Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

searchinterneat-a.akamaihd.net driving me nuts!


  • This topic is locked This topic is locked
35 replies to this topic

#1 AxelSt

AxelSt

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 05:05 PM

I can not seem to get rid of searchinterneat-a.akamaihd.net. I have tried a combination of ADWCleaner, JRT, Malwarebytes and Hitman Pro. Tried to reset chrome several times. Removed every piece of software that was even remtely suspicious and still no joy. Interestingly, it did not affect Edge - just Chrome. Any help will be greatly appreciated!



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 28 November 2015 - 07:29 PM

Hello AxelSt and Welcome to the BleepingComputer. :welcome: 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • Ensure your external and/or USB drives are inserted during always the scan.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
 

Step 1:
 Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete or Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 2:
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3:

Please download ZHPcleaner to your desktop.

  • Double click on ZHPCleaner to run the tool.
  • If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click ZHPCleaner and select "Run as Administrator".
  • Please klick Ashampoo_Snap_20140819_13h09m50s_001__zp
  • Then press ''Repair'' button.
  • Browsers will automatically shut down.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.

Step 4:

  • Temporarily disable your Antivirus protection - if you don't know how to do that, please consult the article below.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

  • Please download ZOEK and save it to your desktop (preferred version is the *.exe one - upper left corner).

http://hijackthis.nl/smeenk/

  • Attached to this message you will find a file called zoekscript

txt.gif  zoekscript.txt   188bytes   15 downloads

  • Download it too and save to your desktop - _it needs to be in the same location as the ZOEK tool
  • Drag zoekscript file and drop it onto ZOEK icon - this should launch the program:
  • The scan may take a while and may need a reboot.
  • Upon completion a file zoek-results should appear.
  • Attach it for my review.

Step 5:

  • Download Emsisoft Emergency Kit and save it to your desktop.
  • Double click on the EmsisoftEmergencyKit.exe icon, click Run then Extract
  • Double click the Start Emsisoft Emergency Kit icon that will appear after extraction
  • Click Yes to update the program
  • Once the update is completed click the Back button
  • Click on 2. Scan (not Quick Scan or Smart Scan)
  • Click Yes to detect Potentially Unwanted Programs (PUPs)
  • Patiently wait for the thorough scan to complete, this can be a lengthy process
  • Once completed click Quarantine selected objects (if computer is clean you will not have this option) then click OK
  • Click View Report
  • Attach the report to your reply
  • Close the program then click Close

Step 6:

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

=========================================================================

How is the machine running now and any issues ? Please let me know.

 

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 08:00 PM

Thank you Yilmaz,

 

Don't worry about English not being your first language, it's mine neither. I will start downloading the programs you suggested and will follow your instructions to the letter. 

 

Starting the process right now and will be posting the logfiles as they become available. Since I have to work tonight it may take me a little longer to get them all done. Please bear with me!

 

Thanks,

 

 

Axel



#4 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 09:11 PM

# AdwCleaner v5.022 - Logfile created 28/11/2015 at 20:04:15
# Updated 22/11/2015 by Xplode
# Database : 2015-11-22.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : axwhipmaker - AXEL
# Running from : C:\Users\axwhipmaker\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
 
***** [ Web browsers ] *****
 
[-] [C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : amfclgbdpgndipgoegfpkkgobahigbcl
[-] [C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mcbkbpnkkkipelfledbfocopglifcfmi
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1551 bytes] ##########
 
 
 
 
Ps: Do I need to keep Chrome closed? 


#5 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 09:50 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Home x64 
Ran by axwhipmaker (Administrator) on Sat 11/28/2015 at 20:23:08.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 2 
 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\axwhipmaker\AppData\Roaming\productdata (Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 11/28/2015 at 20:24:59.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 28 November 2015 - 09:56 PM

~ ZHPCleaner v2015.11.28.386 by Nicolas Coolman (2015/11/28)
~ Run by axwhipmaker (Administrator)  (28/11/2015 20:54:46)
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\axwhipmaker\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\axwhipmaker\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 10240)
 
 
---\\  Services (0)
~ No malicious or unnecessary items found.
 
 
---\\  Browser internet (0)
~ No malicious or unnecessary items found.
 
 
---\\  Hosts file (1)
~ The hosts file is legitimate (21)
 
 
---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
 
 
---\\  Explorer ( File, Folder) (31)
MOVED folder: C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}  =>PUP.Optional.Generic
MOVED folder: C:\WINDOWS\Installer\MSI129D.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI2CEF.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI31EC.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI3423.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI357C.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI3B44.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI4D6B.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI4E0A.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI508C.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI51D6.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI56D8.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI5DAF.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI6A86.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI6CF8.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI796E.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI7AA7.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI7BC1.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI88C0.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI8C50.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI8D99.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI8EE2.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI8FC6.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIB49.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIB8C6.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIBED2.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIC5C1.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIC8D7.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSID0E6.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIDB9A.tmp-  =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIDDBD.tmp-  =>Empty
 
 
---\\  Registry ( Key, Value, Data) (2)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\MS.WindowsAPICodePack.Internal.ExplorerBrowserViewEvents [MS.WindowsAPICodePack.Internal.ExplorerBrowserViewEvents]  =>PUP.Optional.CrossRider
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1217E02A2327A5E3FE85C76682748156 ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window]  =>PUP.Optional.CrossBrowse
 
 
---\\  Summary of the elements found (3)
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=180  =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.CrossBrowse
 
 
---\\  Other deletions. (0)
~ Registry Keys Tracing deleted (0)
~ Remove the old reports ZHPCleaner. (0)
 
 
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 272
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 33
 
 
~ End of clean in 0 minutes
===================
ZHPCleaner-[R]-28112015-20_54_50.txt
ZHPCleaner-[S]-28112015-20_53_53.txt


#7 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 12:13 AM

Quick uodate whie EmiSoft is working in the background!

 

After ZHP Chrome appeared to be clean. However, after the reboot  after the zoek scan the bug was right back! 

 

Zoek log attached:

 

 
Zoek.exe v5.0.0.1 Updated 28-November-2015
Tool run by axwhipmaker on Sat 11/28/2015 at 20:57:52.30.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\axwhipmaker\Desktop\zoek.exe
Script used: C:\Users\axwhipmaker\Desktop\zoekscript.txt
 
==== System Restore Info ======================
 
11/28/2015 8:58:18 PM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\nx\AppData\LocalLow deleted successfully
C:\Users\axwhipmaker\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-2685585085-2916440216-3482114021-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\oldsearch deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\oldsearch deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
HKEY_USERS\S-1-5-21-2685585085-2916440216-3482114021-1001\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
 
==== Deleting Services ======================
 
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~3\{F9CD6566-34FB-4F9F-9994-15FBD73F4A78} deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestart_chrome.exe deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
"C:\WINDOWS\Installer\8dca3f2.msi" deleted
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [11/26/2015 09:59 PM]
 
==== Chromium Look ======================
 
Google Chrome Version: 46.0.2490.86
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[11/26/2015 07:57 PM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/26/2015 07:57 PM]
 
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\AXWHIP~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[11/26/2015 02:46 PM]
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
 
Gojee Food - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb
JSTorrent - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\anhdpjpojoipgpmfanmedjghaligalgb
Earth View from Google Earth - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh
Facebook - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Netflix - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh
XTube Always Continue To Video - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\edalgmegkkjhgocfpllepngkjgofhkma
Pandora - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl
Plex - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm
AdBlock - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Music Player for Google Drive - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh
Crackle - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic
Torrent Stream - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\icocmgpofpimcojhefbcfbdldkmndpgj
Zillow - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh
Google Voice (by Google) - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo
Yahoo Services - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfaoegfbogloompbgpdaadkhgoemcikk
Google Drive App Launcher - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Amazon Windowshop - axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nielaigelomefgdoljcpfgbdbfefhdjc
Avast SafePrice - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Drive App Launcher - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Facebook - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Avast SafePrice - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Plex - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fpniocchabmgenibceglhnfeimmdhdfm
Avast Online Security - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki
Grammarly Spell Checker & Grammar Checker - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
Chrome Hotword Shared Module - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Drive App Launcher - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Facebook Notifications - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm
Gojee Food - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb
JSTorrent - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\anhdpjpojoipgpmfanmedjghaligalgb
Earth View from Google Earth - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bhloflhklmhfpedakmangadcdofhnnoh
Facebook - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Netflix - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\deceagebecbceejblnlcjooeohmmeldh
User-Agent Switcher for Chrome - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg
XTube Always Continue To Video - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\edalgmegkkjhgocfpllepngkjgofhkma
Avast SafePrice - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Pandora - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fbangkleohkafngihneedemihgfeikcl
Plex - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fpniocchabmgenibceglhnfeimmdhdfm
AdBlock - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki
Music Player for Google Drive - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh
Crackle - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ibfamoapbmmmlknoopmmfofgladlinic
Torrent Stream - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\icocmgpofpimcojhefbcfbdldkmndpgj
fbQuickLogin for multiple Facebook™ accounts - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ihpcdjelcodenkpfkbaficnkgkmljjbf
Zillow - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh
MapsGalaxy - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn
Google Voice (by Google) - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo
Yahoo Services - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lfaoegfbogloompbgpdaadkhgoemcikk
User-Agent Switcher - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf
Google Drive App Launcher - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Poppit - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
Amazon Windowshop - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nielaigelomefgdoljcpfgbdbfefhdjc
Tor - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ohielanlcdleofjibfmjbbkaajdcpoil
Homepage site - axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pcmekkdpkmhihlkdkedpipjakaicaice
 
==== Chromium Fix ======================
 
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Local Storage\https_searchmoreknow-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Local Storage\https_searchmoreknow-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKLM and HKCU SearchScopes ======================
 
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/711-154371-11896-2/4
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
HKLM\Wow6432Node\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/711-154371-11896-2/4
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
HKCU\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/711-154371-11896-2/4
 
==== Reset Google Chrome ======================
 
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Secure Preferences was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Web Data was reset successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Web Data-journal was reset successfully
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E85CE1EACA2B95944A2C3C28202A2593 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AE1EC58E-B2AC-4959-A4C2-C38202A25239} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E85CE1EACA2B95944A2C3C28202A2593 deleted successfully
 
==== Empty IE Cache ======================
 
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\axwhipmaker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\axwhipmaker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\axwhipmaker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\axwhipmaker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
No Flash Cache Found
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=44 folders=36 346922544 bytes)
 
==== Empty Temp Folders ======================
 
C:\WINDOWS\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\WINDOWS\Temp successfully emptied
C:\Users\AXWHIP~1\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== EOF on Sat 11/28/2015 at 22:51:17.97 ======================


#8 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 12:16 AM

No Emisoft Log!



#9 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 04:02 AM

Eset log:
 
C:\Program Files (x86)\NCH Software\Voxal\voxal.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\Voxal\voxalsetup_v1.23.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Users\axwhipmaker\AppData\Roaming\BitTorrent\updates\7.9.3_40299.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\axwhipmaker\Downloads\BitTorrent.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\axwhipmaker\Downloads\ccsetup512 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\axwhipmaker\Downloads\ccsetup512.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\axwhipmaker\Downloads\vxlsetupfree.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application


#10 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 04:07 AM

Well, unfortunately its still redirecting, The only respite I got was after I ran ZHP and even then it returned after the next reboot. I really hope this all makes sense to you!



#11 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 29 November 2015 - 11:22 AM

Don't worry about English not being your first language,it's mine neither.

Thank you,

Since I have to work tonight it may take me a little longer to get them all done. Please bear with me!

Okay. No problem.

Well, unfortunately its still redirecting

OK.

----------

Why not Emsisoft Log. ?

