Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with multiple browser.exe virus in task manager


  • This topic is locked This topic is locked
12 replies to this topic

#1 bebub2012

bebub2012

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 02 January 2016 - 06:17 AM

Hi Bleeping Computer,

 

HELP ME PLEASE!!! I think my PC is infected with browser.exe virus. Everytime I open a web browser, there will be about 6-7 browser.exe files appear in the task manger's processes. And then 2 files will be added into the list for each website I open. These will go when I close the web browser, but will immediately come back as soon as I reopen the web browser. I really do not know what to do to resolve this issue guys. I have read several posts on your website and I am really happy to finally be able to find you guys. I believe that you guys will be able to save me for sure ^^. I have backed up important data, and please have a look at my FRST scan result as below. Thank you all in advance ^^ 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015

Ran by Luffy (administrator) on LUFFY-PC (02-01-2016 17:48:41)

Running from D:\soft\1\malware protection

Loaded Profiles: Luffy & UpdatusUser (Available Profiles: Luffy & UpdatusUser & Administrator)

Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe

(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

() C:\Users\Luffy\Desktop\iWatchDVR.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe

(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe

(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Coc Coc Co., Ltd.) C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-27] (Realtek Semiconductor)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)

HKLM-x32\...\Run: [setup_info] => C:\Users\Luffy\AppData\Local\Temp\setup_info.exe /start <===== ATTENTION

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248 2015-10-16] (Tonec Inc.)

HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)

HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\MountPoints2: {47aa6f91-7192-11e5-8115-806e6f6e6963} - F:\setup.exe

ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)

BootExecute: autocheck autochk * sdnclean64.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Hosts: 0.0.0.1 mssplus.mcafee.com

Tcpip\Parameters: [DhcpNameServer] 192.168.1.8

Tcpip\..\Interfaces\{F5AF2EC0-CABB-43BD-9333-8EE780A6715B}: [DhcpNameServer] 192.168.1.8

 

Internet Explorer:

==================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-3582788642-1754219851-881556053-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)

BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-12-24] (Oracle Corporation)

BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)

BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-12-24] (Oracle Corporation)

BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)

BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-10-13] (Oracle Corporation)

BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)

BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-10-13] (Oracle Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll [2013-02-27] ()

FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-12-24] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-12-24] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll [2013-02-27] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-10-13] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-10-13] (Oracle Corporation)

FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-10-15] ()

FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-10-15] ()

FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-10-15] ()

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-16] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)

FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com

FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-10-15] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com

FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-10-15] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com

FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-10-15] [not signed]

FF HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Luffy\AppData\Roaming\IDM\idmmzcc5

FF Extension: IDM CC - C:\Users\Luffy\AppData\Roaming\IDM\idmmzcc5 [2016-01-02] [not signed]

FF HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-10-02]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.mysites123.com/?type=hp&ts=1451569243&z=f03583ffb9209abbf9695e9gdz4w6g9w9q2t9oaz7c&from=amt&uid=wdcxwd2002faex-007ba0_wd-wmay0242621626216

CHR StartupUrls: Default -> "hxxps://www.malwarebytes.org/restorebrowser/"

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File

CHR Plugin: (Java™ Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()

CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Profile: C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Video AdBlock for Chrome) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-11-27]

CHR Extension: (Kaspersky Protection) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-10-16]

CHR Extension: (IDM Integration Module) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-10-20]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-13]

CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-10-16]

CHR HKU\S-1-5-21-3582788642-1754219851-881556053-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-10-16]

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)

R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-07-03] (Kaspersky Lab ZAO)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)

R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)

S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-02] (Electronic Arts)

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)

R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-07-03] (Kaspersky Lab UK Ltd)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)

S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-01-01] ()

R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-07-03] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-07-03] (Kaspersky Lab ZAO)

R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-07-03] (Kaspersky Lab ZAO)

R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-07-03] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [831672 2015-10-16] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-07-03] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-07-03] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-07-03] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-07-03] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-07-03] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-07-03] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-10-16] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-02] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42600 2015-11-16] (Synaptics Incorporated)

R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-01-02 13:42 - 2016-01-02 13:42 - 00000760 _____ C:\Users\Luffy\Desktop\cbSetup.txt

2016-01-02 13:42 - 2016-01-02 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11

2016-01-02 13:42 - 2016-01-02 13:42 - 00000000 ____D C:\Program Files (x86)\Cobian Backup 11

2016-01-02 13:41 - 2016-01-02 13:41 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\Luffy\Desktop\cbSetup.exe

2016-01-01 19:46 - 2016-01-01 19:49 - 00000000 ____D C:\KVRT_Data

2016-01-01 19:45 - 2016-01-01 19:46 - 95849800 _____ (Kaspersky Lab ZAO) C:\Users\Luffy\Desktop\KVRT.exe

2016-01-01 19:43 - 2016-01-01 19:43 - 11337112 _____ (SurfRight B.V.) C:\Users\Luffy\Desktop\HitmanPro_x64.exe

2016-01-01 19:39 - 2016-01-01 19:39 - 00224968 _____ (ESET) C:\Users\Luffy\Desktop\ESETPoweliksCleaner.exe

2016-01-01 15:12 - 2016-01-01 15:12 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\SUPERAntiSpyware.com

2016-01-01 15:11 - 2016-01-01 15:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2016-01-01 15:11 - 2016-01-01 15:11 - 00001808 _____ C:\Users\Luffy\Desktop\SUPERAntiSpyware Free Edition.lnk

2016-01-01 15:11 - 2016-01-01 15:11 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2016-01-01 15:11 - 2016-01-01 15:11 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com

2016-01-01 14:48 - 2016-01-01 14:48 - 00000000 ____D C:\Program Files\Common Files\AV

2016-01-01 14:48 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe

2016-01-01 14:40 - 2016-01-01 14:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2016-01-01 14:40 - 2016-01-01 14:48 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2016-01-01 14:40 - 2016-01-01 14:40 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2016-01-01 14:40 - 2016-01-01 14:40 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2016-01-01 14:40 - 2016-01-01 14:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2016-01-01 14:40 - 2016-01-01 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2016-01-01 14:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2016-01-01 14:36 - 2016-01-01 14:37 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Luffy\Desktop\spybot-2.4.exe

2016-01-01 14:08 - 2016-01-02 15:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-01-01 14:07 - 2016-01-01 14:26 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-01-01 14:07 - 2016-01-01 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-01-01 14:07 - 2016-01-01 14:07 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-01-01 14:07 - 2016-01-01 14:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-01-01 14:07 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2016-01-01 14:07 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-01-01 14:07 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-01-01 14:06 - 2016-01-01 14:07 - 22908888 _____ (Malwarebytes ) C:\Users\Luffy\Desktop\mbam-setup.exe

2016-01-01 13:51 - 2016-01-01 13:51 - 00000000 _____ C:\autoexec.bat

2016-01-01 13:46 - 2016-01-01 13:46 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys

2016-01-01 13:45 - 2016-01-01 13:45 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Luffy\Desktop\SpyHunter-Installer.exe

2016-01-01 10:12 - 2016-01-01 14:24 - 00000000 ____D C:\Users\Luffy\AppData\Local\Systweak

2016-01-01 10:12 - 2016-01-01 13:48 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Systweak

2016-01-01 09:59 - 2016-01-01 09:59 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\CocCoc

2015-12-31 21:50 - 2015-12-31 21:50 - 00000000 ____D C:\Users\Luffy\Documents\Telltale Games

2015-12-31 21:45 - 2015-12-31 22:14 - 966787072 _____ C:\Users\Luffy\Desktop\TIAOVSFC - Reloaded ( Leon )_Up By Sky™.part4.rar

2015-12-31 21:41 - 2016-01-02 17:48 - 00000000 ____D C:\FRST

2015-12-31 21:40 - 2015-12-31 21:40 - 00000000 ____D C:\Users\Luffy\AppData\Local\VirtualStore

2015-12-31 21:35 - 2015-12-31 21:35 - 00000000 ____D C:\ProgramData\IDM

2015-12-31 21:32 - 2015-12-31 21:17 - 00024064 _____ C:\Windows\zoek-delete.exe

2015-12-31 21:17 - 2015-12-31 21:29 - 00000000 ____D C:\zoek_backup

2015-12-31 21:01 - 2015-12-31 21:01 - 00000000 ____D C:\Windows\pss

2015-12-31 20:39 - 2015-12-31 20:39 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-12-31 20:39 - 2015-12-31 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-12-25 17:44 - 2015-12-25 17:44 - 00000000 ____D C:\Users\Luffy\Tracing

2015-12-25 17:20 - 2016-01-01 14:26 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk

2015-12-25 17:20 - 2015-12-25 17:20 - 00000000 ___RD C:\Program Files (x86)\Skype

2015-12-25 17:20 - 2015-12-25 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-12-25 17:18 - 2015-12-25 17:18 - 00003140 _____ C:\Windows\System32\Tasks\{400FA59B-A012-4EA1-BC00-261484B561C1}

2015-12-24 12:30 - 2016-01-01 14:25 - 00001206 _____ C:\Users\Luffy\Desktop\SWXE.exe - Shortcut.lnk

2015-12-24 10:40 - 2016-01-01 14:26 - 00001060 _____ C:\Users\Public\Desktop\VLC media player.lnk

2015-12-24 10:40 - 2015-12-30 13:36 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\vlc

2015-12-24 10:40 - 2015-12-24 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2015-12-24 10:39 - 2015-12-24 10:39 - 00000000 ____D C:\Program Files (x86)\VideoLAN

2015-12-24 10:29 - 2015-12-24 10:29 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Jubler

2015-12-24 10:28 - 2015-12-24 10:28 - 01092512 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll

2015-12-24 10:28 - 2015-12-24 10:28 - 00971680 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll

2015-12-24 10:28 - 2015-12-24 10:28 - 00311200 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2015-12-24 10:28 - 2015-12-24 10:28 - 00188832 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2015-12-24 10:28 - 2015-12-24 10:28 - 00188320 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2015-12-24 10:28 - 2015-12-24 10:28 - 00108448 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2015-12-24 10:28 - 2015-12-24 10:28 - 00000000 ____D C:\Users\Luffy\AppData\LocalLow\Sun

2015-12-24 10:28 - 2015-12-24 10:28 - 00000000 ____D C:\Program Files\Java

2015-12-24 10:27 - 2015-12-24 10:27 - 00001652 _____ C:\Users\UpdatusUser\Desktop\Jubler subtitle editor.lnk

2015-12-24 10:27 - 2015-12-24 10:27 - 00001652 _____ C:\Users\Administrator\Desktop\Jubler subtitle editor.lnk

2015-12-24 10:27 - 2015-12-24 10:27 - 00000000 ____D C:\Program Files\Jubler

2015-12-23 13:35 - 2016-01-01 14:26 - 00001776 _____ C:\Users\Public\Desktop\MKVToolNix GUI.lnk

2015-12-23 13:35 - 2015-12-23 13:35 - 00000000 ____D C:\Users\Luffy\AppData\Local\bunkus.org

2015-12-23 13:35 - 2015-12-23 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix

2015-12-23 13:35 - 2015-12-23 13:35 - 00000000 ____D C:\Program Files\MKVToolNix

2015-12-20 23:04 - 2015-12-20 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

