-11 23:35 - 00000000 ____D C:\Users\Chi Hao\Documents\BioWare
2015-10-11 23:34 - 2015-11-03 15:25 - 00001147 _____ C:\Users\Chi Hao\Desktop\MassEffect - Shortcut.lnk
2015-10-11 23:31 - 2015-10-11 23:31 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\PowerISO
2015-10-11 23:30 - 2015-10-11 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-10-11 23:30 - 2015-10-11 23:30 - 00000000 ____D C:\Program Files\PowerISO
2015-10-11 23:30 - 2015-06-08 03:59 - 00127760 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2015-10-11 23:27 - 2015-10-11 23:27 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-10-11 23:27 - 2015-10-11 23:27 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\Disc_Soft_Ltd
2015-10-11 23:26 - 2015-10-11 23:26 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-10-11 23:16 - 2015-10-11 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2015-10-11 23:12 - 2015-10-11 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-11 23:11 - 2015-10-11 23:11 - 00113953 _____ C:\Windows\DirectX.log
2015-10-11 23:11 - 2015-10-11 23:11 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-10-11 23:11 - 2006-09-28 15:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-10-11 23:11 - 2006-09-28 15:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-10-11 23:11 - 2006-09-28 15:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-10-11 23:11 - 2006-09-28 15:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-10-11 23:11 - 2006-09-28 15:04 - 00091928 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-10-11 23:11 - 2006-09-28 15:04 - 00068888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-10-11 23:11 - 2006-09-28 15:03 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-10-11 23:11 - 2006-09-28 15:03 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-10-11 23:11 - 2006-07-28 08:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-10-11 23:11 - 2006-07-28 08:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-10-11 23:11 - 2006-07-28 08:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-10-11 23:11 - 2006-07-28 08:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-10-11 23:11 - 2006-05-31 06:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-10-11 23:11 - 2006-05-31 06:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-10-11 23:11 - 2006-03-31 11:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-10-11 23:11 - 2006-03-31 11:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-10-11 23:11 - 2006-03-31 11:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-10-11 23:11 - 2006-03-31 11:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-10-11 23:11 - 2006-03-31 11:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-10-11 23:11 - 2006-03-31 11:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-10-11 23:11 - 2006-02-03 07:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-10-11 23:11 - 2006-02-03 07:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-10-11 23:11 - 2006-02-03 07:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-10-11 23:11 - 2006-02-03 07:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-10-11 23:11 - 2006-02-03 07:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-10-11 23:11 - 2006-02-03 07:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-10-11 23:11 - 2005-12-05 17:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-10-11 23:11 - 2005-12-05 17:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-10-11 23:11 - 2005-07-22 18:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-10-11 23:11 - 2005-07-22 18:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-10-11 23:11 - 2005-05-26 14:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-10-11 23:11 - 2005-05-26 14:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-10-11 23:11 - 2005-03-18 16:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-10-11 23:11 - 2005-03-18 16:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-10-11 23:11 - 2005-02-05 18:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-10-11 23:11 - 2005-02-05 18:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-10-11 23:10 - 2015-10-11 23:26 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\DAEMON Tools Lite
2015-10-11 23:09 - 2015-10-11 23:10 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-11 16:22 - 2015-10-11 16:24 - 308853852 _____ C:\Users\Chi Hao\Desktop\CDY.15.15.rmvb
2015-10-11 16:22 - 2015-10-11 16:24 - 305660896 _____ C:\Users\Chi Hao\Desktop\CDY.15.17.rmvb
2015-10-11 16:22 - 2015-10-11 16:24 - 295128636 _____ C:\Users\Chi Hao\Desktop\CDY.15.16.rmvb
2015-10-11 16:22 - 2015-10-11 16:23 - 305333218 _____ C:\Users\Chi Hao\Desktop\CDY.15.14.rmvb
2015-10-07 16:36 - 2015-10-07 16:37 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2015-10-07 16:32 - 2015-10-07 16:32 - 00000000 ____D C:\Program Files\Realtek
2015-10-07 16:32 - 2015-08-27 22:36 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 03233472 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 02988288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 01976560 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 01744600 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 01347808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00645464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00576280 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00533904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00410040 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00388840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00332088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00323240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00223496 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00216352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00211064 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00196712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00167728 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00112512 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-10-07 16:32 - 2015-08-27 22:36 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-10-07 16:32 - 2015-08-27 22:33 - 04589312 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-10-07 16:32 - 2015-08-27 22:33 - 02999024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-10-07 16:32 - 2015-08-27 22:33 - 02711296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-10-07 16:32 - 2015-08-27 22:33 - 02051704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-10-07 16:32 - 2015-08-27 22:33 - 01761024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-10-07 16:32 - 2015-08-27 22:33 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-10-07 16:32 - 2015-08-27 22:33 - 00041096 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2015-10-07 16:32 - 2015-08-27 22:33 - 00025224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-10-07 16:32 - 2015-08-27 19:20 - 03686140 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-10-07 16:31 - 2015-06-09 00:13 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-10-07 06:17 - 2015-10-16 04:10 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-07 06:17 - 2015-10-16 04:10 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-07 06:06 - 2013-02-08 10:04 - 00000000 _____ C:\RAMDiskImage.img
2015-10-05 22:45 - 2015-10-05 22:45 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNMIUAA.DLL
2015-10-05 22:45 - 2015-10-05 22:45 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-10-05 22:45 - 2012-03-14 04:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAA.DLL