 

 Please do the following.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

:hello:
 
Sincerely

 

 

 

 

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#12 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 12:45 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-11-2015
Ran by axwhipmaker (2015-11-29 11:31:43)
Running from C:\Users\axwhipmaker\Downloads
Windows 10 Home (X64) (2015-08-02 15:14:20)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2685585085-2916440216-3482114021-500 - Administrator - Disabled)
axwhipmaker (S-1-5-21-2685585085-2916440216-3482114021-1001 - Administrator - Enabled) => C:\Users\axwhipmaker
DefaultAccount (S-1-5-21-2685585085-2916440216-3482114021-503 - Limited - Disabled)
Guest (S-1-5-21-2685585085-2916440216-3482114021-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2685585085-2916440216-3482114021-1005 - Limited - Enabled)
nx (S-1-5-21-2685585085-2916440216-3482114021-1006 - Administrator - Enabled) => C:\Users\nx
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Enabled - Up to date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
ALABAMA TOPO (HKLM-x32\...\altopo11) (Version:  - )
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.1.0 - Amazon Services LLC) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
BitTorrent (HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Copy (HKLM\...\{580C53DC-DBA8-457B-8766-34C60F754BBD}) (Version: 3.2.1.481 - Barracuda Networks, Inc.)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2321 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.2321 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 3.0 (HKLM-x32\...\Driver Booster_is1) (Version: 3.0 - IObit)
Dropbox (HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dukto R6 (HKLM-x32\...\{386C0311-B146-4CE0-89E5-8469A3583156}}_is1) (Version: R6 - Emanuele Colombo)
EasyGPS 5.48.0.0 (HKLM-x32\...\EasyGPS_is1) (Version: 5.48.0.0 - TopoGrafix)
Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Florida Topo Map (HKLM-x32\...\Florida Topo) (Version: 1.60 - GPSFileDepot.com)
Garmin BaseCamp (HKLM-x32\...\{36A0D446-B8E9-4753-BDFE-335F6F4DE59C}) (Version: 4.5.2 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin HomePort (HKLM-x32\...\{1149404E-7432-489F-914B-14DA997A108B}) (Version: 2.2.10.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoPro App (x32 Version: 5.6.509 - GoPro, Inc.) Hidden
GoPro Studio 2.5.6 (HKLM-x32\...\{8850d4d9-a0fc-453f-ba03-ec084375d0c2}) (Version: 2.5.6.509 - GoPro, Inc.)
GPSBabel 1.5.2 (HKLM-x32\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version:  - GPSBabel)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.251 - SurfRight B.V.)
HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.51 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{390AD982-A331-4D4F-AFD1-64005BC7C99D}) (Version: 7.3.35.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6482.0 - IDT)
Inst5675 (Version: 8.00.51 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.51 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3262 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.130 - IObit)
IPVanish (x32 Version: 2.0.5604.20704 - IPVanish.com) Hidden
IPVanish VPN (HKLM-x32\...\{a6b3b951-4bc3-45c5-a015-9567736951ed}) (Version: 2.0.5604.20704 - IPVanish.com)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
LOUISIANA TOPO  (HKLM-x32\...\latopo11) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mississippi Topo Maps (HKLM-x32\...\Mississippi Topo) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Trail Maps (HKLM-x32\...\My Trails) (Version:  - )
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
NewsLeecher version v7.0 Beta 7 (HKLM-x32\...\NewsLeecher_is1) (Version: v7.0 Beta 7 - )
NoMachine (HKLM-x32\...\NoMachine_is1) (Version: 5.0.47 - NoMachine S.a.r.l.)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
Plex Media Server (HKLM-x32\...\{10d692ef-81ce-40ac-b82b-058286c058a6}) (Version: 0.9.1204 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1204 - Plex, Inc.) Hidden
Potplayer (HKLM-x32\...\PotPlayer) (Version:  - Kakao Corp.)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7001 - CyberLink Corp.) Hidden
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
SE USA Topo Map (HKLM-x32\...\SEUSA) (Version:  - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
VantagePoint (HKLM-x32\...\InstallShield_{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}) (Version: 2.43.0000 - Magellan Navigation, Inc.)
VantagePoint (x32 Version: 2.43.0000 - Magellan Navigation, Inc.) Hidden
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.23 - NCH Software)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
26-11-2015 19:22:06 Restore Operation
28-11-2015 20:15:11 JRT Pre-Junkware Removal
28-11-2015 20:23:09 JRT Pre-Junkware Removal
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03228B92-5154-4BD6-BE52-99C16C853531} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {13EE6616-394B-412A-81C4-7E0721D98836} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1DBB1E10-4325-45A9-BDE3-1E77B2F033D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2B33D6B8-EF09-42C8-B7C6-C987A59C8CC9} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {2E7690A5-9E00-46C6-A580-565E1A925F9B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3D98576B-AF9C-4C0E-B174-724573AEDEE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {46CE8DDC-963B-4750-99D8-B17FEA70EC53} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {63D1F71B-EA60-4E7A-8D06-5F8D4868BD90} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {67231CC4-55B8-4422-AACF-CC9BE7F06B55} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {69874611-7DE3-4F85-8F12-698CC67D297D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {700992DB-A482-4EA0-99EC-3A30A84F4BFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-04] (HP Inc.)
Task: {73E95031-972C-4417-9DE6-F3812115B5B5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7A997781-D8B6-45E2-9FD9-5326A9AED6DA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2685585085-2916440216-3482114021-1001UA => C:\Users\axwhipmaker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
Task: {7D48150F-B15C-48B1-AC7B-60802841A5B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-04] (HP Inc.)
Task: {82B2C8FA-0F29-4CAF-B16F-DB0CB1B6978F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-26] (AVAST Software)
Task: {833F8FCB-70FD-4165-8908-0B9079CACD4C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {9ABAE0AD-629E-4035-8DD3-F99206AF3A7F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A383AA01-5B6C-4BE2-AD2F-62D5E237987B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A8514DF6-1737-4238-851B-F40302A5A465} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] ()
Task: {AE57FADE-F9DF-4308-B9FF-23E73084E6D6} - System32\Tasks\HPCeeScheduleForaxwhipmaker => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {B5747322-0F2C-4FA7-89BC-08E62E624A54} - System32\Tasks\ASC8_SkipUac_axwhipmaker => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-08-17] (IObit)
Task: {B57E186B-9107-4951-BD29-01EB9EC45940} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BCF686E7-446D-4849-8398-2BE8A4457AA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {BD9815D5-20F7-4410-8C72-3A838ECC6835} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-27] (Hewlett-Packard Company)
Task: {C7F2098E-B1BA-42D0-B43C-58FBF051A833} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-10-22] (Hewlett-Packard)
Task: {DF6A9E80-55D2-4A28-A089-9CA756DFFF4F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {E6E8A3A3-8C2B-4347-ACF1-E94B302CAC35} - \avastBCLRestart_chrome.exe -> No File <==== ATTENTION
Task: {FC8508D0-B854-4F7D-8792-42B480975B78} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-27] (Hewlett-Packard Company)
Task: {FD58BEFF-C51B-4936-8DF5-7FEDB1E90C77} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2685585085-2916440216-3482114021-1001Core => C:\Users\axwhipmaker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27] (Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_axwhipmaker.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2685585085-2916440216-3482114021-1001Core.job => C:\Users\axwhipmaker\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2685585085-2916440216-3482114021-1001UA.job => C:\Users\axwhipmaker\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForaxwhipmaker.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-11-01 14:55 - 2014-08-13 12:05 - 02203648 _____ () C:\WINDOWS\system32\nxlsa.DLL
2015-08-02 04:44 - 2015-08-02 04:44 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2013-09-05 05:22 - 2013-09-05 05:22 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-05 05:24 - 2013-09-05 05:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-05 05:24 - 2013-09-05 05:24 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-05 05:21 - 2013-09-05 05:21 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-05 05:21 - 2013-09-05 05:21 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-05 05:21 - 2013-09-05 05:21 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-05 05:36 - 2013-09-05 05:36 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-05 05:36 - 2013-09-05 05:36 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00842552 _____ () C:\Program Files (x86)\NoMachine\bin\libnxlp64.dll
2006-12-04 02:26 - 2006-12-04 02:26 - 00022016 _____ () C:\WINDOWS\System32\sugo3l6.dll
2015-08-18 23:31 - 2015-08-11 03:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-18 13:15 - 2012-09-11 22:14 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-11-01 14:55 - 2015-11-27 15:07 - 00066872 _____ () C:\Program Files (x86)\NoMachine\bin\libnxfs64.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00873784 _____ () C:\Program Files (x86)\NoMachine\bin\libnxusb64.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01368888 _____ () C:\Program Files (x86)\NoMachine\bin\libnxservice64.dll
2015-09-30 13:04 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 13:04 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-09-30 13:02 - 2015-09-16 23:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 13:04 - 2015-09-16 23:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 13:02 - 2015-09-16 23:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 13:02 - 2015-09-16 23:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 13:04 - 2015-09-16 23:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-09-05 05:31 - 2013-09-05 05:31 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-04-07 14:44 - 2015-04-07 14:44 - 02092544 _____ () C:\Users\axwhipmaker\AppData\Roaming\Copy\Gui.dll
2015-04-07 15:01 - 2015-04-07 15:01 - 08220192 _____ () C:\Users\axwhipmaker\AppData\Roaming\Copy\Brt.dll
2015-04-07 14:46 - 2015-04-07 14:46 - 09276416 _____ () C:\Users\axwhipmaker\AppData\Roaming\Copy\AgentSync.dll
2015-04-07 14:44 - 2015-04-07 14:44 - 05327872 _____ () C:\Users\axwhipmaker\AppData\Roaming\Copy\CloudSync.dll
2015-05-22 03:01 - 2015-04-15 17:50 - 03290672 _____ () C:\Program Files (x86)\NewsLeecher\NewsLeecher.exe
2015-11-26 12:22 - 2015-11-26 12:22 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-26 12:22 - 2015-11-26 12:22 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-28 14:20 - 2015-11-28 14:20 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\15112801\algo.dll
2015-11-26 12:22 - 2015-11-26 12:22 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-11-29 02:52 - 2015-11-29 02:52 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\15112900\algo.dll
2015-05-22 02:50 - 2015-11-05 11:09 - 00618784 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 01146168 _____ () C:\Program Files (x86)\NoMachine\bin\perl58.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00121144 _____ () C:\Program Files (x86)\NoMachine\bin\libgcc_s_sjlj-1.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00860984 _____ () C:\Program Files (x86)\NoMachine\bin\libstdc++-6.dll
2015-11-01 14:55 - 2015-11-27 15:09 - 00139064 _____ () C:\Program Files (x86)\NoMachine\lib\perl\POSIX.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00264075 _____ () C:\Program Files (x86)\NoMachine\lib\perl\libperl\auto\List\Util\Util.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00238505 _____ () C:\Program Files (x86)\NoMachine\lib\perl\libperl\auto\Fcntl\Fcntl.dll
2015-11-01 14:55 - 2015-11-27 15:09 - 00078648 _____ () C:\Program Files (x86)\NoMachine\lib\perl\Win32.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00051512 _____ () C:\Program Files (x86)\NoMachine\lib\perl\NXFunc.dll
2015-11-01 14:55 - 2015-11-27 15:09 - 00060728 _____ () C:\Program Files (x86)\NoMachine\lib\perl\Process.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00716128 _____ () C:\Program Files (x86)\NoMachine\bin\NXPL.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01570104 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdiag.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01067832 _____ () C:\Program Files (x86)\NoMachine\bin\libnxc.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01051448 _____ () C:\Program Files (x86)\NoMachine\bin\libnx.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01669432 _____ () C:\Program Files (x86)\NoMachine\bin\libcrypto.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00065848 _____ () C:\Program Files (x86)\NoMachine\bin\libnxau.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00313656 _____ () C:\Program Files (x86)\NoMachine\bin\libnxcau.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00160568 _____ () C:\Program Files (x86)\NoMachine\bin\libnxcex.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00683320 _____ () C:\Program Files (x86)\NoMachine\bin\libnxcim.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00133432 _____ () C:\Program Files (x86)\NoMachine\bin\libnxcl.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00261944 _____ () C:\Program Files (x86)\NoMachine\bin\libnxcsl.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00257336 _____ () C:\Program Files (x86)\NoMachine\bin\libnxd.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00133944 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdi.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00441656 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdiex.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01718072 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdifb.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00331576 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdift.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00318264 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdimi.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00531256 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdixl.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00061752 _____ () C:\Program Files (x86)\NoMachine\bin\libnxlo.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00336184 _____ () C:\Program Files (x86)\NoMachine\bin\libnxn.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00102200 _____ () C:\Program Files (x86)\NoMachine\bin\libnxm.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00332088 _____ () C:\Program Files (x86)\NoMachine\bin\libnxne.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00172856 _____ () C:\Program Files (x86)\NoMachine\bin\libnxup.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01984824 _____ () C:\Program Files (x86)\NoMachine\bin\libpixman.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00216376 _____ () C:\Program Files (x86)\NoMachine\bin\libssh.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00391992 _____ () C:\Program Files (x86)\NoMachine\bin\libssl.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00113976 _____ () C:\Program Files (x86)\NoMachine\bin\libz.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00362296 _____ () C:\Program Files (x86)\NoMachine\bin\libjpeg.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00191800 _____ () C:\Program Files (x86)\NoMachine\bin\libpng.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00054072 _____ () C:\Program Files (x86)\NoMachine\bin\libogg.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00664888 _____ () C:\Program Files (x86)\NoMachine\bin\libvp8.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00330040 _____ () C:\Program Files (x86)\NoMachine\bin\libopus.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00127288 _____ () C:\Program Files (x86)\NoMachine\bin\libspeex.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00096056 _____ () C:\Program Files (x86)\NoMachine\bin\libspeexdsp.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00188216 _____ () C:\Program Files (x86)\NoMachine\bin\libvorbis.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 01549112 _____ () C:\Program Files (x86)\NoMachine\bin\libvorbisenc.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00063800 _____ () C:\Program Files (x86)\NoMachine\bin\libvorbisfile.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00196920 _____ () C:\Program Files (x86)\NoMachine\bin\libnxs.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00197944 _____ () C:\Program Files (x86)\NoMachine\bin\libwebm.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00236344 _____ () C:\Program Files (x86)\NoMachine\bin\libyuv.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00309560 _____ () C:\Program Files (x86)\NoMachine\bin\libfontconfig.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00057144 _____ () C:\Program Files (x86)\NoMachine\bin\libfontenc.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00519480 _____ () C:\Program Files (x86)\NoMachine\bin\libfreetype.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00073528 _____ () C:\Program Files (x86)\NoMachine\bin\libmdnsd.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00191800 _____ () C:\Program Files (x86)\NoMachine\bin\libexpat.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00585016 _____ () C:\Program Files (x86)\NoMachine\bin\libnxcde.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00292498 _____ () C:\Program Files (x86)\NoMachine\lib\perl\libperl\auto\IO\IO.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00234484 _____ () C:\Program Files (x86)\NoMachine\lib\perl\libperl\auto\Cwd\Cwd.dll
2015-11-01 14:55 - 2015-11-27 15:08 - 00118072 _____ () C:\Program Files (x86)\NoMachine\lib\perl\File.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 00308024 _____ () C:\Program Files (x86)\NoMachine\bin\libnxdiwi.dll
2015-11-01 14:55 - 2015-11-27 15:07 - 07442744 _____ () C:\Program Files (x86)\NoMachine\bin\libqt.dll