2015-12-20 00:45 - 2015-12-20 03:25 - 117415822 _____ C:\Users\Luffy\Desktop\san go oamar.psd

2015-12-19 22:43 - 2015-12-25 10:17 - 00000000 ____D C:\Users\Luffy\Desktop\New folder (2)

2015-12-18 00:08 - 2015-12-18 00:08 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\MPC-HC

2015-12-16 19:31 - 2016-01-01 11:03 - 00000000 ____D C:\Program Files (x86)\EyeDefender

2015-12-16 19:07 - 2015-12-16 19:07 - 00262144 _____ C:\Windows\system32\config\elam

2015-12-16 18:29 - 2015-12-16 18:29 - 00000000 ____D C:\Users\Luffy\Documents\iWatchDVR for Windows

2015-12-16 18:29 - 2015-12-16 18:29 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\{EC351E9C-0CD1-4459-9DA1-82BA5DC21729}

2015-12-16 18:28 - 2015-12-16 18:28 - 00409088 _____ () C:\Users\Luffy\Desktop\iWatchDVR.exe

2015-12-16 17:53 - 2016-01-02 16:58 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-12-16 17:53 - 2016-01-02 13:08 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-12-16 17:53 - 2016-01-01 14:26 - 00002184 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-12-16 17:53 - 2015-12-16 17:53 - 00003980 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-12-16 17:53 - 2015-12-16 17:53 - 00003728 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-12-16 17:53 - 2015-12-16 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-12-16 17:52 - 2015-12-16 17:52 - 00927824 _____ (Google Inc.) C:\Users\Luffy\Downloads\ChromeSetup.exe

2015-12-16 17:37 - 2015-12-16 17:37 - 00003794 _____ C:\Windows\System32\Tasks\klcp_update

2015-12-16 17:36 - 2015-12-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

2015-12-16 17:36 - 2015-12-16 17:36 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack

2015-12-16 17:36 - 2015-10-06 01:00 - 00126976 _____ C:\Windows\system32\ff_vfw.dll

2015-12-16 17:36 - 2015-10-06 01:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll

2015-12-16 17:36 - 2015-06-22 20:25 - 00254976 _____ C:\Windows\system32\xvidvfw.dll

2015-12-16 17:36 - 2015-06-22 20:25 - 00240128 _____ C:\Windows\SysWOW64\xvidvfw.dll

2015-12-16 17:36 - 2015-06-22 20:24 - 00729088 _____ C:\Windows\system32\xvidcore.dll

2015-12-16 17:36 - 2015-06-22 20:24 - 00655872 _____ C:\Windows\SysWOW64\xvidcore.dll

2015-12-16 17:36 - 2015-02-28 22:22 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll

2015-12-16 17:36 - 2015-02-28 22:21 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll

2015-12-16 17:36 - 2012-07-21 17:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm

2015-12-16 17:36 - 2012-07-21 17:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm

2015-12-16 17:36 - 2011-12-08 00:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll

2015-12-16 17:36 - 2011-12-08 00:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll

2015-12-16 17:01 - 2015-12-16 17:40 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo

2015-12-16 17:01 - 2015-12-16 17:40 - 00000000 ____D C:\Program Files (x86)\Lenovo

2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Windows\Downloaded Installations

2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Luffy\REACHit

2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Luffy\AppData\Local\Lenovo

2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Luffy\AppData\Local\Downloaded Installations

2015-12-16 16:59 - 2015-12-31 21:34 - 00000008 __RSH C:\ProgramData\ntuser.pol

2015-12-16 16:59 - 2015-12-16 16:59 - 00000000 ____D C:\Users\Luffy\AppData\Local\Setup4156334

2015-12-16 16:54 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\DVRemoteDesktop

2015-12-15 11:22 - 2015-12-15 11:22 - 00000000 ____D C:\tempvideo

2015-12-14 17:49 - 2015-12-14 17:49 - 00000000 ____D C:\Users\Luffy\Documents\Rockstar Games

2015-12-09 14:39 - 2015-12-09 14:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-12-09 10:37 - 2015-11-12 04:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-12-09 10:37 - 2015-11-12 03:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-12-09 10:37 - 2015-11-12 01:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll

2015-12-09 10:37 - 2015-11-12 01:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll

2015-12-09 10:37 - 2015-11-12 01:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll

2015-12-09 10:37 - 2015-11-12 01:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll

2015-12-09 10:37 - 2015-11-11 23:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-12-09 10:37 - 2015-11-11 23:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-12-09 10:37 - 2015-11-11 22:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-12-09 10:37 - 2015-11-11 22:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-12-09 10:37 - 2015-11-11 22:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-12-09 10:37 - 2015-11-11 22:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-12-09 10:37 - 2015-11-11 21:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-12-09 10:37 - 2015-11-11 01:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-12-09 10:37 - 2015-11-11 01:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-12-09 10:37 - 2015-11-11 01:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll

2015-12-09 10:37 - 2015-11-11 01:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2015-12-09 10:37 - 2015-11-11 01:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll

2015-12-09 10:37 - 2015-11-11 00:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-12-09 10:37 - 2015-11-10 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-12-09 10:37 - 2015-11-10 07:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-12-09 10:37 - 2015-11-10 07:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-12-09 10:37 - 2015-11-10 07:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-12-09 10:37 - 2015-11-10 07:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-12-09 10:37 - 2015-11-10 07:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-12-09 10:37 - 2015-11-10 07:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-12-09 10:37 - 2015-11-10 07:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-12-09 10:37 - 2015-11-10 07:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-12-09 10:37 - 2015-11-10 07:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-12-09 10:37 - 2015-11-10 07:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-12-09 10:37 - 2015-11-10 07:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-12-09 10:37 - 2015-11-10 07:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-12-09 10:37 - 2015-11-10 06:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-12-09 10:37 - 2015-11-10 06:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-12-09 10:37 - 2015-11-10 06:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-12-09 10:37 - 2015-11-10 06:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2015-12-09 10:37 - 2015-11-10 06:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2015-12-09 10:37 - 2015-11-10 06:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-12-09 10:37 - 2015-11-10 06:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-12-09 10:37 - 2015-11-10 06:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-12-09 10:37 - 2015-11-10 06:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-12-09 10:37 - 2015-11-10 06:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-12-09 10:37 - 2015-11-10 06:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-12-09 10:37 - 2015-11-09 05:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-12-09 10:37 - 2015-11-09 05:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-12-09 10:37 - 2015-11-09 05:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-12-09 10:37 - 2015-11-09 05:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-12-09 10:37 - 2015-11-09 05:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-12-09 10:37 - 2015-11-09 05:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-12-09 10:37 - 2015-11-09 05:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-12-09 10:37 - 2015-11-09 05:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-12-09 10:37 - 2015-11-09 05:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-12-09 10:37 - 2015-11-09 05:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-12-09 10:37 - 2015-11-09 05:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-12-09 10:37 - 2015-11-09 05:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-12-09 10:37 - 2015-11-09 05:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-12-09 10:37 - 2015-11-09 05:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-12-09 10:37 - 2015-11-09 05:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-12-09 10:37 - 2015-11-09 05:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-12-09 10:37 - 2015-11-09 04:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-12-09 10:37 - 2015-11-09 04:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-12-09 10:37 - 2015-11-09 04:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-12-09 10:37 - 2015-11-09 04:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-12-09 10:37 - 2015-11-09 04:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-12-09 10:37 - 2015-11-09 04:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2015-12-09 10:37 - 2015-11-09 04:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-12-09 10:37 - 2015-11-09 04:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-12-09 10:37 - 2015-11-09 04:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-12-09 10:37 - 2015-11-09 04:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-12-09 10:37 - 2015-11-09 04:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-12-09 10:37 - 2015-11-09 04:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-12-09 10:37 - 2015-11-09 03:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-12-09 10:37 - 2015-11-09 03:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-12-09 10:37 - 2015-11-09 03:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-12-09 10:37 - 2015-11-06 02:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll

2015-12-09 10:37 - 2015-11-06 02:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll

2015-12-09 10:37 - 2015-11-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2015-12-09 10:37 - 2015-11-06 02:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2015-12-09 10:37 - 2015-11-05 16:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys

2015-12-09 10:37 - 2015-11-04 02:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2015-12-09 10:37 - 2015-11-04 01:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2015-12-09 10:36 - 2015-11-04 02:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll

2015-12-09 10:36 - 2015-11-04 01:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll

2015-12-08 21:12 - 2015-12-08 21:07 - 00000324 _____ C:\Users\Luffy\Documents\AutoHotkeyU64.ahk

2015-12-08 19:45 - 2015-12-08 19:46 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\DarkSoulsII

2015-12-08 19:45 - 2015-12-08 19:45 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Steam

2015-12-07 23:55 - 2015-12-07 23:55 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab

2015-12-06 10:56 - 2015-07-17 02:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-12-06 10:56 - 2015-07-17 02:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2015-12-06 10:56 - 2015-07-17 02:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2015-12-06 10:56 - 2015-07-17 02:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-12-06 10:56 - 2015-07-17 02:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2015-12-06 10:56 - 2015-07-17 02:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2015-12-06 10:56 - 2015-07-11 20:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\AC3Filter

2015-12-05 17:41 - 2015-06-10 01:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2015-12-05 17:41 - 2015-06-10 01:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2015-12-05 17:41 - 2015-06-04 03:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2015-12-05 17:41 - 2014-12-12 00:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2015-12-05 00:13 - 2015-12-05 00:13 - 00000000 ____D C:\Users\Luffy\Documents\SQUARE ENIX