2015-10-05 22:44 - 2015-10-05 22:44 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNC280O.dll
2015-10-05 22:44 - 2012-07-04 10:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNC280C.dll
2015-10-05 22:44 - 2012-07-04 10:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC280I.dll
2015-10-05 22:44 - 2012-07-04 10:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNC280U.dll
2015-10-05 22:44 - 2010-03-18 18:26 - 00348672 _____ (CANON INC.) C:\Windows\system32\CNC280L.dll
2015-10-05 22:44 - 2010-03-18 18:25 - 00307200 _____ (CANON INC.) C:\Windows\SysWOW64\CNC280L.dll
2015-10-05 22:44 - 2009-11-13 13:38 - 00012800 _____ C:\Windows\SysWOW64\CNC1746D.TBL
2015-10-05 22:44 - 2008-08-25 17:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-10-05 22:44 - 2008-08-25 17:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-03 15:46 - 2015-10-02 16:41 - 00000942 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-03 15:41 - 2015-09-25 05:08 - 00876942 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-03 15:35 - 2015-10-02 16:40 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-03 15:35 - 2015-09-30 13:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-03 15:35 - 2015-09-25 05:01 - 00034960 _____ C:\Windows\PFRO.log
2015-11-03 15:35 - 2015-07-10 13:22 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-11-03 15:35 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-03 15:35 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\sru
2015-11-03 15:35 - 2015-07-10 10:05 - 00131072 ___SH C:\Windows\system32\config\BBI
2015-11-03 15:30 - 2015-10-02 21:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-03 15:26 - 2015-07-10 14:12 - 00000000 ____D C:\Windows\OCR
2015-11-03 15:26 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-03 15:25 - 2015-10-02 17:54 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-03 15:25 - 2015-10-02 17:54 - 00002118 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-03 15:25 - 2015-10-02 17:43 - 00002634 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-03 15:25 - 2015-10-02 17:43 - 00001866 _____ C:\Users\Chi Hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-03 15:25 - 2015-10-02 17:43 - 00001860 _____ C:\Users\Chi Hao\Desktop\Spotify.lnk
2015-11-03 15:25 - 2015-10-02 16:42 - 00001283 _____ C:\Users\Chi Hao\Desktop\Dropbox.lnk
2015-11-03 15:25 - 2015-10-02 16:02 - 00000611 _____ C:\Users\Public\Desktop\Vuze.lnk
2015-11-03 15:25 - 2015-10-02 16:02 - 00000611 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2015-11-03 15:25 - 2015-10-02 15:59 - 00000000 ____D C:\Users\Chi Hao\AppData\Roaming\Azureus
2015-11-03 15:25 - 2015-10-02 15:58 - 00001161 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-03 15:25 - 2015-10-02 15:57 - 00000901 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-03 15:25 - 2015-10-02 15:05 - 00000754 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-11-03 15:25 - 2015-09-30 14:20 - 00002094 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2015-11-03 15:25 - 2015-09-30 13:17 - 00001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-03 15:25 - 2015-09-30 13:17 - 00001206 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-03 15:25 - 2015-09-30 00:18 - 00001964 _____ C:\Users\Chi Hao\Desktop\League of Legends.lnk
2015-11-03 15:25 - 2015-09-25 05:07 - 00002334 _____ C:\Users\Chi Hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-03 15:19 - 2015-10-02 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-03 15:19 - 2015-10-02 15:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-03 14:59 - 2015-09-25 05:06 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\VirtualStore
2015-11-02 18:56 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2015-11-02 01:08 - 2015-10-02 15:03 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\Battle.net
2015-11-01 17:47 - 2015-10-02 17:54 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 20:01 - 2009-12-01 09:01 - 00328926 _____ C:\Users\Chi Hao\Desktop\toto.xlsx
2015-10-30 13:35 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2015-10-30 00:38 - 2009-08-15 15:14 - 00000974 _____ C:\Users\Chi Hao\Desktop\Games to dl.txt
2015-10-27 22:09 - 2015-10-02 17:53 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-21 19:07 - 2015-09-25 05:06 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\Packages
2015-10-21 16:13 - 2015-09-25 05:06 - 00000000 ____D C:\Users\Chi Hao
2015-10-21 16:12 - 2015-09-30 13:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-21 00:47 - 2015-10-02 16:40 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-17 14:33 - 2015-10-02 03:46 - 00000000 ____D C:\Windows\system32\MRT
2015-10-17 14:32 - 2015-10-02 03:46 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 22:37 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\NDF
2015-10-14 14:30 - 2015-10-02 21:30 - 00003816 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-11 20:14 - 2015-10-02 16:40 - 00000000 ____D C:\Users\Chi Hao\AppData\Local\Dropbox
2015-10-07 16:32 - 2015-09-30 13:57 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-10-07 16:32 - 2015-09-30 13:14 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-10-07 16:32 - 2015-09-30 13:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-07 16:32 - 2015-07-10 13:20 - 00010170 _____ C:\Windows\setupact.log
2015-10-07 06:16 - 2015-07-10 13:20 - 00340032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-07 06:13 - 2015-07-10 14:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ___SD C:\Windows\system32\F12
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\oobe
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\Provisioning
2015-10-07 06:13 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\L2Schemas
2015-10-07 06:13 - 2015-07-10 10:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-07 06:13 - 2015-07-10 10:05 - 00000000 ____D C:\Windows\system32\Dism
2015-10-07 06:07 - 2015-09-30 14:20 - 00000000 ____D C:\MSI
2015-10-07 06:06 - 2015-09-30 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-10-07 06:06 - 2015-09-30 14:20 - 00000000 ____D C:\Program Files (x86)\MSI
2015-10-05 22:45 - 2015-07-10 12:04 - 00000000 __RSD C:\Windows\Media
2015-10-05 22:38 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-10-05 09:50 - 2015-10-02 15:58 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-05 09:50 - 2015-10-02 15:58 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2015-10-02 15:58 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Chi Hao\AppData\Roaming\RKDtiZu7NRNNRUJdmvAt3i
2015-09-30 13:06 - 2015-09-30 13:06 - 0000000 _____ () C:\Users\Chi Hao\AppData\Local\Driver_LOM_8161Present.flag
2015-11-03 15:16 - 2015-11-03 15:16 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Chi Hao\AppData\Local\Temp\7za.exe
C:\Users\Chi Hao\AppData\Local\Temp\Command Center.exe
C:\Users\Chi Hao\AppData\Local\Temp\DefaultPack.EXE
C:\Users\Chi Hao\AppData\Local\Temp\DivXI.exe
C:\Users\Chi Hao\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpddevtv.dll
C:\Users\Chi Hao\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgziahi.dll
C:\Users\Chi Hao\AppData\Local\Temp\dxdiag.exe
C:\Users\Chi Hao\AppData\Local\Temp\Fix.exe
C:\Users\Chi Hao\AppData\Local\Temp\i4jdel0.exe
C:\Users\Chi Hao\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Chi Hao\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Chi Hao\AppData\Local\Temp\nvStInst.exe
C:\Users\Chi Hao\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Chi Hao\AppData\Local\Temp\sfextra.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-26 00:54