2015-11-28 22:51 - 2015-11-28 22:51 - 00098816 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32api.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00110080 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\pywintypes27.dll
2015-11-28 22:51 - 2015-11-28 22:51 - 00364544 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\pythoncom27.dll
2015-11-28 22:51 - 2015-11-28 22:51 - 00046080 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_socket.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 01208320 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_ssl.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00320512 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32com.shell.shell.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00776704 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_hashlib.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 01176576 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._core_.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00806400 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._gdi_.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00816128 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._windows_.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 01067008 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._controls_.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00733184 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._misc_.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00682496 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\pysqlite2._sqlite.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00088064 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_ctypes.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00119808 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32file.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00108544 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32security.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00007168 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\hashobjs_ext.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00017920 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\thumbnails_ext.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00079360 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\usb_ext.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00167936 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32gui.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00018432 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32event.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00128512 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_elementtree.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00127488 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\pyexpat.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00013824 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\common.time34.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00036864 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_psutil_windows.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00038912 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32inet.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00525640 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\windows._lib_cacheinvalidation.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00011264 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32crypt.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00077312 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._html2.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00027136 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_multiprocessing.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00020480 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\_yappi.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00035840 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32process.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00686080 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\unicodedata.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00123392 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._wizard.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00024064 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32pipe.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00010240 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\select.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00025600 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32pdh.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00017408 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32profile.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00022528 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\win32ts.pyd
2015-11-28 22:51 - 2015-11-28 22:51 - 00078848 _____ () C:\Users\axwhipmaker\AppData\Local\Temp\_MEI66962\wx._animate.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00838792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00049800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00086664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 02092680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 01883272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00502920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00072840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00196232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2009-04-09 17:25 - 2009-04-09 17:25 - 00049664 _____ () C:\Program Files (x86)\Magellan\VantagePoint\VPLite\RAPIWrapper.dll
2015-09-03 17:22 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-05-22 03:52 - 2015-05-22 03:52 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00027784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00018568 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00034952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00836232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2015-06-11 01:11 - 2015-06-11 01:11 - 00192136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00054920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00017032 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00043656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00081544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00111240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2015-06-11 01:11 - 2015-06-11 01:11 - 00689800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2015-11-26 19:07 - 2015-11-05 11:09 - 00893248 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2015-05-23 00:53 - 2015-11-05 11:09 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2015-05-23 00:53 - 2015-11-05 11:09 - 00145184 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2015-11-26 19:07 - 2015-11-05 11:09 - 00618784 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2014-02-26 13:45 - 2013-08-12 03:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-11-10 20:10 - 2015-11-06 22:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-10 20:10 - 2015-11-06 22:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-05-22 03:02 - 2014-12-27 18:20 - 00080896 _____ () C:\Program Files (x86)\NewsLeecher\nlpar.dll
2015-05-22 03:02 - 2013-12-01 16:10 - 00109656 _____ () C:\Program Files (x86)\NewsLeecher\unrar.dll
2015-05-22 03:11 - 2011-12-02 03:30 - 00118784 _____ () C:\Program Files (x86)\Dukto\libgcc_s_dw2-1.dll
2015-05-22 03:11 - 2011-12-02 03:30 - 00979982 _____ () C:\Program Files (x86)\Dukto\libstdc++-6.dll
2015-05-22 03:11 - 2011-08-24 01:59 - 00047972 _____ () C:\Program Files (x86)\Dukto\mingwm10.dll
2015-11-10 20:10 - 2015-11-06 22:36 - 16496456 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\HP\HP_Svinoya_Norway_Sunset.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "GoPro Studio Importer"
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\StartupApproved\Run: => "Dropbox Update"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FB1C7DAA-3D5B-4FB2-B5D1-69553E747952}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{8E9EA7AD-0B7C-4DEB-ACA7-413C5AD97934}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{F4287B7B-35AC-4091-9A61-F483BA4F0E39}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{31C4E2E7-DA52-4E96-9C54-17DA5FB0CFFF}] => (Allow) LPort=1900
FirewallRules: [{36B87C42-D046-47B9-B3B2-CBC82372AA42}] => (Allow) LPort=2869
FirewallRules: [{19BCD9B7-A438-4A83-A6A5-13FBB532750A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{0414062B-4C11-4E3B-915B-BC83924F36DF}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{19510967-CC67-4C74-9DF9-1B9E060578DD}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{87072738-F066-477B-9B23-34A941AB0170}] => (Allow) C:\Users\axwhipmaker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1A5934D7-5F09-4EAD-BC94-D0D5BF6C431A}] => (Allow) C:\Users\axwhipmaker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{D356D190-777A-43CC-BAAA-3EB5194897C3}] => (Allow) C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{75E6DBA2-745F-479D-BAD0-AAC78205884D}] => (Allow) C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{19391A8A-61D9-4735-BD84-C12365ABF3AA}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe
FirewallRules: [TCP Query User{A9D78408-0B17-4E06-8085-B48EF2730DD2}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe
FirewallRules: [{AAB1D43D-1862-4721-B00D-A73C833DFF29}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{5A9D53C5-AB75-4834-B4C2-C722EEC9A38B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{16C34912-B0F1-4132-932F-F06B1168E73A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{536E7315-B6A3-4C1F-9699-25493EA24BAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{128F05EB-CFB0-469F-8E56-734F4AEA4676}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FBE0A4FC-5D1D-4E67-A9B6-AF9A37C2DDCA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E3AAC198-1D18-452F-9F8B-85FDDB4D80F0}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{1D54EA7B-FABE-4ED3-B5B3-27B497FC9AF7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{F5CEC1A5-2632-4FE8-91C3-4AD60B7F8BB1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{155CFEC5-9FBF-4935-BA29-FEA87CB5729D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{997E4D79-EFC8-4EBB-A519-4DCAF62062D5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{FFE63393-C577-4BB5-8219-ECB5DA4028E5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{ED0EDCEA-38A2-4586-9334-FDA960E66725}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{9B71DA8F-B3E9-4556-8B56-A6FBDF7770B5}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{04F8C46C-4EB8-445A-B0C6-D157E9E10E5D}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [{BF18E8D7-5BBC-4860-83E3-F6633D1497CE}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE
FirewallRules: [{57B4151D-766C-45CE-B309-C76D30E32632}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{69281246-B00B-4D66-9BD0-5189117259A3}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin
FirewallRules: [{66A5A31F-73FC-40E8-A832-6848559BD39A}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin
FirewallRules: [{31932B97-D468-417F-9DDA-6A9D4DF22457}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe
FirewallRules: [{CBA645F4-82F9-4DB7-90C5-190984B8775B}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe
FirewallRules: [{B12237FC-93DD-4134-A412-CA487A9D688B}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin
FirewallRules: [{FE46C760-40DD-4E63-B899-1894AABCE1C4}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin
FirewallRules: [{535232D7-7002-4401-AF1C-8DCC507FBB3A}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxnode.bin
FirewallRules: [{4206F31D-E47C-47D6-8D1D-72009FA6A7AC}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxnode.bin
FirewallRules: [{DE65AAE4-7476-469B-BB4F-1B30F55430B0}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
FirewallRules: [{A53E2649-E873-4ABC-9CD3-1EE7E6CD1446}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
FirewallRules: [{E29AA96C-0F88-40AA-95DB-E1E700AEBBA4}] => (Allow) C:\Users\axwhipmaker\AppData\Roaming\Copy\CopyAgent.exe
FirewallRules: [{BE0BB1E1-6DDE-4CC4-810C-EF52E738D406}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0AA63B84-7268-4DBD-94F3-95FD604DCEC9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/29/2015 11:20:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 11:05:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 10:50:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 10:50:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 10:35:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 10:20:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 10:05:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 09:50:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 09:50:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/29/2015 09:35:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Axel)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (11/28/2015 11:21:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (11/28/2015 11:21:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AXWHIP~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/28/2015 11:21:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (11/28/2015 11:21:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AXWHIP~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/28/2015 11:21:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (11/28/2015 11:21:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AXWHIP~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/28/2015 11:19:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (11/28/2015 11:19:26 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AXWHIP~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/28/2015 11:19:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (11/28/2015 11:19:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AXWHIP~1\AppData\Local\Temp\ehdrv.sys
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 47%
Total physical RAM: 8097.08 MB
Available physical RAM: 4287.65 MB
Total Virtual: 8497.08 MB
Available Virtual: 4142.2 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:920.02 GB) (Free:208.09 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery Image) (Fixed) (Total:9.57 GB) (Free:1.15 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:29.82 GB) (Free:29.65 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 51A059FC)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#13 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 12:47 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
Ran by axwhipmaker (administrator) on AXEL (29-11-2015 11:30:12)
Running from C:\Users\axwhipmaker\Downloads
Loaded Profiles: axwhipmaker (Available Profiles: axwhipmaker & nx)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxservice64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxnode.bin
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxserver.bin
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxd.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(BitTorrent Inc.) C:\Users\axwhipmaker\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(BitTorrent Inc.) C:\Users\axwhipmaker\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe
(BitTorrent Inc.) C:\Users\axwhipmaker\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Magellan Navigation, Inc.) C:\Program Files (x86)\Magellan\VantagePoint\VPLite\VantagePoint Lite.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Barracuda Networks, Inc.) C:\Users\axwhipmaker\AppData\Roaming\Copy\CopyAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Emsisoft Ltd) C:\EEK\bin\a2emergencykit.exe
() C:\Program Files (x86)\NewsLeecher\NewsLeecher.exe
(msec.it) C:\Program Files (x86)\Dukto\dukto.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [396688 2015-07-17] ()
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2793016 2013-09-05] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [154680 2013-09-05] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [154680 2013-09-05] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-06-03] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-26] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5232928 2015-11-05] (IObit)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [BitTorrent] => C:\Users\axwhipmaker\AppData\Roaming\BitTorrent\BitTorrent.exe [1977192 2015-10-06] (BitTorrent Inc.)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [Dropbox Update] => C:\Users\axwhipmaker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5973640 2015-06-11] (Plex, Inc.)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [VantagePointLite.exe] => C:\Program Files (x86)\Magellan\VantagePoint\VPLite\VantagePoint Lite.exe [171520 2013-09-27] (Magellan Navigation, Inc.)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [Copy] => C:\Users\axwhipmaker\AppData\Roaming\Copy\CopyAgent.exe [15414816 2015-04-07] (Barracuda Networks, Inc.)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\RunOnce: [Uninstall C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\RunOnce: [Uninstall C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\RunOnce: [Uninstall C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\...\RunOnce: [Uninstall C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\axwhipmaker\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-18\...\Run: [Copy] => C:\Users\axwhipmaker\AppData\Roaming\Copy\CopyAgent.exe [15414816 2015-04-07] (Barracuda Networks, Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
Lsa: [Authentication Packages] msv1_0 nxlsa
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-26] (AVAST Software)
ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\axwhipmaker\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-11-05] (Barracuda Networks, Inc.)
Startup: C:\Users\axwhipmaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\axwhipmaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{568ef866-226e-4676-aa0f-ea294bccdb08}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{b0841f67-2723-48b0-9681-7ca637635778}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d9954e44-c788-4036-bbd7-8056f1f86835}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPDSK14/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {B8AAD06C-DEF0-4B8F-867E-746D10A74A31} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2685585085-2916440216-3482114021-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-26] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-23] (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-26] (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-23] (Hewlett-Packard)
 