2015-12-05 00:13 - 2015-12-05 00:13 - 00000000 ____D C:\ProgramData\Steam

2015-12-05 00:13 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll

2015-12-05 00:13 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll

2015-12-05 00:13 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll

2015-12-05 00:13 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll

2015-12-05 00:13 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll

2015-12-05 00:13 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll

2015-12-05 00:13 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll

2015-12-05 00:13 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll

2015-12-05 00:13 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll

2015-12-05 00:13 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll

2015-12-05 00:13 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll

2015-12-05 00:13 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll

2015-12-05 00:13 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll

2015-12-05 00:13 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll

2015-12-05 00:13 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll

2015-12-05 00:13 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll

2015-12-05 00:13 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll

2015-12-05 00:13 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll

2015-12-05 00:13 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll

2015-12-05 00:13 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll

2015-12-05 00:13 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll

2015-12-05 00:13 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll

2015-12-05 00:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll

2015-12-05 00:13 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll

2015-12-05 00:13 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll

2015-12-05 00:13 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll

2015-12-05 00:13 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll

2015-12-05 00:13 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll

2015-12-05 00:13 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll

2015-12-05 00:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll

2015-12-05 00:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll

2015-12-05 00:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll

2015-12-05 00:13 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll

2015-12-05 00:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll

2015-12-05 00:13 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll

2015-12-05 00:13 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll

2015-12-05 00:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll

2015-12-05 00:13 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll

2015-12-05 00:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll

2015-12-05 00:13 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll

2015-12-05 00:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll

2015-12-05 00:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll

2015-12-05 00:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll

2015-12-05 00:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll

2015-12-05 00:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll

2015-12-05 00:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll

2015-12-05 00:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll

2015-12-05 00:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll

2015-12-05 00:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll

2015-12-05 00:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll

2015-12-05 00:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll

2015-12-05 00:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll

2015-12-05 00:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll

2015-12-05 00:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll

2015-12-05 00:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll

2015-12-05 00:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll

2015-12-05 00:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll

2015-12-05 00:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll

2015-12-05 00:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll

2015-12-05 00:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll

2015-12-05 00:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll

2015-12-05 00:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll

2015-12-05 00:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll

2015-12-05 00:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll

2015-12-05 00:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll

2015-12-05 00:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll

2015-12-05 00:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll

2015-12-05 00:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll

2015-12-05 00:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll

2015-12-05 00:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll

2015-12-05 00:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll

2015-12-05 00:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll

2015-12-05 00:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll

2015-12-05 00:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll

2015-12-05 00:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll

2015-12-05 00:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll

2015-12-05 00:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll

2015-12-05 00:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll

2015-12-05 00:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll

2015-12-05 00:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll

2015-12-05 00:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll

2015-12-05 00:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll

2015-12-05 00:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll

2015-12-05 00:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll

2015-12-05 00:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll

2015-12-05 00:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll

2015-12-05 00:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll

2015-12-05 00:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll

2015-12-05 00:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll

2015-12-05 00:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll

2015-12-05 00:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll

2015-12-05 00:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll

2015-12-05 00:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll

2015-12-05 00:13 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll

2015-12-05 00:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll

2015-12-05 00:13 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll

2015-12-05 00:13 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll

2015-12-05 00:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll

2015-12-05 00:13 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll

2015-12-05 00:13 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll

2015-12-05 00:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll

2015-12-05 00:13 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll

2015-12-05 00:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll

2015-12-05 00:13 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll

2015-12-05 00:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll

2015-12-05 00:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll

2015-12-05 00:13 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll

2015-12-05 00:13 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll

2015-12-05 00:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll

2015-12-05 00:13 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll

2015-12-05 00:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll

2015-12-05 00:13 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll

2015-12-05 00:13 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll

2015-12-05 00:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll

2015-12-05 00:13 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll

2015-12-05 00:13 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll

2015-12-05 00:12 - 2015-12-05 00:12 - 00000000 ____D C:\Users\Luffy\AppData\Local\NVIDIA

2015-12-05 00:09 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll

2015-12-05 00:09 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll

2015-12-05 00:02 - 2015-12-05 00:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf

2015-12-05 00:02 - 2015-12-05 00:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf

2015-12-05 00:02 - 2015-12-05 00:02 - 00000000 ____D C:\Program Files\Synaptics

2015-12-05 00:01 - 2015-11-27 09:46 - 04686592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys

2015-12-05 00:01 - 2015-11-27 09:46 - 04307112 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT

2015-12-05 00:01 - 2015-11-27 09:46 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 03040488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl

2015-12-05 00:01 - 2015-11-27 09:46 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 02030208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00914024 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00768816 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00410040 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00074608 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00069928 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll

2015-12-05 00:01 - 2015-11-27 09:46 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll

2015-12-05 00:01 - 2015-11-16 11:53 - 00042600 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys

2015-12-05 00:01 - 2015-10-15 20:20 - 01026304 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys

2015-12-05 00:01 - 2015-10-15 20:20 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2015-12-05 00:01 - 2015-10-08 22:15 - 00180480 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys

2015-12-05 00:01 - 2014-01-30 10:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll

2015-12-05 00:01 - 2013-07-17 13:23 - 00065408 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronHub3.sys

2015-12-04 23:59 - 2015-12-09 14:43 - 00000000 ____D C:\Windows\system32\MRT

2015-12-04 23:58 - 2015-12-09 14:39 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-12-04 23:58 - 2013-10-02 09:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2015-12-04 23:58 - 2013-10-02 09:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2015-12-04 23:58 - 2013-10-02 09:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2015-12-04 23:58 - 2013-10-02 08:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2015-12-04 23:58 - 2013-10-02 08:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2015-12-04 23:58 - 2013-10-02 08:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2015-12-04 23:58 - 2013-10-02 07:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2015-12-04 23:58 - 2013-10-02 07:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2015-12-04 23:58 - 2013-10-02 06:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2015-12-04 23:58 - 2013-10-02 05:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2015-12-04 23:57 - 2012-08-23 21:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2015-12-04 23:57 - 2012-08-23 21:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys

2015-12-04 23:57 - 2012-08-23 18:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll

2015-12-04 23:57 - 2012-08-23 17:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll

2015-12-04 23:56 - 2015-11-05 18:31 - 00572536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2015-12-04 23:54 - 2015-11-21 01:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-12-04 23:54 - 2015-11-21 01:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-12-04 23:54 - 2015-11-21 01:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-12-04 23:54 - 2015-11-21 01:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-12-04 23:54 - 2015-11-21 01:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-12-04 23:54 - 2015-11-21 01:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-12-04 23:54 - 2015-11-21 01:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-12-04 23:54 - 2015-11-21 01:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-12-04 23:54 - 2015-11-21 01:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-12-04 23:54 - 2015-10-09 06:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll

2015-12-04 23:54 - 2015-10-09 06:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL

2015-12-04 23:54 - 2015-10-09 06:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll

2015-12-04 23:54 - 2015-10-09 06:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL

2015-12-04 23:54 - 2015-10-09 06:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL

2015-12-04 23:54 - 2015-10-09 06:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll

2015-12-04 23:54 - 2015-10-09 06:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL

2015-12-04 23:54 - 2015-10-09 06:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll

2015-12-04 23:54 - 2015-10-09 02:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls

2015-12-04 23:54 - 2015-10-09 01:52 - 00419928 _____ C:\Windows\system32\locale.nls

2015-12-04 23:54 - 2015-08-06 00:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll

2015-12-04 23:54 - 2015-08-06 00:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2015-12-04 23:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll

2015-12-04 23:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll

2015-12-04 23:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll

2015-12-04 23:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll

2015-12-04 23:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll

2015-12-04 23:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll

2015-12-04 23:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll

2015-12-04 23:28 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll

2015-12-04 23:28 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll

2015-12-04 23:28 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll

2015-12-04 23:28 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll

2015-12-04 23:28 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll

2015-12-04 23:28 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll

2015-12-04 23:28 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll

2015-12-04 23:28 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll

2015-12-04 23:28 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll

2015-12-04 23:28 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll

2015-12-04 23:28 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll

2015-12-04 23:28 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll

2015-12-04 23:28 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll

2015-12-04 23:28 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll

2015-12-04 23:28 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll

2015-12-04 23:28 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll

2015-12-04 23:28 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll

2015-12-04 23:28 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll

2015-12-04 23:19 - 2016-01-01 14:26 - 00000503 _____ C:\Users\Public\Desktop\Dragon Quest Heroes.lnk

2015-12-04 21:38 - 2015-12-04 21:38 - 00000000 ____D C:\Users\Luffy\Documents\Custom Office Templates

2015-12-04 21:27 - 2016-01-01 19:04 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS

2015-12-04 21:27 - 2015-12-04 23:31 - 00000000 ____D C:\Windows\AutoKMS

2015-12-04 21:26 - 2015-12-04 21:26 - 00000000 ____D C:\ProgramData\Microsoft Toolkit

2015-12-04 21:24 - 2015-12-04 21:24 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2015-12-04 21:23 - 2015-12-09 14:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2015-12-04 21:23 - 2015-12-04 21:23 - 00000000 ____D C:\Windows\PCHEALTH

2015-12-04 21:23 - 2015-12-04 21:23 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2015-12-04 21:23 - 2015-12-04 21:23 - 00000000 ____D C:\Program Files\Microsoft SQL Server

2015-12-04 21:23 - 2015-12-04 21:23 - 00000000 ____D C:\Program Files\Common Files\DESIGNER

2015-12-04 21:23 - 2015-12-04 21:23 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server

2015-12-04 21:21 - 2015-12-04 21:23 - 00000000 ____D C:\Program Files\Microsoft Office

2015-12-04 21:21 - 2015-12-04 21:21 - 00000000 __RHD C:\MSOCache

2015-12-04 21:21 - 2015-12-04 21:21 - 00000000 ____D C:\Program Files\Microsoft Analysis Services

2015-12-04 21:21 - 2015-12-04 21:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services

2015-12-04 21:20 - 2015-12-04 21:20 - 00000000 ____D C:\Users\Luffy\Documents\My ISO Files

2015-12-04 21:20 - 2015-12-04 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO

2015-12-04 21:20 - 2015-12-04 21:20 - 00000000 ____D C:\Program Files (x86)\UltraISO

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-01-02 17:48 - 2015-10-13 19:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2016-01-02 17:28 - 2009-07-14 11:45 - 00041792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-01-02 17:28 - 2009-07-14 11:45 - 00041792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-01-02 17:24 - 2015-10-15 12:41 - 00001002 _____ C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000UA.job

2016-01-02 13:28 - 2015-10-14 11:00 - 00000000 ____D C:\Program Files (x86)\VideoViewer

2016-01-02 13:08 - 2015-10-13 17:24 - 00000000 ____D C:\ProgramData\NVIDIA

2016-01-02 13:08 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-01-02 11:27 - 2015-10-20 19:19 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\DMCache

2016-01-02 10:50 - 2009-07-14 12:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI

2016-01-02 10:50 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\inf

2016-01-01 23:38 - 2015-10-13 17:33 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Skype

2016-01-01 19:40 - 2015-10-20 19:19 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\IDM

2016-01-01 14:27 - 2015-10-13 17:12 - 00001389 _____ C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2016-01-01 14:26 - 2015-11-23 17:54 - 00001850 _____ C:\Users\Public\Desktop\Apps.lnk

2016-01-01 14:26 - 2015-11-23 17:54 - 00001801 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk

2016-01-01 14:26 - 2015-11-01 11:19 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk

2016-01-01 14:26 - 2015-10-29 13:03 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2016-01-01 14:26 - 2015-10-29 12:58 - 00001050 _____ C:\Users\Public\Desktop\iFunbox.lnk

2016-01-01 14:26 - 2015-10-19 12:14 - 00001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk

2016-01-01 14:26 - 2015-10-19 12:13 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk

2016-01-01 14:26 - 2015-10-19 12:13 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk

2016-01-01 14:26 - 2015-10-19 12:12 - 00001539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk

2016-01-01 14:26 - 2015-10-19 12:12 - 00001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk

2016-01-01 14:26 - 2015-10-19 12:11 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

2016-01-01 14:26 - 2015-10-16 21:14 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-01-01 14:26 - 2015-10-16 16:33 - 00001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk

2016-01-01 14:26 - 2015-10-16 16:33 - 00001025 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk