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Chi Hao (2015-11-03 15:52:13)
Running from C:\Users\Chi Hao\Desktop
Windows 10 Pro (X64) (2015-09-25 04:05:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-72143614-443022322-935499458-500 - Administrator - Disabled)
Chi Hao (S-1-5-21-72143614-443022322-935499458-1001 - Administrator - Enabled) => C:\Users\Chi Hao
DefaultAccount (S-1-5-21-72143614-443022322-935499458-503 - Limited - Disabled)
Guest (S-1-5-21-72143614-443022322-935499458-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Auto Clicker v1.9 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.9 - MurGee.com)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.2.5695 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Killer Bandwidth Control Filter Driver (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.54.1095 - Rivet Networks)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 nl)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.02 - MSI)
MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.35 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.20 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.008 - MSI)
MSI Smart Utilities (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.11 - MSI)
MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{482c7431-75e2-4124-a453-6a294cd2c6a4}) (Version: 6.0.2.101 - Intel Corporation)
MSI® Intel® Extreme Tuning Utility (x32 Version: 6.0.2.101 - Intel Corporation) Hidden
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.98 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - ) <==== ATTENTION
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SoccerStato (HKLM-x32\...\{299646F1-4EEF-4ACE-89D5-CDBB00BE61CA}) (Version: 2.0.0 - Maverick Software)
Spotify (HKU\S-1-5-21-72143614-443022322-935499458-1001\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Trine Enchanted Edition (HKLM-x32\...\Trine Enchanted Edition_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