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-26]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-26]
 
Chrome: 
=======
CHR HomePage: Profile 4 -> hxxp://yahoo.com/
CHR Profile: C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-26]
CHR Extension: (Entanglement Web App) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-11-25]
CHR Extension: (Gojee Food) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb [2015-11-25]
CHR Extension: (JSTorrent) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\anhdpjpojoipgpmfanmedjghaligalgb [2015-11-26]
CHR Extension: (Google Docs) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-26]
CHR Extension: (Google Drive) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25]
CHR Extension: (Earth View from Google Earth) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2015-11-26]
CHR Extension: (YouTube) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-25]
CHR Extension: (Facebook) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-11-25]
CHR Extension: (Google Search) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-25]
CHR Extension: (Netflix) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-11-25]
CHR Extension: (XTube: Always Continue To Video) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\edalgmegkkjhgocfpllepngkjgofhkma [2015-11-26]
CHR Extension: (Gmail Offline) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-11-25]
CHR Extension: (Pandora) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2015-11-25]
CHR Extension: (Google Sheets) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-26]
CHR Extension: (Plex) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-11-26]
CHR Extension: (Chrome Remote Desktop) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-11-26]
CHR Extension: (Google Docs Offline) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-26]
CHR Extension: (AdBlock) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-26]
CHR Extension: (Avast Online Security) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-26]
CHR Extension: (Music Player for Google Drive) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2015-11-25]
CHR Extension: (Crackle) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-11-25]
CHR Extension: (Torrent Stream) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\icocmgpofpimcojhefbcfbdldkmndpgj [2015-11-26]
CHR Extension: (Zillow) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh [2015-11-25]
CHR Extension: (Google Voice (by Google)) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2015-11-26]
CHR Extension: (Yahoo! Services) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfaoegfbogloompbgpdaadkhgoemcikk [2015-11-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-26]
CHR Extension: (Google Maps) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-11-25]
CHR Extension: (Amazon Windowshop) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nielaigelomefgdoljcpfgbdbfefhdjc [2015-11-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-26]
CHR Extension: (Gmail) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-25]
CHR Extension: (free TV) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbkoopdnlapeadmdhlkbgafcbmjpimi [2015-11-25]
CHR Profile: C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-23]
CHR Extension: (Google Docs) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-23]
CHR Extension: (Google Drive) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-07]
CHR Extension: (YouTube) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-23]
CHR Extension: (Google Search) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-23]
CHR Extension: (Avast SafePrice) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-05-27]
CHR Extension: (Google Sheets) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-23]
CHR Extension: (Google Docs Offline) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-16]
CHR Extension: (Avast Online Security) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR Extension: (Gmail) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-23]
CHR Profile: C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-01]
CHR Extension: (Google Docs) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-01]
CHR Extension: (Google Drive) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-01]
CHR Extension: (YouTube) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-01]
CHR Extension: (Facebook) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-08-01]
CHR Extension: (Google Search) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-01]
CHR Extension: (Avast SafePrice) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-08-01]
CHR Extension: (Google Sheets) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-01]
CHR Extension: (Plex) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-08-01]
CHR Extension: (Avast Online Security) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-01]
CHR Extension: (Grammarly Spell Checker & Grammar Checker) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2015-08-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Gmail) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-01]
CHR Profile: C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Profile: C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-28]
CHR Extension: (Google Docs) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-28]
CHR Extension: (Google Drive) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-29]
CHR Extension: (YouTube) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-28]
CHR Extension: (Google Search) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28]
CHR Extension: (Avast SafePrice) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-28]
CHR Extension: (Google Sheets) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-28]
CHR Extension: (Avast Online Security) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-28]
CHR Extension: (Gmail) - C:\Users\axwhipmaker\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-28]
CHR HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\AXWHIP~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-11-26]
CHR HKU\S-1-5-21-2685585085-2916440216-3482114021-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-26]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-26] (AVAST Software)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-05] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-11-25] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [916256 2015-11-05] (IObit)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-12] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 nxservice; C:\Program Files (x86)\NoMachine\bin\nxservice64.exe [984888 2015-11-27] (NoMachine)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-05] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-09-11] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2013-06-03] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-26] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-26] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-05] (Qualcomm Atheros Communications, Inc.)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-11-29] (Emsisoft GmbH)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-29] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-12] (Intel Corporation)
S3 MUD; C:\Windows\system32\DRIVERS\MUD.sys [63232 2008-02-05] (Magellan)
R2 nxaudio; C:\Windows\system32\drivers\nxaudio.sys [17920 2014-04-22] (NoMachine)
R2 nxfs; C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [57008 2014-10-20] (NoMachine)
R2 nxusbf; C:\Windows\System32\drivers\nxusbf.sys [87216 2015-03-02] (NoMachine)
R3 nxusbh; C:\Windows\System32\drivers\nxusbh.sys [68096 2015-03-02] (NoMachine)
R3 nxusbs; C:\Windows\System32\drivers\nxusbs.sys [10240 2015-03-02] (NoMachine)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-09-03] (Realtek                                            )
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [452040 2015-11-05] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 voxaldriver; C:\Windows\system32\DRIVERS\voxaldriverx64.sys [34512 2015-06-21] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-29 11:30 - 2015-11-29 11:31 - 00039178 _____ C:\Users\axwhipmaker\Downloads\FRST.txt
2015-11-29 11:29 - 2015-11-29 11:30 - 00000000 ____D C:\FRST
2015-11-29 11:29 - 2015-11-29 11:29 - 02349056 _____ (Farbar) C:\Users\axwhipmaker\Downloads\FRST64.exe
2015-11-29 11:25 - 2015-11-29 11:25 - 00016148 _____ C:\WINDOWS\system32\AXEL_axwhipmaker_HistoryPrediction.bin
2015-11-29 03:00 - 2015-11-29 03:00 - 00001716 _____ C:\Users\axwhipmaker\Desktop\EsetScan.txt
2015-11-28 23:18 - 2015-11-28 23:18 - 02870984 _____ (ESET) C:\Users\axwhipmaker\Downloads\esetsmartinstaller_enu.exe
2015-11-28 23:18 - 2015-11-28 23:18 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-28 23:02 - 2015-11-28 23:02 - 00087180 _____ C:\Users\axwhipmaker\Downloads\The.Last.Kingdom.S01E08.HDTV.x264-KILLERS.nzb
2015-11-28 22:58 - 2015-11-28 22:59 - 00000000 ____D C:\EEK
2015-11-28 22:58 - 2015-11-28 22:58 - 00000791 _____ C:\Users\axwhipmaker\Desktop\Start Emsisoft Emergency Kit.lnk
2015-11-28 22:57 - 2015-11-28 22:57 - 170275104 _____ C:\Users\axwhipmaker\Downloads\EmsisoftEmergencyKit.exe
2015-11-28 21:09 - 2015-11-28 20:57 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-28 21:06 - 2015-11-28 22:51 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\ProductData
2015-11-28 21:06 - 2015-11-28 21:06 - 00000000 ____D C:\ProgramData\ProductData
2015-11-28 20:57 - 2015-11-28 21:08 - 00000000 ____D C:\zoek_backup
2015-11-28 20:57 - 2015-11-28 20:57 - 01309184 _____ C:\Users\axwhipmaker\Downloads\zoek.exe
2015-11-28 20:57 - 2015-11-28 20:57 - 01309184 _____ C:\Users\axwhipmaker\Desktop\zoek.exe
2015-11-28 20:57 - 2015-11-28 20:57 - 00000188 _____ C:\Users\axwhipmaker\Downloads\zoekscript.txt
2015-11-28 20:54 - 2015-11-28 20:54 - 00003854 _____ C:\Users\axwhipmaker\Desktop\ZHPCleaner.txt
2015-11-28 18:54 - 2015-11-28 20:54 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\ZHP
2015-11-28 18:54 - 2015-11-28 20:50 - 00000923 _____ C:\Users\axwhipmaker\Desktop\ZHPCleaner.lnk
2015-11-28 18:54 - 2015-11-28 18:54 - 01903104 _____ C:\Users\axwhipmaker\Downloads\ZHPCleaner.exe
2015-11-28 12:42 - 2015-11-28 12:42 - 00047846 _____ C:\Users\axwhipmaker\Downloads\Ash.vs.Evil.Dead.S01E05.HDTV.x264-KILLERS.nzb
2015-11-28 12:41 - 2015-11-28 12:41 - 00054488 _____ C:\Users\axwhipmaker\Downloads\Crossing.Lines.S03E11.HDTV.x264-SKGTV.nzb
2015-11-28 02:13 - 2015-11-28 02:13 - 00054367 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E07.HDTV.x264-KILLERS.nzb
2015-11-28 02:13 - 2015-11-28 02:13 - 00049455 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E01.REPACK.HDTV.x264-KILLERS.nzb
2015-11-28 02:12 - 2015-11-28 02:12 - 00056766 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E06.HDTV.x264-KILLERS.nzb
2015-11-27 22:31 - 2015-11-27 22:31 - 00045826 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E05.HDTV.x264-KILLERS.nzb
2015-11-27 22:30 - 2015-11-27 22:30 - 00058346 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E04.HDTV.x264-KILLERS.nzb
2015-11-27 20:14 - 2015-11-27 20:14 - 00057788 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E03.HDTV.x264-KILLERS.nzb
2015-11-27 20:12 - 2015-11-27 20:12 - 00054542 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E02.HDTV.x264-KILLERS.nzb
2015-11-27 20:11 - 2015-11-27 20:11 - 00050091 _____ C:\Users\axwhipmaker\Downloads\South.of.Hell.S01E01.HDTV.x264-KILLERS.nzb
2015-11-27 14:21 - 2015-11-27 14:21 - 00005245 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]the.last.kingdom.s01e06.web.dl.x264.fum.ettv.torrent
2015-11-27 14:21 - 2015-11-27 14:21 - 00005245 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]the.last.kingdom.s01e06.web.dl.x264.fum.ettv (1).torrent
2015-11-27 14:19 - 2015-11-27 14:20 - 00000000 ____D C:\Users\axwhipmaker\Desktop\The last kingdom
2015-11-27 14:19 - 2015-11-27 14:19 - 00071845 _____ C:\Users\axwhipmaker\Downloads\The.Last.Kingdom.S01E06.HDTV.x264-FLEET.nzb
2015-11-27 12:17 - 2015-11-27 12:17 - 00062237 _____ C:\Users\axwhipmaker\Downloads\The.Coroner.S01E10.HDTV.x264-TLA.nzb
2015-11-26 22:33 - 2015-11-26 22:33 - 00034095 _____ C:\Users\axwhipmaker\Downloads\Elementary.S04E04.HDTV.x264-LOL[eztv].mp4.torrent
2015-11-26 22:30 - 2015-11-26 22:30 - 00000000 ____D C:\$SysReset
2015-11-26 22:03 - 2015-11-28 22:51 - 00000000 ____D C:\Users\axwhipmaker\AppData\LocalLow\BitTorrent
2015-11-26 19:07 - 2015-11-26 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-11-26 19:07 - 2015-11-26 19:07 - 00001257 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-11-26 19:07 - 2015-11-05 11:09 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-11-26 19:02 - 2015-11-26 19:02 - 37592296 _____ (IObit ) C:\Users\axwhipmaker\Downloads\imfv4-setup-beta.exe
2015-11-26 14:29 - 2015-11-26 14:29 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\axwhipmaker\Downloads\SpyHunter-Installer (2).exe
2015-11-26 14:24 - 2015-11-26 14:24 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\axwhipmaker\Downloads\SpyHunter-Installer (1).exe
2015-11-26 14:22 - 2015-11-26 22:00 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2015-11-26 12:44 - 2015-11-26 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-26 12:44 - 2015-11-26 21:59 - 00000000 ____D C:\Program Files\CCleaner
2015-11-26 12:44 - 2015-11-26 12:44 - 06801752 _____ (Piriform Ltd) C:\Users\axwhipmaker\Downloads\ccsetup512.exe
2015-11-26 12:44 - 2015-11-26 12:44 - 06801752 _____ (Piriform Ltd) C:\Users\axwhipmaker\Downloads\ccsetup512 (1).exe
2015-11-26 12:44 - 2015-11-26 12:44 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-26 12:44 - 2015-11-26 12:44 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-26 12:32 - 2015-11-26 21:59 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-11-26 12:32 - 2015-11-26 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-11-26 12:32 - 2015-11-26 21:53 - 00000000 ____D C:\Users\axwhipmaker\AppData\Local\VS Revo Group
2015-11-26 12:32 - 2015-11-26 21:51 - 00000000 ____D C:\Program Files\VS Revo Group
2015-11-26 12:32 - 2015-11-26 12:32 - 00001129 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-11-26 12:32 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-11-26 12:30 - 2015-11-26 12:30 - 10691640 _____ (VS Revo Group ) C:\Users\axwhipmaker\Downloads\RevoUninProSetup.exe
2015-11-26 12:27 - 2015-11-26 12:22 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-11-26 12:25 - 2015-11-26 12:25 - 05082360 _____ (AVAST Software) C:\Users\axwhipmaker\Downloads\avast_free_antivirus_setup_online (1).exe
2015-11-26 12:22 - 2015-11-26 12:27 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2015-11-26 12:22 - 2015-11-26 12:22 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-11-26 12:21 - 2015-11-26 12:21 - 05082360 _____ (AVAST Software) C:\Users\axwhipmaker\Downloads\avast_free_antivirus_setup_online.exe
2015-11-26 03:05 - 2015-11-26 03:05 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\axwhipmaker\Downloads\SpyHunter-Installer.exe
2015-11-25 23:25 - 2015-11-25 23:25 - 00062497 _____ C:\Users\axwhipmaker\Downloads\The.Voice.S09E21.HDTV.x264-ALTEREGO.nzb
2015-11-25 23:23 - 2015-11-25 23:23 - 00063624 _____ C:\Users\axwhipmaker\Downloads\Rosewood.S01E09.HDTV.x264-KILLERS.nzb
2015-11-25 15:52 - 2015-11-25 15:52 - 00000908 _____ C:\WINDOWS\system32\.crusader
2015-11-25 15:36 - 2015-11-26 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-11-25 15:36 - 2015-11-26 21:59 - 00000000 ____D C:\Program Files\HitmanPro
2015-11-25 15:36 - 2015-11-25 15:36 - 00001973 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-11-25 15:31 - 2015-11-26 21:59 - 00000000 ____D C:\ProgramData\HitmanPro
2015-11-25 15:30 - 2015-11-25 15:31 - 11337112 _____ (SurfRight B.V.) C:\Users\axwhipmaker\Downloads\HitmanPro_x64.exe
2015-11-25 15:04 - 2015-11-28 20:24 - 00000703 _____ C:\Users\axwhipmaker\Desktop\JRT.txt
2015-11-25 14:59 - 2015-11-25 14:58 - 01599336 _____ (Malwarebytes) C:\Users\axwhipmaker\Desktop\JRT.exe
2015-11-25 14:11 - 2015-11-28 20:04 - 00000000 ____D C:\AdwCleaner
2015-11-25 14:10 - 2015-11-25 14:10 - 01733632 _____ C:\Users\axwhipmaker\Desktop\AdwCleaner.exe
2015-11-25 13:20 - 2015-11-29 11:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-25 13:20 - 2015-11-26 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-25 13:20 - 2015-11-26 21:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-25 13:20 - 2015-11-26 21:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-25 13:20 - 2015-11-25 13:20 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-25 13:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-25 13:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-25 13:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-25 12:56 - 2015-11-25 12:56 - 22908888 _____ (Malwarebytes ) C:\Users\axwhipmaker\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-24 23:26 - 2015-11-24 23:26 - 00047773 _____ C:\Users\axwhipmaker\Downloads\Scorpion.S02E10.HDTV.x264-LOL[eztv].mp4.torrent
2015-11-24 22:23 - 2015-11-24 22:23 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\CDisplayEx
2015-11-24 22:22 - 2015-11-24 22:22 - 07151352 _____ (Progdigy Software S.A.R.L. ) C:\Users\axwhipmaker\Downloads\CDisplayExWin64v1.10.29.exe