2016-01-01 14:26 - 2015-10-15 22:03 - 00002274 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk

2016-01-01 14:26 - 2015-10-14 11:20 - 00001960 _____ C:\Users\Public\Desktop\3ds Max 2015.lnk

2016-01-01 14:26 - 2015-10-13 17:10 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

2016-01-01 14:26 - 2015-10-13 17:10 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

2016-01-01 14:26 - 2009-07-14 11:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2016-01-01 14:26 - 2009-07-14 11:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk

2016-01-01 14:26 - 2009-07-14 11:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk

2016-01-01 14:26 - 2009-07-14 11:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk

2016-01-01 14:26 - 2009-07-14 11:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk

2016-01-01 14:25 - 2015-10-29 14:23 - 00000937 _____ C:\Users\Luffy\Desktop\One Finger Death Punch.lnk

2016-01-01 14:25 - 2015-10-23 10:34 - 00000956 _____ C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk

2016-01-01 14:25 - 2015-10-23 10:34 - 00000954 _____ C:\Users\Luffy\Desktop\Viber.lnk

2016-01-01 14:25 - 2015-10-19 12:15 - 00001125 _____ C:\Users\Luffy\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk

2016-01-01 14:25 - 2015-10-15 22:03 - 00002304 _____ C:\Users\Luffy\Desktop\An toàn giao dịch tài chính.lnk

2016-01-01 14:25 - 2015-10-14 11:00 - 00001067 _____ C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\VideoViewer.lnk

2016-01-01 14:25 - 2015-10-14 11:00 - 00001043 _____ C:\Users\Luffy\Desktop\VideoViewer.lnk

2016-01-01 14:25 - 2009-07-14 12:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk

2016-01-01 14:25 - 2009-07-14 11:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk

2016-01-01 14:24 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system

2016-01-01 12:10 - 2015-10-15 12:41 - 00000950 _____ C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000Core.job

2016-01-01 11:03 - 2015-10-20 19:19 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager

2016-01-01 09:50 - 2015-10-26 19:07 - 02259860 _____ C:\Windows\ntbtlog.txt

2016-01-01 09:48 - 2015-10-23 10:35 - 00000000 ____D C:\Users\Luffy\Documents\ViberDownloads

2016-01-01 09:48 - 2015-10-23 10:34 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\ViberPC

2015-12-31 21:50 - 2015-10-29 14:33 - 00000000 ____D C:\Users\Luffy\AppData\Local\SKIDROW

2015-12-31 21:42 - 2009-07-14 10:20 - 00000000 ____D C:\Windows

2015-12-31 21:29 - 2009-07-14 10:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy

2015-12-31 21:29 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy

2015-12-31 20:39 - 2015-10-14 10:58 - 00000000 ____D C:\Program Files\WinRAR

2015-12-31 20:34 - 2015-10-16 16:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2015-12-30 18:51 - 2015-10-24 04:40 - 00001123 _____ C:\Users\Luffy\Desktop\New Text Document.txt

2015-12-30 13:00 - 2015-10-20 19:19 - 00000000 ____D C:\Users\Luffy\Downloads\Compressed

2015-12-25 17:44 - 2015-10-13 17:12 - 00000000 ____D C:\Users\Luffy

2015-12-25 17:21 - 2015-10-13 17:28 - 00000000 ____D C:\ProgramData\Skype

2015-12-21 16:47 - 2009-07-14 12:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2015-12-20 23:04 - 2015-11-22 22:21 - 00000000 ____D C:\Program Files\McAfee Security Scan

2015-12-18 14:52 - 2015-10-15 16:47 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-12-18 14:52 - 2015-10-15 16:47 - 00000000 ___SD C:\Windows\system32\GWX

2015-12-16 17:53 - 2015-10-13 17:27 - 00000000 ____D C:\Program Files (x86)\Google

2015-12-16 17:07 - 2015-10-13 17:26 - 00000000 ____D C:\Program Files (x86)\SAM CoDeC Pack

2015-12-15 17:39 - 2015-12-02 20:12 - 00000000 ____D C:\ProgramData\Origin

2015-12-10 12:37 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\rescache

2015-12-09 18:53 - 2009-07-14 12:08 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-12-09 18:53 - 2009-07-14 11:45 - 05204312 _____ C:\Windows\system32\FNTCACHE.DAT

2015-12-09 14:46 - 2015-10-13 18:58 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-12-09 14:45 - 2009-07-14 09:34 - 00000478 _____ C:\Windows\win.ini

2015-12-09 11:37 - 2010-11-21 14:17 - 00000000 ____D C:\Windows\ShellNew

2015-12-05 01:30 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-12-05 00:02 - 2015-10-13 17:23 - 00000000 ____D C:\Windows\SysWOW64\RTCOM

2015-12-04 23:56 - 2015-10-13 17:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-12-04 23:56 - 2015-10-13 17:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2015-12-04 23:56 - 2015-10-13 17:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2015-12-04 22:01 - 2015-10-13 18:58 - 00000000 ____D C:\Users\Luffy\AppData\Local\Microsoft Help

2015-12-04 21:26 - 2015-10-13 17:20 - 00190936 _____ C:\Users\Luffy\AppData\Local\GDIPFONTCACHEV1.DAT

2015-12-04 21:23 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2015-12-04 21:22 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Common Files\System

2015-12-04 21:21 - 2015-10-13 18:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2015-12-04 21:03 - 2009-07-14 12:32 - 00000000 ____D C:\Program Files (x86)\MSBuild

2015-12-03 19:34 - 2015-12-02 20:39 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Origin

 

==================== Files in the root of some directories =======

 

2015-11-08 01:54 - 2015-11-08 18:06 - 0000132 _____ () C:\Users\Luffy\AppData\Roaming\Adobe PNG Format CS5 Prefs

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-12-30 12:20

 