07-10-2015 16:32:21 Installed Realtek High Definition Audio Driver
11-10-2015 23:11:00 Installed DirectX
16-10-2015 13:50:05 Windows Update
20-10-2015 19:28:51 Windows Update
30-10-2015 13:34:52 Windows Update
03-11-2015 15:18:03 Removed Microsoft Silverlight

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FFD333-6630-4032-8F42-49FAE2FC189A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {3298C996-D24F-4C63-961E-27FA6C167447} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-06] (Intel Corporation)
Task: {43238097-1946-44F3-91F8-83220DA9ADF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {4F2E616B-37B7-44C5-8DCA-69347E5F1663} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {65667FD9-894D-451C-92A5-357B065BAF87} - \bvxvgxvyy -> No File <==== ATTENTION
Task: {70050E35-68A6-4C4B-97D7-F2EE703C96F4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-17] (Microsoft Corporation)
Task: {76589784-22E2-4CD3-9341-41017B332021} - System32\Tasks\YHYOYECBLBONYJAV => C:\ProgramData\Service3232\Service3232.exe <==== ATTENTION
Task: {7E9649A0-59B1-476B-B159-FC1D2FB8FA77} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {9E059627-64C5-4DD3-88B7-C420D6097571} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {BBA541A2-3E1F-410D-8531-87A9DE056E09} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {BC0E9A89-6809-481F-8789-FDE958B84DB3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-27] (Microsoft Corporation)
Task: {CC0CADD8-7718-4251-996E-3887EBCA1D97} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D46344DA-5537-41CA-B4AF-72A32888B63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {E394CE5D-C159-4B03-8769-565405A5451B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {E5E83D86-ECBE-4BF6-8927-9D0C4328E075} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-08-05] ()
Task: {EE701502-25BF-4E01-B58B-FA9AEAFB7429} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {F81C4E58-F039-4377-9E7C-EB0682469E20} - System32\Tasks\RKDtiZu7NRNNRUJdmvAt3i => C:\Users\Chi Hao\AppData\Roaming\RKDtiZu7NRNNRUJdmvAt3i.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\RKDtiZu7NRNNRUJdmvAt3i.job => C:\Users\Chi Hao\AppData\Roaming\RKDtiZu7NRNNRUJdmvAt3i.exe <==== ATTENTION
Task: C:\Windows\Tasks\YHYOYECBLBONYJAV.job => C:\ProgramData\Service3232\Service3232.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-10-02 03:44 - 2015-07-15 03:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-09-30 13:09 - 2015-09-13 23:04 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-02 03:45 - 2015-08-11 10:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-10-02 17:53 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-02 03:45 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-10-02 03:45 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-10-27 22:09 - 2015-09-01 17:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-02 03:45 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-02 03:45 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 03:44 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 03:45 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 03:45 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 14:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-09-30 14:20 - 2005-07-18 21:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2015-09-30 14:14 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-27 22:09 - 2015-09-01 13:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-72143614-443022322-935499458-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "chromebrowser"
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-72143614-443022322-935499458-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A805EBD2-8A2B-40C6-9E81-D20786600BD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{973359DB-F86B-412E-BD19-BDC9E9B3B924}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7EF98BE-2478-4C14-9587-CA43FF8734D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C1981970-2B63-4203-9B56-51B5FFF53EEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{99500F4B-568B-41ED-BA61-A0E1CBBE742F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AEB199D0-0212-4905-B2E5-32133BE0A5D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EB26E9C5-A5A9-42B9-9C78-B45E6D856285}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D63E1FD1-73D6-48D1-97A7-AD91798509CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{452B7702-23FB-432A-B9AD-C56DAB43F682}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C94FFD83-31AA-405A-A541-FEBC336A22A1}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{D18B2221-73F0-4E8E-A801-D63D7187F4E6}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [TCP Query User{811F2AF7-770F-469F-98E2-60E4D81EDBEE}E:\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9D03C1AD-4561-41C5-A4FF-612239DC0726}E:\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone.exe
FirewallRules: [{87CBD2FB-6BF6-4324-B662-C43F76E25F0E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{DF01891F-06D9-4521-BA86-F6FF1FC262E0}C:\users\chi hao\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chi hao\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{55A81C47-497E-4215-8DA4-4C4234EA1A5C}C:\users\chi hao\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chi hao\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8CFB84A8-DFF7-4BE6-B677-2098657A664D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{064F3FEC-F894-4777-AEB8-31B2244DC27B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{5F1F24AB-567D-444A-8D5F-1E3A87906BDC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{1A74C07F-B7CD-4662-AFE0-FFEC32E59237}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1087C3A6-2C55-4AEA-8BCF-D48401D64A8C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0D5D85BB-4DB7-496F-9E13-31D8E9C4B7AD}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{D9B6D4AE-7A4E-47F1-B8C3-808F4B2134EA}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{E954FA68-2353-49A5-AEEB-C38880F5E0D2}] => (Allow) E:\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{93AA9517-BB7E-44D2-8E37-610DA08BD765}] => (Allow) E:\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{8D255255-5B75-44E5-B9EE-E852452D1C90}] => (Allow) E:\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{A1D35C45-12F4-4558-A351-532AFB2C4B2E}] => (Allow) E:\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{AB2D44D7-D331-4877-BA05-52AF6A0AC004}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{D78439A4-3404-40DB-9587-0244CBF2F67E}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DF44C2BA-3296-420E-BFDB-A82B67C607AF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{F587006A-78C2-4379-863B-4CB88CC537D0}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{28EEFF20-B345-4E13-8E13-220A83811E80}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{0BE377D7-1147-454E-9F6F-F077402CE35A}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{A38000D3-D3A5-4E77-A180-719AAFAE9C9F}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/03/2015 03:43:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 03:43:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 03:42:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 03:28:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program irsetup.exe version 9.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 12e0