Edited by AxelSt, 29 November 2015 - 12:53 PM.


#14 AxelSt

AxelSt
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  

Posted 29 November 2015 - 12:48 PM

 
2015-11-11 21:37 - 2015-11-11 21:37 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 20:17 - 2015-11-11 20:17 - 00027689 _____ C:\Users\axwhipmaker\Downloads\iZombie.S02E06.720p.HDTV.X264-DIMENSION[eztv].mkv.torrent
2015-11-11 20:05 - 2015-11-11 20:05 - 00039510 _____ C:\Users\axwhipmaker\Downloads\Cyberchase.S10E01.HDTV.x264-REGRET.nzb
2015-11-11 20:04 - 2015-11-11 20:04 - 00108707 _____ C:\Users\axwhipmaker\Downloads\The.Voice.S09E16.HDTV.x264-ALTEREGO.nzb
2015-11-11 20:01 - 2015-11-11 20:01 - 00063964 _____ C:\Users\axwhipmaker\Downloads\Cuffs.S01E03.HDTV.x264-ORGANiC.nzb
2015-11-11 11:00 - 2015-11-04 23:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 11:00 - 2015-11-04 22:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 10:59 - 2015-11-04 23:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 10:59 - 2015-11-04 23:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 10:59 - 2015-11-04 23:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 10:59 - 2015-11-04 23:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 10:59 - 2015-11-04 22:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 10:59 - 2015-11-04 22:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 10:59 - 2015-11-04 22:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 10:59 - 2015-11-04 22:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 10:59 - 2015-11-04 22:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 10:59 - 2015-11-04 22:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 10:59 - 2015-11-04 21:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 10:59 - 2015-11-04 21:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 10:59 - 2015-11-04 21:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 10:59 - 2015-11-04 21:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 10:59 - 2015-11-04 21:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 10:59 - 2015-11-04 21:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 10:59 - 2015-11-04 21:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 10:59 - 2015-11-04 21:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-11 10:58 - 2015-11-04 23:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 10:58 - 2015-11-04 23:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 10:58 - 2015-11-04 23:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 10:58 - 2015-11-04 22:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 10:58 - 2015-11-04 22:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 10:58 - 2015-11-04 22:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 10:58 - 2015-11-04 22:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 10:58 - 2015-11-04 22:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 10:58 - 2015-11-04 22:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 10:58 - 2015-11-04 22:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 10:58 - 2015-11-04 22:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 10:58 - 2015-11-04 22:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 10:58 - 2015-11-04 22:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 10:58 - 2015-11-04 22:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 10:58 - 2015-11-04 22:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 10:58 - 2015-11-04 22:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 10:58 - 2015-11-04 22:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 10:58 - 2015-11-04 22:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 10:58 - 2015-11-04 22:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 10:58 - 2015-11-04 22:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 10:58 - 2015-11-04 22:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 10:58 - 2015-11-04 21:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 10:58 - 2015-11-04 21:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 10:58 - 2015-11-04 21:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 10:58 - 2015-11-04 21:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 10:58 - 2015-11-04 21:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 10:58 - 2015-11-04 21:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 10:58 - 2015-11-04 21:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 10:58 - 2015-11-04 21:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 10:58 - 2015-11-04 21:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 10:58 - 2015-11-04 21:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 10:58 - 2015-11-04 21:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 10:58 - 2015-11-04 21:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-10 23:05 - 2015-11-10 23:05 - 00076879 _____ C:\Users\axwhipmaker\Downloads\The.Bastard.Executioner.S01E09.HDTV.x264-FLEET.nzb
2015-11-10 23:03 - 2015-11-10 23:03 - 00046556 _____ C:\Users\axwhipmaker\Downloads\Wicked.City.S01E03.HDTV.x264-FLEET.nzb
2015-11-10 22:01 - 2015-11-10 22:01 - 00042633 _____ C:\Users\axwhipmaker\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S03E07.INTERNAL.HDTV.x264-KILLERS[eztv].mp4.torrent
2015-11-10 22:01 - 2015-11-10 22:01 - 00035958 _____ C:\Users\axwhipmaker\Downloads\iZombie.S02E06.HDTV.x264-LOL[eztv].mp4.torrent
2015-11-10 22:00 - 2015-11-10 22:00 - 00029827 _____ C:\Users\axwhipmaker\Downloads\NCIS.New.Orleans.S02E08.HDTV.x264-LOL[eztv].mp4.torrent
2015-11-10 19:32 - 2015-11-10 19:32 - 00031661 _____ C:\Users\axwhipmaker\Downloads\The Man from U.N.C.L.E. (2015) [720p] YIFY - YTS.AG.torrent
2015-11-10 19:31 - 2015-11-10 19:31 - 00036531 _____ C:\Users\axwhipmaker\Downloads\The.Muppets.S01E07.HDTV.x264-KILLERS.nzb
2015-11-10 19:30 - 2015-11-10 19:30 - 00040061 _____ C:\Users\axwhipmaker\Downloads\The.Muppets.S01E06.HDTV.x264-KILLERS.nzb
2015-11-10 19:29 - 2015-11-10 19:29 - 00040243 _____ C:\Users\axwhipmaker\Downloads\The.Muppets.S01E05.HDTV.x264-KILLERS.nzb
2015-11-10 19:28 - 2015-11-10 19:28 - 00048426 _____ C:\Users\axwhipmaker\Downloads\Lewis.S09E06.HDTV.x264-TLA.nzb
2015-11-10 15:48 - 2015-11-10 15:48 - 00053006 _____ C:\Users\axwhipmaker\Downloads\Murdoch.Mysteries.S09E05.HDTV.x264-KILLERS.nzb
2015-11-10 15:46 - 2015-11-10 15:46 - 00086105 _____ C:\Users\axwhipmaker\Downloads\London.Spy.S01E01.720p.HDTV.x265-HEVC.nzb
2015-11-10 15:43 - 2015-11-10 15:43 - 00020040 _____ C:\Users\axwhipmaker\Downloads\055E0D62A2196BA84449D72F33634FBF0C3E6040.torrent
2015-11-10 15:42 - 2015-11-10 15:42 - 00031568 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]before.we.go.2014.swesub.720p.web.dl.x264.sw3su8.mp4.torrent
2015-11-10 15:41 - 2015-11-10 15:41 - 15728640 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.DVDRiP.XviD-zkr.part01.rar
2015-11-10 15:41 - 2015-11-10 15:41 - 00257351 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.DVDRiP.XviD-zkr.nzb
2015-11-10 15:41 - 2015-11-10 15:41 - 00053528 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.DVDRiP.XviD-zkr.par2
2015-11-10 15:41 - 2015-11-10 15:41 - 00000328 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.DVDRiP.XviD-zkr.nfo
2015-11-10 15:40 - 2015-11-10 15:40 - 15728640 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.iNTERNAL.DVDRip.XviD-FcQ.part01.rar
2015-11-10 15:40 - 2015-11-10 15:40 - 00386397 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.LIMITED.BDRip.x264-DRONES.nzb
2015-11-10 15:40 - 2015-11-10 15:40 - 00294535 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.iNTERNAL.DVDRip.XviD-FcQ.nzb
2015-11-10 15:40 - 2015-11-10 15:40 - 00055856 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.iNTERNAL.DVDRip.XviD-FcQ.par2
2015-11-10 15:40 - 2015-11-10 15:40 - 00016232 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.LIMITED.BDRip.x264-DRONES.par2
2015-11-10 15:40 - 2015-11-10 15:40 - 00001068 _____ C:\Users\axwhipmaker\Downloads\Before.We.Go.2014.iNTERNAL.DVDRip.XviD-FcQ.nfo
2015-11-10 15:39 - 2015-11-10 15:39 - 00033622 _____ C:\Users\axwhipmaker\Downloads\Mr.Holmes.2015.BRRip.XviD-eXceSs.torrent
2015-11-10 15:37 - 2015-11-10 15:37 - 00008385 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]inside.out.2015.720p.brrip.x264.yify.torrent
2015-11-10 01:07 - 2015-11-10 01:07 - 00048119 _____ C:\Users\axwhipmaker\Downloads\Scorpion.S02E08.HDTV.x264-LOL[eztv].mp4.torrent
2015-11-10 01:06 - 2015-11-10 01:06 - 00055887 _____ C:\Users\axwhipmaker\Downloads\NCIS.Los.Angeles.S07E07.HDTV.x264-LOL[eztv].mp4.torrent
2015-11-09 22:26 - 2015-11-09 22:26 - 00066494 _____ C:\Users\axwhipmaker\Downloads\Fargo.S02E05.HDTV.x264-FLEET.nzb
2015-11-09 20:00 - 2015-11-09 20:00 - 00081539 _____ C:\Users\axwhipmaker\Downloads\Simply.Nigella.S01E02.720p.HDTV.x264-C4TV.nzb
2015-11-09 13:29 - 2015-11-09 13:29 - 00079996 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E08.HDTV.x264-KILLERS.nzb
2015-11-09 13:27 - 2015-11-09 13:27 - 00072795 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E03.HDTV.x264-KILLERS.nzb
2015-11-09 13:25 - 2015-11-09 13:25 - 00072457 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E01.HDTV.x264-KILLERS.nzb
2015-11-09 13:23 - 2015-11-09 13:23 - 00066463 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E02.HDTV.x264-KILLERS.nzb
2015-11-09 13:22 - 2015-11-09 13:22 - 00061491 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E06.HDTV.x264-KILLERS.nzb
2015-11-09 13:20 - 2015-11-09 13:20 - 00059771 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E04.HDTV.x264-KILLERS.nzb
2015-11-09 13:19 - 2015-11-09 13:19 - 00063102 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E05.HDTV.x264-KILLERS.nzb
2015-11-09 13:18 - 2015-11-09 13:18 - 00055643 _____ C:\Users\axwhipmaker\Downloads\Flesh.and.Bone.S01E07.HDTV.x264-KILLERS.nzb
2015-11-08 23:36 - 2015-11-08 23:36 - 00069344 _____ C:\Users\axwhipmaker\Downloads\Expedition.Unknown.S02E05.The.Real.Robin.Hood.HDTV.x264-W4F.nzb
2015-11-08 22:04 - 2015-11-08 22:04 - 00013388 _____ C:\Users\axwhipmaker\Downloads\the.last.man.on.earth.s02e06.720p.hdtv.x264-fleet.par2
2015-11-08 22:04 - 2015-11-08 22:04 - 00000696 _____ C:\Users\axwhipmaker\Downloads\the.last.man.on.earth.s02e06.720p.hdtv.x264-fleet.nfo
2015-11-08 21:15 - 2015-11-08 21:15 - 00079959 _____ C:\Users\axwhipmaker\Downloads\The.Last.Kingdom.S01E05.HDTV.x264-FLEET.nzb
2015-11-08 21:13 - 2015-11-08 21:13 - 00053527 _____ C:\Users\axwhipmaker\Downloads\Jekyll.And.Hyde.S01E03.The.Cutter.HDTV.x264-ORGANiC.nzb
2015-11-08 21:12 - 2015-11-08 21:12 - 00061327 _____ C:\Users\axwhipmaker\Downloads\Crossing.Lines.S03E08.HDTV.x264-SKGTV.nzb
2015-11-08 21:11 - 2015-11-08 21:11 - 00082984 _____ C:\Users\axwhipmaker\Downloads\Downton.Abbey.S06E08.HDTV.x264-ORGANiC.nzb
2015-11-08 21:09 - 2015-11-08 21:09 - 00064811 _____ C:\Users\axwhipmaker\Downloads\The.Librarians.US.S02E03.HDTV.x264-FLEET.nzb
2015-11-07 23:42 - 2015-11-07 23:42 - 00040009 _____ C:\Users\axwhipmaker\Downloads\Another.Period.S01E07.HDTV.x264-KILLERS.nzb
2015-11-07 23:42 - 2015-11-07 23:42 - 00035675 _____ C:\Users\axwhipmaker\Downloads\Another.Period.S01E08.HDTV.x264-KILLERS.nzb
2015-11-07 23:40 - 2015-11-07 23:40 - 00039566 _____ C:\Users\axwhipmaker\Downloads\Another.Period.S01E02.HDTV.x264-KILLERS.nzb
2015-11-07 23:39 - 2015-11-07 23:39 - 00038419 _____ C:\Users\axwhipmaker\Downloads\Another.Period.S01E05.HDTV.x264-BATV.nzb
2015-11-07 23:38 - 2015-11-07 23:38 - 00036931 _____ C:\Users\axwhipmaker\Downloads\Another.Period.S01E06.HDTV.x264-KILLERS.nzb
2015-11-07 23:38 - 2015-11-07 23:38 - 00033243 _____ C:\Users\axwhipmaker\Downloads\Another.Period.S01E01.HDTV.x264-BATV.nzb
2015-11-07 22:18 - 2015-11-07 22:18 - 00040136 _____ C:\Users\axwhipmaker\Downloads\Ash.vs.Evil.Dead.S01E02.HDTV.x264-KILLERS.nzb