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Luffy (2016-01-02 17:49:11)
Running from D:\soft\1\malware protection
Windows 7 Professional Service Pack 1 (X64) (2015-10-13 10:12:40)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3582788642-1754219851-881556053-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3582788642-1754219851-881556053-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3582788642-1754219851-881556053-1003 - Limited - Enabled)
Luffy (S-1-5-21-3582788642-1754219851-881556053-1000 - Administrator - Enabled) => C:\Users\Luffy
UpdatusUser (S-1-5-21-3582788642-1754219851-881556053-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DS MAX 2015 (HKLM-x32\...\{1B14D20F-145F-4446-9D3D-4D03085150CC}_is1) (Version: 1.0 - CD Trường Giang)
64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden
7-Zip 15.09 beta (x64) (HKLM\...\7-Zip) (Version: 15.09 - Igor Pavlov)
7-Zip 9.30 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0930-000001000000}) (Version: 9.30.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 11 ActiveX & Plugin 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.6.602.171 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Cốc Cốc (HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\CocCocBrowser) (Version: 46.2.2490.98 - Đơn vị chủ quản Cốc Cốc)
DllTool 1.0 (HKLM-x32\...\{8C36FC6F-3576-447C-B15D-FF1504C91104}_is1) (Version:  - )
DRAGON QUEST HEROES Slime Edition (HKLM\...\ZHJhZ29ucXVlc3RoZXJvZXNzbGltZWVkaXRpb24_is1) (Version: 1 - )
EyeDefender 1.08 (HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\EyeDefender) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hỗ trợ Ứng dụng Apple (32 bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Hỗ trợ Ứng dụng Apple (64 bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
iFunbox (v3.0.3109.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 7 Update 15 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217015FF}) (Version: 7.0.150 - Oracle)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Jubler subtitle editor (HKLM\...\Jubler) (Version: 5.0.5 - www.jubler.org)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.396 - Kaspersky Lab) Hidden
K-Lite Mega Codec Pack 11.5.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Graphics Driver 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.45 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
System Requirements Lab Detection (HKLM-x32\...\{6244A509-B678-46CF-9E11-7CEEA9DF8ADF}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Viber (HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\{e577cb09-2068-44fb-8eed-cfcc1617b010}) (Version: 5.3.0.1884 - Viber Media Inc.)
Viber (x32 Version: 5.3.0.1884 - Viber Media Inc.) Hidden
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.1.8.4 - AVTECH Corporation, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.20.02 - Chaos Software Ltd)
V-Ray for SketchUp adv (HKLM-x32\...\V-Ray for SketchUp adv 2.00.25244) (Version: 2.00.25244 - Chaos Software, Ltd)
WinRAR 5.30 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.1 - win.rar GmbH)
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.4 - X Codec Pack team)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3582788642-1754219851-881556053-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-3582788642-1754219851-881556053-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-3582788642-1754219851-881556053-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0342C373-9BB9-4689-8E03-7A0D4003E893} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {203D2375-892B-433D-AC77-F1898BB33FF9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {26C501EF-1D34-485A-9950-F7A4958A4CFA} - \UpdateAdmin -> No File <==== ATTENTION
Task: {471BA912-8C76-4B3F-894F-9AB5A85A737D} - System32\Tasks\Microsoft\Windows\Setup\xtgt\refreshxtgtconfig => C:\Windows\system32\XTgt\XTgtMgr.exe [2015-10-06] (Microsoft Corporation)
Task: {4A8B27D4-4C40-436F-8376-10F7407D7DFF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-12-04] ()
Task: {4AB4F0B5-7E39-4381-A192-90674BC3BA46} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6ED8A57F-9998-40F2-BE38-FFEBD4860D85} - System32\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000UA => C:\Users\Luffy\AppData\Local\CocCoc\Update\CocCocUpdate.exe [2015-10-15] (Coc Coc Co., Ltd.)
Task: {775FD608-0D12-4E7F-A212-3EF7056C1942} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {7930BB95-3B7B-4F37-A35D-5AC2D775DB96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7BEFF38C-92E2-4DB1-8AF2-E7AD4DBB389D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {87826F0E-E628-4FB2-930F-04E21DB1B24D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {8EB63832-D54C-48BD-9351-85BFA8833049} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {A0BD9A22-623F-48DB-82AF-47ACAE33A6C2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {A5F51F5A-11EC-49D8-82F0-A4E256CC3B2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {C87941BB-D30A-4F58-9826-C26954F168A4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {CF07F93D-8395-4A0C-A78F-C4DFE703C7FA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D2BD5846-77C0-44C6-B53E-A62BD6CB6F6F} - System32\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000Core => C:\Users\Luffy\AppData\Local\CocCoc\Update\CocCocUpdate.exe [2015-10-15] (Coc Coc Co., Ltd.)
Task: {DB170894-1E15-443B-B8A1-AC193C09D533} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {EBFAB967-2D4E-43AA-A1A0-DE14830931A3} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-06] ()
Task: {FB951F17-E812-424B-A81B-01B9BB335969} - System32\Tasks\{400FA59B-A012-4EA1-BC00-261484B561C1} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.17.0.105&amp;LastError=12007
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000Core.job => C:\Users\Luffy\AppData\Local\CocCoc\Update\CocCocUpdate.exe
Task: C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000UA.job => C:\Users\Luffy\AppData\Local\CocCoc\Update\CocCocUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-13 17:24 - 2015-11-05 18:51 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 15:09 - 2015-10-13 15:09 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-24 17:37 - 2014-09-05 22:39 - 00209408 _____ () C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
2015-12-16 18:28 - 2015-12-16 18:28 - 00409088 _____ () C:\Users\Luffy\Desktop\iWatchDVR.exe
2015-10-14 11:12 - 2013-12-22 13:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-10-14 11:12 - 2013-12-22 13:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-10-13 15:09 - 2015-10-13 15:09 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-01-01 14:40 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-01-01 14:40 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-01-01 14:40 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-01-01 14:40 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-01-01 14:40 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-11-26 17:28 - 2015-11-24 20:46 - 01532056 _____ () C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\46.2.2490.98\libglesv2.dll
2015-11-26 17:28 - 2015-11-24 20:46 - 00080536 _____ () C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\46.2.2490.98\libegl.dll
2015-11-26 17:28 - 2015-11-24 20:47 - 03620504 _____ () C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\46.2.2490.98\torrent.dll
2015-12-28 16:15 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\Luffy\AppData\Local\CocCoc\Browser\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll
2015-12-16 18:29 - 2015-12-16 18:29 - 01000960 _____ () C:\Users\Luffy\AppData\Roaming\{EC351E9C-0CD1-4459-9DA1-82BA5DC21729}\module\MayaRobot.dll.1.1.0.158-9C04B61CD6FABBD5CF226636A87570AC
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\61475415.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\61475415.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 09:34 - 2015-12-20 23:04 - 00000858 ____N C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3582788642-1754219851-881556053-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CocCoc => "C:\Users\Luffy\AppData\Local\CocCoc\Browser\Application\browser.exe" --auto-launch-at-startup
MSCONFIG\startupreg: CocCoc Update => "C:\Users\Luffy\AppData\Local\CocCoc\Update\CocCocUpdate.exe" /c
MSCONFIG\startupreg: iFunBox => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Viber => "C:\Users\Luffy\AppData\Local\Viber\Viber.exe" StartMinimized
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{73647683-A684-4674-B0DD-13AB0EF8A34F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C1D551C6-CAEA-4329-A6AA-2E965C3E3030}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{996A49CC-3C09-4BCD-812D-627B56935AA1}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{9FB151C6-43A9-4042-B7B2-FD6D3CAD9232}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{A0C715FB-2E6F-49D6-97C9-15C94ECABA20}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{F2143354-84A7-4D3D-89A2-6397E48B0B99}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [TCP Query User{9BB963F3-00BA-4DDB-90B5-3706428A68BE}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe
FirewallRules: [UDP Query User{5FE0BDD2-FE5A-4449-A7DE-B6A03E5C9B09}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe
FirewallRules: [TCP Query User{6BC5D4AB-89E2-4F64-836A-85AEFC8A960A}C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe] => (Allow) C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe
FirewallRules: [UDP Query User{D6E89EB8-8F02-4783-86CD-1AC3D45E8D21}C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe] => (Allow) C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe
FirewallRules: [{D4C4B397-0A89-4C59-AF14-11129900377D}] => (Allow) C:\Program Files\Chaos Group\V-Ray\3dsmax 2015 for x64\vrlservice.exe
FirewallRules: [{68A8F699-DF41-4785-89F2-CDA4955528A4}] => (Allow) C:\Program Files\Chaos Group\V-Ray\3dsmax 2015 for x64\vrlservice.exe
FirewallRules: [{C0EAA62A-D086-441E-8505-DEF6F47FF44E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0F52AF3A-90A3-436A-85CE-D32D3ABC3619}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F87FE9AE-7E03-4F1F-9761-78D5D763D203}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1B898100-3310-4B7A-87FB-4E59C78A5C08}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{3F7CD3D1-E40E-4A10-8697-AA0E3D2D52A8}C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe] => (Block) C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe
FirewallRules: [UDP Query User{A2FD3357-8E2E-499A-8AA3-5554E533A4A5}C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe] => (Block) C:\users\luffy\appdata\local\coccoc\browser\application\browser.exe
FirewallRules: [{561D53FD-315D-4BBE-B186-E596ECAB4788}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB057CDC-1C9E-4D7E-812E-489F7BC51E61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FE499E8F-5C5D-415D-9E68-B27724D8934C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B6325E96-6907-4BCC-8A74-AB3331790AC0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FCDEBCA9-1F14-43EC-BE98-969F86999EBF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1DFC71C4-C832-4864-A3C3-AD94A2044F74}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2442DFD5-4572-4479-BF66-7A9BC0BC82FB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{DF180706-F2D4-499A-BDEE-908330C25F1E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4227D90E-09D5-405A-AA04-D439158783DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7F9E87D2-CF3A-4D74-948E-6A6E789678C9}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [UDP Query User{0B52D6D3-6433-46FA-8A89-E111AB168075}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [TCP Query User{24609B10-4513-430C-92B0-E33ED10CC228}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{A0E2D484-DA5D-4EC2-A7FE-6125559B6D1C}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{F7309063-65F2-4EC3-B519-79671293BB75}E:\games\max payne 3\max payne 3\maxpayne3.exe] => (Allow) E:\games\max payne 3\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{E6D71989-7F2E-4F0B-9439-5294FE9231DB}E:\games\max payne 3\max payne 3\maxpayne3.exe] => (Allow) E:\games\max payne 3\max payne 3\maxpayne3.exe
FirewallRules: [{51053124-A08B-420D-91AA-E63656B3026B}] => (Block) E:\games\max payne 3\max payne 3\maxpayne3.exe
FirewallRules: [{1E4A8979-6255-4019-9A8B-D044999553AD}] => (Block) E:\games\max payne 3\max payne 3\maxpayne3.exe
FirewallRules: [{A57AB9FC-1217-4B5B-BD38-5F1908D522A5}] => (Block) E:\Games\max payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{2A303B63-B1A4-4E50-97A2-E255DCB1B116}] => (Block) E:\Games\max payne 3\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{6EB3FDB1-E162-4C10-8F9E-180771BE9A47}] => (Block) E:\Games\max payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{DAC438F3-C731-4202-9782-356BBAE22E11}] => (Block) E:\Games\max payne 3\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{CAA317D1-2FA8-4E2A-8D81-EA6B1F63C719}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{23EF1E44-23AC-4325-94B2-372832BFB323}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
31-12-2015 21:19:00 zoek.exe restore point
01-01-2016 11:03:25 Advanced System~Protector
02-01-2016 10:25:21 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/02/2016 02:03:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {f5c857c0-0864-441e-aae6-686280103311}
 
Error: (01/02/2016 01:09:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.2.0, time stamp: 0x53c9a9a0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56259271
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0x5e0
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
 
Error: (01/02/2016 01:09:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at ..(System.String, System.String, ., System.String)
   at ...ctor()
   at ..(.)
   at ..()
 
Error: (01/02/2016 01:09:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/02/2016 11:06:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.2.0, time stamp: 0x53c9a9a0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56259271
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0x7b0
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
 
Error: (01/02/2016 11:06:06 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at ..(System.String, System.String, ., System.String)
   at ...ctor()
   at ..(.)
   at ..()
 
Error: (01/02/2016 11:06:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/02/2016 11:04:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.2.0, time stamp: 0x53c9a9a0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56259271
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0x7ac
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
 
Error: (01/02/2016 11:04:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   at System.Management.ManagementObjectCollection+ManagementObjectEnumerator.MoveNext()
   at ..(System.String, System.String, ., System.String)
   at ...ctor()
   at ..(.)
   at ..()
 
Error: (01/02/2016 11:04:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (01/02/2016 01:09:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/02/2016 11:06:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/02/2016 11:03:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/02/2016 11:02:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/02/2016 10:17:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/01/2016 07:55:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/01/2016 07:04:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/01/2016 03:43:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/01/2016 02:25:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
Error: (01/01/2016 01:40:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The IP Helper service terminated with the following error: 
%%13
 
 
CodeIntegrity:
===================================
  Date: 2015-10-15 12:05:05.994
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-15 12:05:05.992
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-15 12:05:05.990
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-15 12:05:05.987
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-15 12:05:05.985
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-15 12:05:05.982
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-14 12:27:25.861
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-14 12:27:25.859
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-14 12:27:25.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-14 12:27:25.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 16367.24 MB
Available physical RAM: 12238.56 MB
Total Virtual: 32732.69 MB
Available Virtual: 27348.91 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:146.39 GB) (Free:46.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:683.59 GB) (Free:41.7 GB) NTFS
Drive e: () (Fixed) (Total:1032.94 GB) (Free:170.74 GB) NTFS
Drive f: (W7SP1AiO11iN1) (CDROM) (Total:3.92 GB) (Free:0 GB) UDF
Drive h: (GSP1RMCULFRER_EN_DVD) (Removable) (Total:30.23 GB) (Free:5.49 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 21CB6F27)
Partition 1: (Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1032.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 30.2 GB) (Disk ID: 0021BE00)
Partition 1: (Active) - (Size=30.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Attached Files


Edited by xXToffeeXx, 02 January 2016 - 06:50 AM.


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:02 PM

Posted 02 January 2016 - 06:30 AM

Welcome to Bleeping Computer's Malware Removal Logs area. My name is Sintharius. I will assist you with your problem.

Please allow me some time to look at your logs and I will be back with instructions.

#3 bebub2012

bebub2012
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 02 January 2016 - 07:24 AM

Hi Sintharius

 

Its such a great pleasure to be working with you ^^. Thank you for agreeing to help me. I am looking forward to hearing back from you soon ^^



#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:02 PM

Posted 02 January 2016 - 07:47 AM

Hello bebub2012,

The browser.exe processes are from your browser Cốc Cốc. As Cốc Cốc is a Chromium-based browser similar to Google Chrome, it is normal for it to have multiple processes running at the same time. This is normal behavior and not a sign of infection.

Please take note of the following.

:step1: Pirated software

Bleeping Computer does not allow the use of pirated software.

The practice of using keygenshacking toolscracking toolswareztorrents or any pirated software is not only considered illegal activity, but it is a serious security risk which can turn a computer into a virus honeypot or zombie.
 
When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible, and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.
 
If you want to read on then the full post is here.

===

:step2: Spybot S&D no longer recommended

I recommend that you uninstall Spybot Search & Destroy, as its performance is poor and the TeaTimer function is difficult to use.

Two excellent antimalware software are Emsisoft Anti-Malware and Malwarebytes Anti-Malware.

===

:step3: Uninstalling Programs

Click the Start orb on the taskbar, and then click the Control Panel button.
  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.
A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting Remove:

McAfee Security Scan Plus
DllTool 1.0


Additional instructions can be found here if needed.

If you run into any issues, please let me know.

===

:step4: Fix with Farbar Recovery Scan Tool
  • Move FRST from D:\soft\1\malware protection to your Desktop.
  • Please download the attached fixlist.txt and save it to your Desktop.
    Note: It's important that both FRST/FRST64.exe and fixlist.txt are in the same location or the fix will not work!
    WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system!
  • Run FRST/FRST64.exe and press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run.
  • When finished, FRST will generate a log named Fixlog.txt on the Desktop, please post it to your reply.