Start Time: 01d11643c62e5bdb

Termination Time: 4294967295

Application Path: C:\Users\CHIHAO~1\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe

Report Id: 1dae0f13-8237-11e5-9bcd-d8cb8a773444

Faulting package full name:

Faulting package-relative application ID:

Error: (11/03/2015 03:25:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-M2MK112)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/03/2015 03:18:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (11/03/2015 03:17:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program irsetup.exe version 9.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1f44

Start Time: 01d11641afbbe10c

Termination Time: 4294967295

Application Path: C:\Users\CHIHAO~1\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe

Report Id: 96363f6e-8235-11e5-9bcc-d8cb8a773444

Faulting package full name:

Faulting package-relative application ID:

Error: (11/03/2015 03:17:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program InstallManager.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1ff4

Start Time: 01d1164246d56710

Termination Time: 4294967295

Application Path: C:\Users\CHIHAO~1\AppData\Local\Temp\is-9RMVS.tmp\InstallManager.exe

Report Id: 93a29859-8235-11e5-9bcc-d8cb8a773444

Faulting package full name:

Faulting package-relative application ID:

Error: (11/03/2015 03:14:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wmplayer.exe version 12.0.10240.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 201c

Start Time: 01d11641a3ac95f5

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Report Id: 2cefc55c-8235-11e5-9bcc-d8cb8a773444

Faulting package full name:

Faulting package-relative application ID:

Error: (11/03/2015 03:14:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program DivXI.exe version 2.7.0.93 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1b80