2015-11-07 18:44 - 2015-11-07 18:44 - 00015413 _____ C:\Users\axwhipmaker\Downloads\17D93CB7C277A8AAE2C37042B58F4DE25686A887.torrent
2015-11-07 18:43 - 2015-11-07 18:43 - 00018738 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]clouds.of.sils.maria.2014.720p.bluray.900mb.shaanig.torrent
2015-11-07 18:41 - 2015-11-07 18:41 - 00009732 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]cinderella.2015.720p.brrip.x264.yify.torrent
2015-11-06 21:59 - 2015-11-06 21:59 - 00056452 _____ C:\Users\axwhipmaker\Downloads\Reign.S03E04.HDTV.x264-FLEET.nzb
2015-11-06 21:58 - 2015-11-06 21:58 - 24674508 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.vol15+16.par2
2015-11-06 21:58 - 2015-11-06 21:58 - 16974704 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.vol31+11.par2
2015-11-06 21:58 - 2015-11-06 21:58 - 12366500 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.vol07+08.par2
2015-11-06 21:58 - 2015-11-06 21:58 - 06202764 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.vol03+04.par2
2015-11-06 21:58 - 2015-11-06 21:58 - 03111164 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.vol01+02.par2
2015-11-06 21:58 - 2015-11-06 21:58 - 01555632 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.vol00+01.par2
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r39
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r38
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r37
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r36
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r35
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r34
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r33
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r32
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r31
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r30
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r29
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r28
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r27
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r26
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r25
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r24
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r23
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r22
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r21
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r20
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r19
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r18
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r17
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r16
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r15
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r14
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r13
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r12
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r11
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r10
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r09
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r08
2015-11-06 21:57 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r07
2015-11-06 21:57 - 2015-11-06 21:57 - 00012974 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.srr
2015-11-06 21:57 - 2015-11-06 21:57 - 00001932 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.sfv
2015-11-06 21:56 - 2015-11-06 21:57 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r06
2015-11-06 21:56 - 2015-11-06 21:56 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.rar
2015-11-06 21:56 - 2015-11-06 21:56 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r05
2015-11-06 21:56 - 2015-11-06 21:56 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r04
2015-11-06 21:56 - 2015-11-06 21:56 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r03
2015-11-06 21:56 - 2015-11-06 21:56 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r02
2015-11-06 21:56 - 2015-11-06 21:56 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r01
2015-11-06 21:56 - 2015-11-06 21:56 - 15000000 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r00
2015-11-06 21:56 - 2015-11-06 21:56 - 04474930 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.r40
2015-11-06 21:56 - 2015-11-06 21:56 - 00052450 _____ C:\Users\axwhipmaker\Downloads\Grimm.S05E02.HDTV.x264-KILLERS.nzb
2015-11-06 21:56 - 2015-11-06 21:56 - 00004433 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.nfo
2015-11-06 21:55 - 2015-11-06 21:55 - 00019564 _____ C:\Users\axwhipmaker\Downloads\hawaii.five-0.2010.607.hdtv-lol.par2
2015-11-06 20:12 - 2015-11-06 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPSBabel
2015-11-06 20:12 - 2015-11-06 20:12 - 00000000 ____D C:\Program Files (x86)\GPSBabel
2015-11-06 20:11 - 2015-11-06 20:12 - 29157794 _____ (GPSBabel ) C:\Users\axwhipmaker\Downloads\GPSBabel-1.5.2-Setup.exe
2015-11-06 17:16 - 2015-11-06 17:16 - 00047583 _____ C:\Users\axwhipmaker\Downloads\Simply.Nigella.S01E01.INTERNAL.HDTV.x264-DEADPOOL.nzb
2015-11-06 11:41 - 2015-11-06 11:41 - 00039634 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E06.HDTV.x264-ALTEREGO.nzb
2015-11-06 11:40 - 2015-11-06 11:40 - 00043037 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E07.HDTV.x264-TASTETV.nzb
2015-11-06 11:40 - 2015-11-06 11:40 - 00038805 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E07.PROPER.HDTV.x264-ALTEREGO.nzb
2015-11-06 11:39 - 2015-11-06 11:39 - 00040286 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E01.Genesis.PROPER.HDTV.x264-CBFM.nzb
2015-11-06 11:38 - 2015-11-06 11:38 - 00037044 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E03.HDTV.x264-KILLERS.nzb
2015-11-06 11:38 - 2015-11-06 11:38 - 00033274 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E01.HDTV.x264-FiHTV.nzb
2015-11-06 11:37 - 2015-11-06 11:37 - 00031564 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E09.HDTV.x264-TASTETV.nzb
2015-11-06 11:37 - 2015-11-06 11:37 - 00030379 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E02.HDTV.x264-2HD.nzb
2015-11-06 11:36 - 2015-11-06 11:36 - 00033958 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E05.HDTV.x264-ALTEREGO.nzb
2015-11-06 11:35 - 2015-11-06 11:35 - 00033167 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E04.HDTV.x264-ALTEREGO.nzb
2015-11-06 11:35 - 2015-11-06 11:35 - 00029355 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E10.HDTV.x264-ALTEREGO.nzb
2015-11-06 11:34 - 2015-11-06 11:34 - 00033466 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E08.PROPER.HDTV.x264-ALTEREGO.nzb
2015-11-06 11:34 - 2015-11-06 11:34 - 00029007 _____ C:\Users\axwhipmaker\Downloads\Impastor.S01E08.HDTV.x264-TASTETV.nzb
2015-11-05 22:34 - 2015-11-05 22:34 - 00052859 _____ C:\Users\axwhipmaker\Downloads\The.Blacklist.S03E06.INTERNAL.HDTV.x264-KILLERS.nzb
2015-11-05 22:33 - 2015-11-05 22:33 - 00050208 _____ C:\Users\axwhipmaker\Downloads\The.Player.2015.S01E07.HDTV.x264-FLEET.nzb
2015-11-05 20:55 - 2015-11-05 20:55 - 00060787 _____ C:\Users\axwhipmaker\Downloads\Heroes.Reborn.S01E08.PROPER.HDTV.x264-KILLERS.nzb
2015-11-05 19:48 - 2015-11-05 19:48 - 00015284 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]elementary.season.3.torrent
2015-11-05 19:46 - 2015-11-05 19:46 - 00016920 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]elementary.season.1.complete.hdtv.delta.sn1p3r.torrent
2015-11-05 19:46 - 2015-11-05 19:46 - 00015791 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]elementary.season.2.hdtv.complete.delta.sn1p3r.torrent
2015-11-05 19:10 - 2015-11-05 19:10 - 00000905 _____ C:\Users\axwhipmaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Copy.lnk
2015-11-05 19:08 - 2015-11-05 19:11 - 00000000 ___RD C:\Users\axwhipmaker\Copy
2015-11-05 19:05 - 2015-11-29 10:31 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\Copy
2015-11-05 19:05 - 2015-11-05 19:05 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Copy
2015-11-05 18:57 - 2015-11-05 18:57 - 51022136 _____ (Barracuda Networks, Inc.) C:\Users\axwhipmaker\Downloads\Copy-3.2.01.0481.exe
2015-11-05 02:04 - 2015-11-05 02:04 - 01915187 _____ C:\Users\axwhipmaker\Downloads\Shabica_1982_ThePondsAndLagoonsOfHornIslandAndPetitBoisIslandsMississippiGulfIslandsNationalSeashoreTheirPhysicalSizeLiteratureReviewAndRecommendationsForFutureResearch.PDF
2015-11-05 01:40 - 2015-11-05 01:40 - 00003069 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]supernatural.s11e05.hdtv.x264.lol.ettv.torrent
2015-11-05 01:38 - 2015-11-05 01:38 - 00053097 _____ C:\Users\axwhipmaker\Downloads\The.Romeo.Section.S01E04.HDTV.x264-KILLERS.nzb
2015-11-04 20:48 - 2015-11-04 20:48 - 00063903 _____ C:\Users\axwhipmaker\Downloads\Cuffs.S01E02.HDTV.x264-ORGANiC.nzb
2015-11-04 20:46 - 2015-11-04 20:46 - 00065169 _____ C:\Users\axwhipmaker\Downloads\Rosewood.S01E06.HDTV.x264-FLEET.nzb
2015-11-04 20:44 - 2015-11-04 20:44 - 00014608 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]the.voice.us.s09e14.hdtv.x264.torrent
2015-11-03 23:39 - 2015-11-03 23:39 - 00004349 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]ncis.new.orleans.s02e07.hdtv.x264.lol.ettv.torrent
2015-11-03 22:30 - 2015-11-03 22:30 - 00075934 _____ C:\Users\axwhipmaker\Downloads\The.Bastard.Executioner.S01E08.HDTV.x264-FLEET.nzb
2015-11-03 22:29 - 2015-11-03 22:29 - 00051958 _____ C:\Users\axwhipmaker\Downloads\Wicked.City.S01E02.HDTV.x264-FLEET.nzb
2015-11-03 17:07 - 2015-11-03 17:07 - 00061466 _____ C:\Users\axwhipmaker\Downloads\Lewis.S09E05.HDTV.x264-TLA.nzb
2015-11-03 17:06 - 2015-11-03 17:06 - 00061329 _____ C:\Users\axwhipmaker\Downloads\River.S01E04.HDTV.x264-ORGANiC.nzb
2015-11-03 10:14 - 2015-11-03 10:14 - 00004007 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]scorpion.s02e07.hdtv.x264.lol.ettv.torrent
2015-11-03 10:13 - 2015-11-03 10:13 - 00014749 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]the.voice.us.s09e13.hdtv.x264.torrent
2015-11-02 22:35 - 2015-11-02 22:35 - 00056081 _____ C:\Users\axwhipmaker\Downloads\Fargo.S02E04.HDTV.x264-KILLERS.nzb
2015-11-02 19:37 - 2015-11-02 19:37 - 04694863 _____ C:\Users\axwhipmaker\Downloads\Axel Streffer Invoices.pdf
2015-11-02 14:06 - 2015-11-02 14:06 - 00030247 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]csi.cyber.s02e05.hdtv.x264.lol.rartv.torrent
2015-11-01 21:52 - 2015-11-01 21:52 - 00062732 _____ C:\Users\axwhipmaker\Downloads\The.Librarians.US.S02E02.HDTV.x264-KILLERS.nzb
2015-11-01 20:42 - 2015-11-01 20:42 - 00091417 _____ C:\Users\axwhipmaker\Downloads\Earths.Wildest.Waters.The.Big.Fish.UK.S01E03.HDTV.x264-TASTETV.nzb
2015-11-01 20:40 - 2015-11-01 20:40 - 00091079 _____ C:\Users\axwhipmaker\Downloads\Earths.Wildest.Waters.The.Big.Fish.UK.S01E02.HDTV.x264-TASTETV.nzb
2015-11-01 20:38 - 2015-11-01 20:38 - 00092091 _____ C:\Users\axwhipmaker\Downloads\Earths.Wildest.Waters.The.Big.Fish.UK.S01E01.Iceland.HDTV.x264-C4TV.nzb
2015-11-01 20:35 - 2015-11-01 20:35 - 00060810 _____ C:\Users\axwhipmaker\Downloads\The.Librarians.US.S02E01.HDTV.x264-KILLERS.nzb
2015-11-01 16:40 - 2015-11-01 16:40 - 00066034 _____ C:\Users\axwhipmaker\Downloads\Downton.Abbey.S06E07.HDTV.x264-ORGANiC.nzb
2015-11-01 15:06 - 2015-11-01 15:06 - 00000000 ____D C:\Users\axwhipmaker\Documents\NoMachine
2015-11-01 15:02 - 2015-11-28 22:51 - 00000000 ___HD C:\Users\axwhipmaker\.nx
2015-11-01 15:02 - 2015-11-27 17:44 - 00000000 ____D C:\Users\nx\.nx
2015-11-01 14:56 - 2015-03-02 13:39 - 00087216 _____ (NoMachine) C:\WINDOWS\system32\Drivers\nxusbf.sys
2015-11-01 14:55 - 2015-11-26 22:00 - 00000000 ____D C:\Users\nx
2015-11-01 14:55 - 2015-11-01 14:55 - 00002094 _____ C:\Users\Public\Desktop\NoMachine.lnk
2015-11-01 14:55 - 2015-11-01 14:55 - 00000020 ___SH C:\Users\nx\ntuser.ini
2015-11-01 14:55 - 2015-11-01 14:55 - 00000000 _SHDL C:\Users\nx\My Documents
2015-11-01 14:55 - 2015-11-01 14:55 - 00000000 _SHDL C:\Users\nx\Documents\My Videos