#5 bebub2012

bebub2012
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 02 January 2016 - 11:30 PM

Hi Sintharius ^^

 

I have followed your instructions and uninstalled Spybot S&D,  McAfee Security Scan Plus, and DllTool 1.0, and please have a look at my fixlog below ^^

 

Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Luffy (2016-01-03 11:27:23) Run:1
Running from C:\Users\Luffy\Desktop\New folder (2)
Loaded Profiles: Luffy & UpdatusUser (Available Profiles: Luffy & UpdatusUser & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKLM-x32\...\Run: [setup_info] => C:\Users\Luffy\AppData\Local\Temp\setup_info.exe /start <===== ATTENTION
Task: {26C501EF-1D34-485A-9950-F7A4958A4CFA} - \UpdateAdmin -> No File <==== ATTENTION
CHR HomePage: Default -> hxxp://www.mysites123.com/?type=hp&ts=1451569243&z=f03583ffb9209abbf9695e9gdz4w6g9w9q2t9oaz7c&from=amt&uid=wdcxwd2002faex-007ba0_wd-wmay0242621626216
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-01-01] ()
2016-01-01 13:45 - 2016-01-01 13:45 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Luffy\Desktop\SpyHunter-Installer.exe
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\setup_info => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26C501EF-1D34-485A-9950-F7A4958A4CFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26C501EF-1D34-485A-9950-F7A4958A4CFA}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateAdmin => key not found. 
Chrome HomePage => removed successfully
C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => not found.
EsgScanner => service removed successfully
C:\Users\Luffy\Desktop\SpyHunter-Installer.exe => moved successfully
 
==== End of Fixlog 11:27:23 ====


#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:02 PM

Posted 05 January 2016 - 08:51 AM

Hello bebub2012,

Do you have any problems left?

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.


#7 bebub2012

bebub2012
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 06 January 2016 - 09:12 AM

Hi Sintharius,

 

I have scanned my pc with ESET online scanner, and have cleaned 15 threats. By the way, I would like to ask you several questions if you do not mind ^^

 

1/ How do I know if my PC is clean or not now?

2/ If it is clean, can I use my backed up data again, how can I know if they are safe to use?

3/ Could you please suggest me what I should do to keep my PC safe from now on?

 

 

Thank you very much ^^



#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:02 PM

Posted 06 January 2016 - 04:57 PM

Hello bebub2012,

Please copy and paste the contents of the log from ESET Online Scanner here. You can find the log in C:\Program Files (x86)\ESET\Eset Online Scanner\ - the logfile is named log.txt.

To answer your second question, if you did not back up any executables (.exe, .com, .bat etc.) and other files that may carry malicious code (.js, .html etc.) then you should be fine.

Please create a new set of FRST logs for me - FRST.txt and Addition.txt so I can check your system to make sure it is clean. 

#9 bebub2012

bebub2012
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 07 January 2016 - 06:07 AM

Hi Sintharius,

 

Please have a look at my FRST and ESET Online Scanner logs 

 