Start Time: 01d11641af95f22b

Termination Time: 4294967295

Application Path: C:\Users\CHIHAO~1\AppData\Local\Temp\DivXI.exe

Report Id: 28598bb0-8235-11e5-9bcc-d8cb8a773444

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (11/03/2015 03:51:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/03/2015 03:51:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (11/03/2015 03:43:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (11/03/2015 03:43:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHIHAO~1\AppData\Local\Temp\ehdrv.sys

Error: (11/03/2015 03:43:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (11/03/2015 03:43:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHIHAO~1\AppData\Local\Temp\ehdrv.sys

Error: (11/03/2015 03:43:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (11/03/2015 03:43:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHIHAO~1\AppData\Local\Temp\ehdrv.sys

Error: (11/03/2015 03:43:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (11/03/2015 03:43:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHIHAO~1\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2015-11-03 15:12:17.007
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-03 15:12:16.999
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-03 15:12:16.973
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-03 15:12:16.962
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-03 15:12:16.954
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 13%
Total physical RAM: 16332.61 MB
Available physical RAM: 14110.57 MB
Total Virtual: 18764.61 MB
Available Virtual: 16420.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:189.61 GB) NTFS
Drive d: (Western Digital Red) (Fixed) (Total:2794.39 GB) (Free:1592.89 GB) NTFS
Drive e: (Western Digital Black) (Fixed) (Total:1862.89 GB) (Free:1821.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:04:30 PM

Posted 04 November 2015 - 05:54 PM

hi,

 

If you still need help you can do this:

 

We will use FRST to remove some items.

Please copy/paste whats below into notepad. Save it as: fixlist.txt in the same location you have FRST.

Start FRST like before except this time click on the fix button once.

Machine may reboot to finish. When done you will find a fixlog.txt in the same locatio your have FRST. Please post the fixlog.txt in your reply.

 

 

HKLM-x32\...\Run: [chromebrowser] => "C:\Windows\chromebrowser.exe"
C:\Windows\chromebrowser.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => No File
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => No File
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Chi Hao\AppData\Roaming\RKDtiZu7NRNNRUJdmvAt3i
2015-09-30 13:06 - 2015-09-30 13:06 - 0000000 _____ () C:\Users\Chi Hao\AppData\Local\Driver_LOM_8161Present.flag
2015-11-03 15:16 - 2015-11-03 15:16 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Task: {76589784-22E2-4CD3-9341-41017B332021} - System32\Tasks\YHYOYECBLBONYJAV => C:\ProgramData\Service3232\Service3232.exe <==== ATTENTION
C:\ProgramData\Service3232\Service3232.exe
2015-11-03 15:16 - 2015-11-03 15:16 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-03 15:15 - 2015-11-03 15:35 - 00000378 ____H C:\Windows\Tasks\YHYOYECBLBONYJAV.job
2015-11-03 15:15 - 2015-11-03 15:15 - 00003458 _____ C:\Windows\System32\Tasks\YHYOYECBLBONYJAV
2015-11-03 15:15 - 2015-11-03 15:15 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2015-11-03 15:14 - 2015-11-03 15:35 - 00001056 _____ C:\Windows\Tasks\RKDtiZu7NRNNRUJdmvAt3i.job
Task: {65667FD9-894D-451C-92A5-357B065BAF87} - \bvxvgxvyy -> No File <==== ATTENTION
Task: {F81C4E58-F039-4377-9E7C-EB0682469E20} - System32\Tasks\RKDtiZu7NRNNRUJdmvAt3i => C:\Users\Chi Hao\AppData\Roaming\RKDtiZu7NRNNRUJdmvAt3i.exe <==== ATTENTION
EmptyTemp:
 


How Can I Reduce My Risk to Malware?


#3 Chi Hao

Chi Hao
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 05 November 2015 - 07:29 AM

Hey there,

 

Your fellow colleague Olgun52 is already helping me at this thread:

 

http://www.bleepingcomputer.com/forums/t/595228/chromebrowserexe/#entry3856352

 

I accidently created the same thread twice. This one can be closed/removed



#4 Platypus

Platypus

  • Global Moderator
  • 15,232 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:08:30 AM

Posted 05 November 2015 - 08:04 AM

Duplicate topic already in progress, not previously observed or reported:

 

http://www.bleepingcomputer.com/forums/t/595228/chromebrowserexe/

 

Thanks and apologies to shelf life.


Top 5 things that never get done:

1.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users