2015-11-01 14:55 - 2015-11-01 14:55 - 00000000 _SHDL C:\Users\nx\Documents\My Pictures
2015-11-01 14:55 - 2015-11-01 14:55 - 00000000 _SHDL C:\Users\nx\Documents\My Music
2015-11-01 14:55 - 2015-11-01 14:55 - 00000000 ____D C:\ProgramData\NoMachine
2015-11-01 14:55 - 2015-11-01 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoMachine
2015-11-01 14:55 - 2015-11-01 14:55 - 00000000 ____D C:\Program Files (x86)\NoMachine
2015-11-01 14:55 - 2015-08-10 11:59 - 00000000 ____D C:\Users\nx\AppData\Roaming\Macromedia
2015-11-01 14:55 - 2015-08-02 01:59 - 00000000 ____D C:\Users\nx\Documents\hp.system.package.metadata
2015-11-01 14:55 - 2015-08-02 01:59 - 00000000 ____D C:\Users\nx\Documents\hp.applications.package.appdata
2015-11-01 14:55 - 2015-08-02 01:59 - 00000000 ____D C:\Users\nx\AppData\Local\Google
2015-11-01 14:55 - 2015-03-02 13:39 - 00068096 _____ (NoMachine) C:\WINDOWS\system32\Drivers\nxusbh.sys
2015-11-01 14:55 - 2015-03-02 13:39 - 00010240 _____ (NoMachine) C:\WINDOWS\system32\Drivers\nxusbs.sys
2015-11-01 14:55 - 2014-08-13 12:05 - 02203648 _____ C:\WINDOWS\system32\nxlsa.dll
2015-11-01 14:55 - 2014-04-22 15:07 - 00017920 _____ (NoMachine) C:\WINDOWS\system32\Drivers\nxaudio.sys
2015-11-01 14:55 - 2014-02-21 22:37 - 00000369 _____ C:\Users\nx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-11-01 14:55 - 2014-02-21 22:37 - 00000369 _____ C:\Users\nx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-11-01 14:54 - 2015-11-01 14:54 - 32702600 _____ (NoMachine S.a.r.l. ) C:\Users\axwhipmaker\Downloads\nomachine_5.0.47_1.exe
2015-11-01 14:45 - 2015-11-01 14:45 - 00057738 _____ C:\Users\axwhipmaker\Downloads\You.Me.And.The.Apocalypse.S01E02.HDTV.x264-TLA.nzb
2015-11-01 14:43 - 2015-11-01 14:43 - 00061474 _____ C:\Users\axwhipmaker\Downloads\You.Me.And.The.Apocalypse.S01E04.HDTV.x264-TLA.nzb
2015-11-01 14:42 - 2015-11-01 14:42 - 00055658 _____ C:\Users\axwhipmaker\Downloads\You.Me.And.The.Apocalypse.S01E05.HDTV.x264-TLA.nzb
2015-11-01 14:40 - 2015-11-01 14:40 - 00053280 _____ C:\Users\axwhipmaker\Downloads\You.Me.And.The.Apocalypse.S01E03.HDTV.x264-TLA.nzb
2015-11-01 14:39 - 2015-11-01 14:39 - 00063054 _____ C:\Users\axwhipmaker\Downloads\Jekyll.And.Hyde.S01E01.The.Harbinger.HDTV.x264-ORGANiC.nzb
2015-11-01 14:37 - 2015-11-01 14:37 - 00055383 _____ C:\Users\axwhipmaker\Downloads\Jekyll.And.Hyde.S01E02.HDTV.x264-ORGANiC.nzb
2015-11-01 14:01 - 2015-11-01 14:01 - 00046909 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]sea.patrol.season.2.complete.torrent
2015-11-01 13:28 - 2015-11-01 13:28 - 00057646 _____ C:\Users\axwhipmaker\Downloads\[kat.cr]der.letzte.bulle.the.last.cop.5.complete.seasons.all.episodes.torrent
2015-11-01 03:36 - 2015-11-01 03:36 - 00046567 _____ C:\Users\axwhipmaker\Downloads\Hitler.and.the.Aryan.Myth.DSR.x264-W4F.nzb
2015-11-01 03:35 - 2015-11-01 03:35 - 00072578 _____ C:\Users\axwhipmaker\Downloads\The.Last.Kingdom.S01E04.HDTV.x264-KILLERS.nzb
2015-10-31 12:43 - 2015-10-31 12:43 - 00051006 _____ C:\Users\axwhipmaker\Downloads\BEFE0A31EFA1AE548D743218E519D3AB1B9D5085.torrent
2015-10-31 10:57 - 2015-10-31 10:58 - 14536859 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect401.internal.mkv
2015-10-31 10:55 - 2015-10-31 10:55 - 09954304 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect402.ws.mkv
2015-10-31 10:52 - 2015-10-31 10:52 - 10536365 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect702.internal.mkv
2015-10-31 10:50 - 2015-10-31 10:50 - 06599115 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect602.internal.mkv
2015-10-31 10:47 - 2015-10-31 10:47 - 07870917 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect403.ws.mkv
2015-10-31 10:45 - 2015-10-31 10:45 - 07053704 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect701.internal.mkv
2015-10-31 10:42 - 2015-10-31 10:42 - 07122605 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect102.ws.mkv
2015-10-31 10:40 - 2015-10-31 10:40 - 07926939 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect301.ws.mkv
2015-10-31 10:37 - 2015-10-31 10:37 - 06078477 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect501.ws.mkv
2015-10-31 10:35 - 2015-10-31 10:35 - 07010302 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect101.ws.mkv
2015-10-31 10:33 - 2015-10-31 10:33 - 05782741 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect302.ws.mkv
2015-10-31 10:30 - 2015-10-31 10:30 - 07112101 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect201.ws.mkv
2015-10-31 10:28 - 2015-10-31 10:28 - 06795093 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect601.internal.mkv
2015-10-31 10:26 - 2015-10-31 10:26 - 05585767 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect202.ws.mkv
2015-10-31 10:24 - 2015-10-31 10:24 - 06280679 _____ C:\Users\axwhipmaker\Downloads\deu-primesuspect502.ws.mkv
2015-10-31 10:22 - 2015-10-31 10:22 - 00056996 _____ C:\Users\axwhipmaker\Downloads\Ash.vs.Evil.Dead.S01E01.HDTV.x264-KILLERS.nzb
2015-10-30 21:46 - 2015-10-30 21:46 - 00058796 _____ C:\Users\axwhipmaker\Downloads\The.Romeo.Section.S01E01.HDTV.x264-KILLERS.nzb
2015-10-30 21:44 - 2015-10-30 21:44 - 00054606 _____ C:\Users\axwhipmaker\Downloads\The.Romeo.Section.S01E02.HDTV.x264-KILLERS.nzb
2015-10-30 21:43 - 2015-10-30 21:43 - 00053026 _____ C:\Users\axwhipmaker\Downloads\The.Romeo.Section.S01E03.HDTV.x264-KILLERS.nzb
2015-10-30 21:42 - 2015-10-30 21:42 - 00050804 _____ C:\Users\axwhipmaker\Downloads\Grimm.S05E01.HDTV.x264-KILLERS.nzb
2015-10-30 21:41 - 2015-10-30 21:41 - 00052402 _____ C:\Users\axwhipmaker\Downloads\Crossing.Lines.S03E07.HDTV.x264-SKGTV.nzb
2015-10-30 09:20 - 2015-10-30 09:20 - 00034028 _____ C:\Users\axwhipmaker\Downloads\Rent.A.Cop.S01E01.HDTV.x264-C4TV.nzb
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-29 11:30 - 2015-05-22 19:48 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\BitTorrent
2015-11-29 11:29 - 2015-07-10 03:05 - 00000000 ____D C:\Windows
2015-11-29 11:22 - 2015-06-27 11:11 - 00000952 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2685585085-2916440216-3482114021-1001UA.job
2015-11-29 11:08 - 2015-05-23 00:42 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-29 09:43 - 2015-05-23 00:41 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A858CF09-A6F8-4155-861D-CD897C7CF50D}
2015-11-29 04:08 - 2015-05-23 00:42 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-29 03:22 - 2015-06-27 11:11 - 00000900 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2685585085-2916440216-3482114021-1001Core.job
2015-11-28 22:57 - 2015-08-02 01:54 - 00968010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-28 22:57 - 2015-07-10 05:02 - 00000000 ____D C:\WINDOWS\INF
2015-11-28 22:52 - 2015-05-27 19:41 - 00000000 ___RD C:\Users\axwhipmaker\Google Drive
2015-11-28 22:50 - 2015-08-02 09:14 - 00000000 __SHD C:\Users\axwhipmaker\IntelGraphicsProfiles
2015-11-28 22:50 - 2015-08-02 01:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-28 22:50 - 2015-07-10 06:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-28 22:50 - 2015-07-10 03:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-28 02:13 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-26 22:01 - 2015-08-02 01:54 - 00000000 ____D C:\Users\axwhipmaker
2015-11-26 22:00 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-11-26 22:00 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-11-26 22:00 - 2015-05-22 14:50 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\IObit
2015-11-26 22:00 - 2015-05-22 14:50 - 00000000 ____D C:\Users\axwhipmaker\AppData\LocalLow\IObit
2015-11-26 21:59 - 2015-08-21 01:33 - 00000000 ____D C:\Users\axwhipmaker\AppData\Local\GARMIN_Corp
2015-11-26 21:59 - 2015-08-20 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-11-26 21:59 - 2015-05-27 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-26 21:59 - 2015-05-22 14:50 - 00000000 ____D C:\ProgramData\IObit
2015-11-26 21:59 - 2015-05-22 03:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-26 21:54 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\registration
2015-11-26 21:53 - 2015-06-06 13:46 - 00000000 ___RD C:\Users\axwhipmaker\Dropbox
2015-11-26 21:52 - 2015-07-10 05:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-26 21:52 - 2015-05-23 00:42 - 00000000 ____D C:\Users\axwhipmaker\AppData\Local\Google
2015-11-26 21:50 - 2015-08-20 19:49 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-11-26 21:50 - 2015-05-23 00:49 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-26 14:47 - 2015-07-07 10:55 - 00224256 ___SH C:\Users\axwhipmaker\Desktop\Thumbs.db
2015-11-26 14:46 - 2015-05-22 03:52 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-26 14:44 - 2015-07-10 03:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(4718)
2015-11-26 12:27 - 2015-05-22 03:53 - 00001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-26 12:22 - 2015-05-22 03:52 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-11-26 12:22 - 2015-05-22 03:52 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-11-26 12:22 - 2015-05-22 03:52 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-11-26 12:22 - 2015-05-22 03:52 - 00154256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-11-26 12:22 - 2015-05-22 03:52 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-11-26 12:22 - 2015-05-22 03:52 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-11-26 12:22 - 2015-05-22 03:52 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-11-26 12:22 - 2015-05-22 03:52 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-11-26 06:09 - 2015-05-27 19:40 - 00002122 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-11-26 06:09 - 2015-05-27 19:40 - 00002120 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-11-26 06:09 - 2015-05-27 19:40 - 00002110 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-11-25 14:58 - 2015-05-22 03:58 - 00000000 ____D C:\Users\axwhipmaker\AppData\Roaming\Dropbox
2015-11-25 13:47 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Branding
2015-11-19 20:02 - 2015-05-23 00:42 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-17 02:25 - 2015-05-23 12:13 - 00000000 ____D C:\Users\axwhipmaker\bitthief
2015-11-14 10:29 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 04:32 - 2015-07-10 03:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(212)
2015-11-12 04:30 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 11:31 - 2015-07-10 04:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 11:29 - 2015-05-26 15:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 11:20 - 2015-05-26 15:15 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-10 20:10 - 2015-05-23 00:42 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-06 01:26 - 2015-08-21 00:18 - 00003622 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-11-06 01:26 - 2015-08-21 00:18 - 00001970 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2015-11-05 18:47 - 2015-05-23 03:30 - 00001242 _____ C:\Users\axwhipmaker\Desktop\Daum Potplayer.lnk
2015-11-03 15:42 - 2015-08-18 17:55 - 00000000 ____D C:\Users\axwhipmaker\Desktop\GoPro
2015-11-03 12:20 - 2015-10-02 04:03 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 12:20 - 2015-10-02 04:03 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 02:38 - 2015-08-02 09:19 - 00002398 _____ C:\Users\axwhipmaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-03 02:38 - 2015-08-02 09:19 - 00000000 ___RD C:\Users\axwhipmaker\OneDrive
2015-11-02 19:39 - 2015-05-28 19:34 - 00444416 ___SH C:\Users\axwhipmaker\Downloads\Thumbs.db
2015-11-01 15:01 - 2015-06-07 21:34 - 00000366 _____ C:\WINDOWS\Tasks\HPCeeScheduleForaxwhipmaker.job
2015-10-31 02:12 - 2015-06-07 21:34 - 00003282 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForaxwhipmaker
2015-10-31 02:02 - 2015-07-10 06:20 - 00240272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
 