Thank you ^^

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by Luffy (administrator) on LUFFY-PC (07-01-2016 17:55:26)
Running from D:\soft\1\malware protection
Loaded Profiles: Luffy & UpdatusUser (Available Profiles: Luffy & UpdatusUser & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Users\Luffy\AppData\Local\Viber\Viber.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
() C:\Users\Luffy\Desktop\iWatchDVR.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\plugin-nm-server.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248 2015-10-16] (Tonec Inc.)
HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)
HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [Viber] => C:\Users\Luffy\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\Run: [CocCoc Update] => "C:\Users\Luffy\AppData\Local\CocCoc\Update\CocCocUpdate.exe" /c
HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\MountPoints2: {47aa6f91-7192-11e5-8115-806e6f6e6963} - F:\setup.exe
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.8
Tcpip\..\Interfaces\{F5AF2EC0-CABB-43BD-9333-8EE780A6715B}: [DhcpNameServer] 192.168.1.8
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3582788642-1754219851-881556053-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-12-24] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-12-24] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-10-13] (Oracle Corporation)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-10-13] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll [2013-02-27] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-12-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll [2013-02-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-10-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-10-13] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-10-15] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-10-15] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-10-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-10-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-10-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-10-15] [not signed]
FF HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Luffy\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Luffy\AppData\Roaming\IDM\idmmzcc5 [2016-01-07] [not signed]
FF HKU\S-1-5-21-3582788642-1754219851-881556053-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-10-02]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-11-27]
CHR Extension: (Kaspersky Protection) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-10-16]
CHR Extension: (IDM Integration Module) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Luffy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-13]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-10-16]
CHR HKU\S-1-5-21-3582788642-1754219851-881556053-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-10-16]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-07-03] (Kaspersky Lab ZAO)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-02] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-07-03] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-07-03] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-07-03] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-07-03] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-07-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [831672 2015-10-16] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-07-03] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-07-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-07-03] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-07-03] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-07-03] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-07-03] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-10-16] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-07] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42600 2015-11-16] (Synaptics Incorporated)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-06 10:32 - 2016-01-06 10:32 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-06 10:31 - 2016-01-06 10:31 - 02870984 _____ (ESET) C:\Users\Luffy\Desktop\esetsmartinstaller_enu.exe
2016-01-05 20:43 - 2016-01-05 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telltale Games
2016-01-03 21:21 - 2016-01-03 21:21 - 37061669 _____ C:\Users\Luffy\Downloads\[hoho.vn] Móc túi nhanh nhất thế giới -)) không biết mấy chú ở bến xe buýt có phải đối -)).mp4
2016-01-03 20:27 - 2016-01-03 20:27 - 20193930 _____ C:\Users\Luffy\Downloads\[Noyyo.com]Girl xinh và hát đỉnh cover Payphone.mp4
2016-01-03 20:26 - 2016-01-03 20:26 - 13568068 _____ C:\Users\Luffy\Downloads\Hai chị em sinh đôi xinh đẹp hát hay gây sốt trên Youtube VNMON Com Giải Trí Trực Tuyến Miễn Phí.mp4
2016-01-03 09:58 - 2016-01-03 09:58 - 00000085 _____ C:\Windows\wininit.ini
2016-01-02 13:42 - 2016-01-02 13:42 - 00000760 _____ C:\Users\Luffy\Desktop\cbSetup.txt
2016-01-02 13:42 - 2016-01-02 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2016-01-02 13:42 - 2016-01-02 13:42 - 00000000 ____D C:\Program Files (x86)\Cobian Backup 11
2016-01-01 19:46 - 2016-01-01 19:49 - 00000000 ____D C:\KVRT_Data
2016-01-01 19:45 - 2016-01-01 19:46 - 95849800 _____ (Kaspersky Lab ZAO) C:\Users\Luffy\Desktop\KVRT.exe
2016-01-01 19:43 - 2016-01-01 19:43 - 11337112 _____ (SurfRight B.V.) C:\Users\Luffy\Desktop\HitmanPro_x64.exe
2016-01-01 19:39 - 2016-01-01 19:39 - 00224968 _____ (ESET) C:\Users\Luffy\Desktop\ESETPoweliksCleaner.exe
2016-01-01 15:12 - 2016-01-01 15:12 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\SUPERAntiSpyware.com
2016-01-01 15:11 - 2016-01-01 15:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-01 15:11 - 2016-01-01 15:11 - 00001808 _____ C:\Users\Luffy\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-01 15:11 - 2016-01-01 15:11 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-01-01 15:11 - 2016-01-01 15:11 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-01-01 14:48 - 2016-01-01 14:48 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-01 14:48 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-01-01 14:40 - 2016-01-03 09:59 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-01 14:40 - 2016-01-03 09:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-01 14:40 - 2016-01-01 14:40 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-01-01 14:36 - 2016-01-01 14:37 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Luffy\Desktop\spybot-2.4.exe
2016-01-01 14:08 - 2016-01-07 17:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-01 14:07 - 2016-01-01 14:26 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-01 14:07 - 2016-01-01 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-01 14:07 - 2016-01-01 14:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-01 14:07 - 2016-01-01 14:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-01 14:07 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-01 14:07 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-01 14:07 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-01 14:06 - 2016-01-01 14:07 - 22908888 _____ (Malwarebytes ) C:\Users\Luffy\Desktop\mbam-setup.exe
2016-01-01 13:51 - 2016-01-01 13:51 - 00000000 _____ C:\autoexec.bat
2016-01-01 13:46 - 2016-01-01 13:46 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-01-01 10:12 - 2016-01-01 14:24 - 00000000 ____D C:\Users\Luffy\AppData\Local\Systweak
2016-01-01 10:12 - 2016-01-01 13:48 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Systweak
2016-01-01 09:59 - 2016-01-01 09:59 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\CocCoc
2015-12-31 21:50 - 2016-01-05 21:03 - 00000000 ____D C:\Users\Luffy\Documents\Telltale Games
2015-12-31 21:45 - 2015-12-31 22:14 - 966787072 _____ C:\Users\Luffy\Desktop\TIAOVSFC - Reloaded ( Leon )_Up By Sky™.part4.rar
2015-12-31 21:41 - 2016-01-07 17:55 - 00000000 ____D C:\FRST
2015-12-31 21:40 - 2015-12-31 21:40 - 00000000 ____D C:\Users\Luffy\AppData\Local\VirtualStore
2015-12-31 21:35 - 2015-12-31 21:35 - 00000000 ____D C:\ProgramData\IDM
2015-12-31 21:32 - 2015-12-31 21:17 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-12-31 21:17 - 2015-12-31 21:29 - 00000000 ____D C:\zoek_backup
2015-12-31 21:01 - 2015-12-31 21:01 - 00000000 ____D C:\Windows\pss
2015-12-31 20:39 - 2015-12-31 20:39 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-31 20:39 - 2015-12-31 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-25 17:44 - 2015-12-25 17:44 - 00000000 ____D C:\Users\Luffy\Tracing
2015-12-25 17:20 - 2016-01-01 14:26 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-25 17:20 - 2015-12-25 17:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-25 17:20 - 2015-12-25 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-25 17:18 - 2015-12-25 17:18 - 00003140 _____ C:\Windows\System32\Tasks\{400FA59B-A012-4EA1-BC00-261484B561C1}
2015-12-24 12:30 - 2016-01-01 14:25 - 00001206 _____ C:\Users\Luffy\Desktop\SWXE.exe - Shortcut.lnk
2015-12-24 10:40 - 2016-01-01 14:26 - 00001060 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-24 10:40 - 2015-12-30 13:36 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\vlc
2015-12-24 10:40 - 2015-12-24 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-24 10:39 - 2015-12-24 10:39 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-12-24 10:29 - 2015-12-24 10:29 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Jubler
2015-12-24 10:28 - 2015-12-24 10:28 - 01092512 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-12-24 10:28 - 2015-12-24 10:28 - 00971680 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-12-24 10:28 - 2015-12-24 10:28 - 00311200 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-12-24 10:28 - 2015-12-24 10:28 - 00188832 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-12-24 10:28 - 2015-12-24 10:28 - 00188320 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-12-24 10:28 - 2015-12-24 10:28 - 00108448 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-12-24 10:28 - 2015-12-24 10:28 - 00000000 ____D C:\Users\Luffy\AppData\LocalLow\Sun
2015-12-24 10:28 - 2015-12-24 10:28 - 00000000 ____D C:\Program Files\Java
2015-12-24 10:27 - 2015-12-24 10:27 - 00001652 _____ C:\Users\UpdatusUser\Desktop\Jubler subtitle editor.lnk
2015-12-24 10:27 - 2015-12-24 10:27 - 00001652 _____ C:\Users\Administrator\Desktop\Jubler subtitle editor.lnk
2015-12-24 10:27 - 2015-12-24 10:27 - 00000000 ____D C:\Program Files\Jubler
2015-12-23 13:35 - 2016-01-01 14:26 - 00001776 _____ C:\Users\Public\Desktop\MKVToolNix GUI.lnk
2015-12-23 13:35 - 2015-12-23 13:35 - 00000000 ____D C:\Users\Luffy\AppData\Local\bunkus.org
2015-12-23 13:35 - 2015-12-23 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2015-12-23 13:35 - 2015-12-23 13:35 - 00000000 ____D C:\Program Files\MKVToolNix
2015-12-20 00:45 - 2015-12-20 03:25 - 117415822 _____ C:\Users\Luffy\Desktop\san go oamar.psd
2015-12-19 22:43 - 2016-01-03 11:27 - 00000000 ____D C:\Users\Luffy\Desktop\New folder (2)
2015-12-18 00:08 - 2015-12-18 00:08 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\MPC-HC
2015-12-16 19:31 - 2016-01-01 11:03 - 00000000 ____D C:\Program Files (x86)\EyeDefender
2015-12-16 19:07 - 2015-12-16 19:07 - 00262144 _____ C:\Windows\system32\config\elam
2015-12-16 18:29 - 2015-12-16 18:29 - 00000000 ____D C:\Users\Luffy\Documents\iWatchDVR for Windows
2015-12-16 18:29 - 2015-12-16 18:29 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\{EC351E9C-0CD1-4459-9DA1-82BA5DC21729}
2015-12-16 18:28 - 2015-12-16 18:28 - 00409088 _____ () C:\Users\Luffy\Desktop\iWatchDVR.exe
2015-12-16 17:53 - 2016-01-07 17:51 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-16 17:53 - 2016-01-07 12:58 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-16 17:53 - 2016-01-04 10:47 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-16 17:53 - 2015-12-16 17:53 - 00003980 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-16 17:53 - 2015-12-16 17:53 - 00003728 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-16 17:53 - 2015-12-16 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-16 17:52 - 2015-12-16 17:52 - 00927824 _____ (Google Inc.) C:\Users\Luffy\Downloads\ChromeSetup.exe
2015-12-16 17:37 - 2015-12-16 17:37 - 00003794 _____ C:\Windows\System32\Tasks\klcp_update
2015-12-16 17:36 - 2015-12-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-12-16 17:36 - 2015-12-16 17:36 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-12-16 17:36 - 2015-10-06 01:00 - 00126976 _____ C:\Windows\system32\ff_vfw.dll
2015-12-16 17:36 - 2015-10-06 01:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-12-16 17:36 - 2015-06-22 20:25 - 00254976 _____ C:\Windows\system32\xvidvfw.dll
2015-12-16 17:36 - 2015-06-22 20:25 - 00240128 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-12-16 17:36 - 2015-06-22 20:24 - 00729088 _____ C:\Windows\system32\xvidcore.dll
2015-12-16 17:36 - 2015-06-22 20:24 - 00655872 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-12-16 17:36 - 2015-02-28 22:22 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2015-12-16 17:36 - 2015-02-28 22:21 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2015-12-16 17:36 - 2012-07-21 17:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2015-12-16 17:36 - 2012-07-21 17:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-12-16 17:36 - 2011-12-08 00:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2015-12-16 17:36 - 2011-12-08 00:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2015-12-16 17:01 - 2015-12-16 17:40 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2015-12-16 17:01 - 2015-12-16 17:40 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Windows\Downloaded Installations
2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Luffy\REACHit
2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Luffy\AppData\Local\Lenovo
2015-12-16 17:01 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Luffy\AppData\Local\Downloaded Installations
2015-12-16 16:59 - 2015-12-31 21:34 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-16 16:59 - 2015-12-16 16:59 - 00000000 ____D C:\Users\Luffy\AppData\Local\Setup4156334
2015-12-16 16:54 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\DVRemoteDesktop
2015-12-15 11:22 - 2015-12-15 11:22 - 00000000 ____D C:\tempvideo
2015-12-14 17:49 - 2015-12-14 17:49 - 00000000 ____D C:\Users\Luffy\Documents\Rockstar Games
2015-12-09 14:39 - 2015-12-09 14:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-09 10:37 - 2015-11-12 04:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 10:37 - 2015-11-12 03:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 10:37 - 2015-11-12 01:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 10:37 - 2015-11-12 01:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 10:37 - 2015-11-12 01:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 10:37 - 2015-11-12 01:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 10:37 - 2015-11-11 23:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 10:37 - 2015-11-11 23:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 10:37 - 2015-11-11 22:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 10:37 - 2015-11-11 22:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 10:37 - 2015-11-11 22:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 10:37 - 2015-11-11 22:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 10:37 - 2015-11-11 21:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 10:37 - 2015-11-11 01:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 10:37 - 2015-11-11 01:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 10:37 - 2015-11-11 01:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 10:37 - 2015-11-11 01:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 10:37 - 2015-11-11 01:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 10:37 - 2015-11-11 00:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 10:37 - 2015-11-10 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 10:37 - 2015-11-10 07:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 10:37 - 2015-11-10 07:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 10:37 - 2015-11-10 07:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 10:37 - 2015-11-10 07:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 10:37 - 2015-11-10 07:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:37 - 2015-11-10 07:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 10:37 - 2015-11-10 07:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 10:37 - 2015-11-10 07:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 10:37 - 2015-11-10 07:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 10:37 - 2015-11-10 07:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 10:37 - 2015-11-10 07:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 10:37 - 2015-11-10 07:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 10:37 - 2015-11-10 06:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 10:37 - 2015-11-10 06:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 10:37 - 2015-11-10 06:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 10:37 - 2015-11-10 06:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 10:37 - 2015-11-10 06:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 10:37 - 2015-11-10 06:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 10:37 - 2015-11-10 06:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 10:37 - 2015-11-10 06:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 10:37 - 2015-11-10 06:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 10:37 - 2015-11-10 06:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 10:37 - 2015-11-10 06:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 10:37 - 2015-11-09 05:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 10:37 - 2015-11-09 05:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 10:37 - 2015-11-09 05:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 10:37 - 2015-11-09 05:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 10:37 - 2015-11-09 05:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 10:37 - 2015-11-09 05:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 10:37 - 2015-11-09 05:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 10:37 - 2015-11-09 05:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 10:37 - 2015-11-09 05:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 10:37 - 2015-11-09 05:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 10:37 - 2015-11-09 05:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 10:37 - 2015-11-09 05:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 10:37 - 2015-11-09 05:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 10:37 - 2015-11-09 05:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 10:37 - 2015-11-09 05:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 10:37 - 2015-11-09 05:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 10:37 - 2015-11-09 04:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 10:37 - 2015-11-09 04:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 10:37 - 2015-11-09 04:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 10:37 - 2015-11-09 04:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 10:37 - 2015-11-09 04:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 10:37 - 2015-11-09 04:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 10:37 - 2015-11-09 04:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 10:37 - 2015-11-09 04:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 10:37 - 2015-11-09 04:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 10:37 - 2015-11-09 04:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 10:37 - 2015-11-09 04:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 10:37 - 2015-11-09 04:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 10:37 - 2015-11-09 03:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 10:37 - 2015-11-09 03:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 10:37 - 2015-11-09 03:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 10:37 - 2015-11-06 02:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 10:37 - 2015-11-06 02:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 10:37 - 2015-11-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 10:37 - 2015-11-06 02:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 10:37 - 2015-11-05 16:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 10:37 - 2015-11-04 02:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 10:37 - 2015-11-04 01:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 10:36 - 2015-11-04 02:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 10:36 - 2015-11-04 01:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 21:12 - 2015-12-08 21:07 - 00000324 _____ C:\Users\Luffy\Documents\AutoHotkeyU64.ahk
2015-12-08 19:45 - 2015-12-08 19:46 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\DarkSoulsII
2015-12-08 19:45 - 2015-12-08 19:45 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Steam
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-07 17:54 - 2015-10-15 12:41 - 00001002 _____ C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000UA.job
2016-01-07 17:51 - 2015-10-23 10:35 - 00000000 ____D C:\Users\Luffy\Documents\ViberDownloads
2016-01-07 17:51 - 2015-10-23 10:34 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\ViberPC
2016-01-07 17:51 - 2015-10-13 19:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-07 17:50 - 2015-10-13 17:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-07 17:50 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-07 13:09 - 2015-10-20 19:19 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\DMCache
2016-01-07 12:26 - 2009-07-14 11:45 - 00041792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-07 12:26 - 2009-07-14 11:45 - 00041792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-07 10:41 - 2015-10-15 12:41 - 00000950 _____ C:\Windows\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000Core.job
2016-01-05 20:43 - 2009-07-14 12:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-05 20:37 - 2015-12-04 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2016-01-05 20:37 - 2015-12-04 21:20 - 00000000 ____D C:\Program Files (x86)\UltraISO
2016-01-04 10:51 - 2015-10-15 12:39 - 49881976 _____ (Coc Coc Co., Ltd.) C:\Users\Luffy\Downloads\coccoc_vi.exe
2016-01-04 10:50 - 2015-10-15 12:41 - 00003576 _____ C:\Windows\System32\Tasks\CocCocUpdateTaskUserS-1-5-21-3582788642-1754219851-881556053-1000Core
2016-01-03 09:58 - 2009-07-14 10:20 - 00000000 ____D C:\Windows
2016-01-02 13:28 - 2015-10-14 11:00 - 00000000 ____D C:\Program Files (x86)\VideoViewer
2016-01-02 10:50 - 2009-07-14 12:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-02 10:50 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\inf
2016-01-01 23:38 - 2015-10-13 17:33 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\Skype
2016-01-01 19:40 - 2015-10-20 19:19 - 00000000 ____D C:\Users\Luffy\AppData\Roaming\IDM
2016-01-01 19:04 - 2015-12-04 21:27 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-01-01 14:27 - 2015-10-13 17:12 - 00001389 _____ C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-01 14:26 - 2015-12-04 23:19 - 00000503 _____ C:\Users\Public\Desktop\Dragon Quest Heroes.lnk
2016-01-01 14:26 - 2015-11-23 17:54 - 00001850 _____ C:\Users\Public\Desktop\Apps.lnk
2016-01-01 14:26 - 2015-11-23 17:54 - 00001801 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-01-01 14:26 - 2015-11-01 11:19 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-01 14:26 - 2015-10-29 13:03 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-01 14:26 - 2015-10-29 12:58 - 00001050 _____ C:\Users\Public\Desktop\iFunbox.lnk
2016-01-01 14:26 - 2015-10-19 12:14 - 00001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
2016-01-01 14:26 - 2015-10-19 12:13 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2016-01-01 14:26 - 2015-10-19 12:13 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
2016-01-01 14:26 - 2015-10-19 12:12 - 00001539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2016-01-01 14:26 - 2015-10-19 12:12 - 00001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2016-01-01 14:26 - 2015-10-19 12:11 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-01-01 14:26 - 2015-10-16 21:14 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-01 14:26 - 2015-10-16 16:33 - 00001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-01-01 14:26 - 2015-10-16 16:33 - 00001025 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-01-01 14:26 - 2015-10-15 22:03 - 00002274 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-01-01 14:26 - 2015-10-14 11:20 - 00001960 _____ C:\Users\Public\Desktop\3ds Max 2015.lnk
2016-01-01 14:26 - 2015-10-13 17:10 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-01 14:26 - 2015-10-13 17:10 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-01-01 14:26 - 2009-07-14 11:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-01 14:26 - 2009-07-14 11:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-01-01 14:26 - 2009-07-14 11:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-01 14:26 - 2009-07-14 11:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-01 14:26 - 2009-07-14 11:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-01 14:25 - 2015-10-29 14:23 - 00000937 _____ C:\Users\Luffy\Desktop\One Finger Death Punch.lnk
2016-01-01 14:25 - 2015-10-23 10:34 - 00000956 _____ C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-01-01 14:25 - 2015-10-23 10:34 - 00000954 _____ C:\Users\Luffy\Desktop\Viber.lnk
2016-01-01 14:25 - 2015-10-19 12:15 - 00001125 _____ C:\Users\Luffy\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk
2016-01-01 14:25 - 2015-10-15 22:03 - 00002304 _____ C:\Users\Luffy\Desktop\An toàn giao dịch tài chính.lnk
2016-01-01 14:25 - 2015-10-14 11:00 - 00001067 _____ C:\Users\Luffy\AppData\Roaming\Microsoft\Windows\Start Menu\VideoViewer.lnk
2016-01-01 14:25 - 2015-10-14 11:00 - 00001043 _____ C:\Users\Luffy\Desktop\VideoViewer.lnk
2016-01-01 14:25 - 2009-07-14 12:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-01 14:25 - 2009-07-14 11:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-01 14:24 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system
2016-01-01 11:03 - 2015-10-20 19:19 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-01-01 09:50 - 2015-10-26 19:07 - 02259860 _____ C:\Windows\ntbtlog.txt
2015-12-31 21:50 - 2015-10-29 14:33 - 00000000 ____D C:\Users\Luffy\AppData\Local\SKIDROW
2015-12-31 21:29 - 2009-07-14 10:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-12-31 21:29 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-12-31 20:39 - 2015-10-14 10:58 - 00000000 ____D C:\Program Files\WinRAR
2015-12-31 20:34 - 2015-10-16 16:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-30 18:51 - 2015-10-24 04:40 - 00001123 _____ C:\Users\Luffy\Desktop\New Text Document.txt
2015-12-30 13:00 - 2015-10-20 19:19 - 00000000 ____D C:\Users\Luffy\Downloads\Compressed
2015-12-25 17:44 - 2015-10-13 17:12 - 00000000 ____D C:\Users\Luffy
2015-12-25 17:21 - 2015-10-13 17:28 - 00000000 ____D C:\ProgramData\Skype
2015-12-21 16:47 - 2009-07-14 12:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-12-18 14:52 - 2015-10-15 16:47 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 14:52 - 2015-10-15 16:47 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-16 17:53 - 2015-10-13 17:27 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-16 17:07 - 2015-10-13 17:26 - 00000000 ____D C:\Program Files (x86)\SAM CoDeC Pack
2015-12-15 17:39 - 2015-12-02 20:12 - 00000000 ____D C:\ProgramData\Origin
2015-12-10 12:37 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 18:53 - 2009-07-14 12:08 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-09 18:53 - 2009-07-14 11:45 - 05204312 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 14:46 - 2015-12-04 21:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-09 14:46 - 2015-10-13 18:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 14:45 - 2009-07-14 09:34 - 00000478 _____ C:\Windows\win.ini
2015-12-09 14:43 - 2015-12-04 23:59 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 14:39 - 2015-12-04 23:58 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 11:37 - 2010-11-21 14:17 - 00000000 ____D C:\Windows\ShellNew
 