==================== Files in the root of some directories =======
 
2015-06-21 01:26 - 2015-06-21 01:26 - 0001167 _____ () C:\Users\axwhipmaker\AppData\Roaming\trace_FilterInstaller.txt
2015-06-21 01:26 - 2015-06-21 01:26 - 0000000 _____ () C:\Users\axwhipmaker\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-05-22 02:58 - 2015-05-22 02:58 - 0000017 _____ () C:\Users\axwhipmaker\AppData\Local\resmon.resmoncfg
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-26 20:05
 
==================== End of FRST.txt ============================

Edited by AxelSt, 29 November 2015 - 12:51 PM.


#15 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 29 November 2015 - 04:04 PM

Programs uninstall with RevoUninstaller:

BitTorrent
Surfing Protection
IObit Uninstalle
Driver Booster
LiveUpdate
Advanced SystemCare 8
IObit Malware Fighter

 

Please PC reboot now.

  

Uninstall/remove all entries related to I0Bit  that program has dubious history..

Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product. Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.

IOBit Steals Malwarebytes' Intellectual Property
IOBit's Denial of Theft Unconvincing
IOBit Theft Conclusion
IObit: Trusting Your Antivirus Vendor
Malwarebytes: IObit Stole Our Signatures Database
IObit accused of stealing from Malwarebytes
http://shanegowland....-sucky-company/

=======================================================================

Going over your logs I noticed that you have BitTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

  

C:\Users\axwhipmaker\Downloads\
Folder too full.
I suggest you do a little cleaning. important files are them for you?

========================================================

Let me know when you get that done

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users