==================== Files in the root of some directories =======
 
2015-11-08 01:54 - 2015-11-08 18:06 - 0000132 _____ () C:\Users\Luffy\AppData\Roaming\Adobe PNG Format CS5 Prefs
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-30 12:20
 
==================== End of FRST.txt ============================
 
 
 
 
 
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3d96aea2206e764c8f37d3db9645369b
# engine=27510
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-06 08:07:16
# local_time=2016-01-06 03:07:16 (+0700, SE Asia Standard Time)
# country="Vietnam"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 203697486 0 0
# scanned=535411
# found=15
# cleaned=15
# scan_time=16087
sh=F04AD8B2FA7C68A7A0CBF7F82B404BC4DA896364 ft=0 fh=0000000000000000 vn="a variant of Win32/DownloadAdmin.K potentially unwanted application (deleted)" ac=C fn="C:\Windows\Installer\2e7600f.msi"
sh=8AD154A330E17D65E037E571A26D76261272EE2D ft=1 fh=8dae261e10231aff vn="a variant of Win32/Wajam.AB potentially unwanted application (deleted)" ac=C fn="C:\zoek_backup\C_Program Files_WajaNetEn\WajaNetEnlibs\ndmuks.dll"
sh=FE79841687BA8A4AB4D0025C6069EEBA3F8E926E ft=1 fh=1c5751bce9da6ed0 vn="a variant of Win32/DownloadAdmin.K potentially unwanted application (deleted)" ac=C fn="C:\zoek_backup\C_Users_Luffy_AppData_Local_UpdateAdmin\UpdateAdmin.exe"
sh=73655FDB3F349A832A3E97FB991D6B22C5AE9D0D ft=0 fh=0000000000000000 vn="Win32/Packed.Autoit.C.Gen potentially unwanted application (deleted)" ac=C fn="D:\Games\RE5\TeknoGods_Beta15.rar"
sh=9E1ABB0D8CA0ABDE32B74BDE8C2FF57E999E0392 ft=1 fh=d65a9b1c60491525 vn="Win32/Packed.Autoit.C.Gen potentially unwanted application (deleted)" ac=C fn="D:\Games\RE5\TeknoGods_Beta15\teknohelper.exe"
sh=1A6CE3F9F3D47D6C9D4B8A5F95C484C7564F29C6 ft=1 fh=9cd345978110c310 vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application (deleted)" ac=C fn="D:\soft\BitTorrent.exe"
sh=4B547988BE8E5DFC7F12C71B7C2BDB5C525BD776 ft=1 fh=72a855da861fad6a vn="Win32/Qhost trojan (cleaned by deleting)" ac=C fn="D:\soft\6.12_build_11\IDM 6.12 build 11 silent Plus.exe"
sh=6B9ABDA95B20C19FF28B230F02EB83BFD6147384 ft=1 fh=88c496c48202b3a8 vn="a variant of Win32/HackTool.Crack.DM trojan (cleaned by deleting)" ac=C fn="D:\soft\Deamon Tools Advanced\Deamon Tools\DAEMON Tools Pro Advanced v5.2.0.0348 (2-click run)(registered).exe"
sh=EECDC949B647DB0E5C67FEF139AE0606CF82E72A ft=1 fh=ce1ddac852c49e72 vn="Win32/Qhost trojan (cleaned by deleting)" ac=C fn="D:\soft\IDM 6.11 build 8 Plus\IDM 6.11 build 8 silent Plus.exe"
sh=F1F736DE0ABC9385B36C77BDF4C28B6BDA8ACAA4 ft=1 fh=4d2bfa5a4ea14300 vn="MSIL/TrojanClicker.Agent.NIZ trojan (cleaned by deleting)" ac=C fn="E:\setupTW13.exe"
sh=F1F736DE0ABC9385B36C77BDF4C28B6BDA8ACAA4 ft=1 fh=4d2bfa5a4ea14300 vn="MSIL/TrojanClicker.Agent.NIZ trojan (cleaned by deleting)" ac=C fn="E:\1\setupTW13.exe"
sh=F1F736DE0ABC9385B36C77BDF4C28B6BDA8ACAA4 ft=1 fh=4d2bfa5a4ea14300 vn="MSIL/TrojanClicker.Agent.NIZ trojan (cleaned by deleting)" ac=C fn="E:\Games\bns taiwan backup\mod\eng patch\setupTW13.exe"
sh=13CE675D8B1D5266FA12E164A6176E80515E31CD ft=1 fh=4d2bfa5aea611213 vn="MSIL/TrojanClicker.Agent.NIZ trojan (cleaned by deleting)" ac=C fn="E:\Games\bns taiwan backup\mod\eng patch\setupTW14a.exe"
sh=82DE9003DB42D46523B2960FC101B41A3FF63AC7 ft=1 fh=4d2bfa5a536d7ea1 vn="MSIL/TrojanClicker.Agent.NIZ trojan (cleaned by deleting)" ac=C fn="E:\Games\bns taiwan backup\mod\eng patch\setupTW14b.exe"
sh=DEA589179ABD7A6E30459F2ABF111D2EB6C3C9A7 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan (deleted)" ac=C fn="E:\Games\max payne 3\New folder\Max.Payne.3.Update.v1.0.0.22-RELOADED.rar"
 

 

Attached Files



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:02 PM

Posted 07 January 2016 - 01:22 PM

Hello bebub2012,

Your computer is clean  :thumbup2:

Please run one last tool to clean things up, and you are good to go.

Download DelFix from here and save it to your Desktop.
  • Close all running programs and start DelFix.
  • Make sure all available options are checked.
  • Click Run.
  • DelFix will remove the most of the tools used during the cleaning process, purge all system restore points and create a new one, activate UAC (if you have it disabled) and restore settings changed by malware removal tools.
You can uninstall ESET Online Scanner from Programs and Features in Control Panel.

Please be noted that cracked software is one of the most common sources of malware infections - I recommend that you refrain from the use of pirated software to prevent future infections.

Safe computing practices

Best Practices for Safe Computing - Prevention of Malware Infection
How Malware Spreads - How did I get infected
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

Please reply to this thread one more time so it can be closed. It has been a pleasure to help. 

#11 bebub2012

bebub2012
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 08 January 2016 - 08:31 AM

Hi Sintharius,

 

I am very glad to know that my PC is clean now. It is all thanks to your kindness and thoughtful support ^^. Would you please tell me which security program I should use to keep my PC clean and prevent malware infections? Right now Im using only KIS 2015 ^^

 

Thank you Sintharius. You are always the best heroic in my heart ^^



#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:02 PM

Posted 10 January 2016 - 02:35 PM

Hello bebub2012,

That depends on whether you wish to use something with real-time protection or only for on-demand scanning.

If you wish to use an on-demand scanner, I recommend Emsisoft Anti-Malware, its portable version Emsisoft Emergency Kit or Malwarebytes Anti-Malware.

The free versions of EAM and MBAM do not offer real-time protection and will not conflict with Kaspersky Internet Security.

If you want real-time protection then I recommend the paid version of Malwarebytes Anti-Malware. It is best to add exclusions for MBAM into KIS and vice versa, to reduce the chance of possible conflicts.

Do you have any other questions? 



#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,027 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:07:02 PM

Posted 14 January 2016 - 04:06 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users