Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows ten displays incorrect time + Spybot S&D issues


  • This topic is locked This topic is locked
28 replies to this topic

#1 raielschwartz

raielschwartz

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 06 March 2016 - 04:50 PM

The time on my windows ten is incorrect and even after syncing it with Microsoft or government sources,

a few hours later it goes back to being the incorrect time again.

 

Not sure if this is a Motherboard issue or MALWARE which is why my FRST txt is in here. 

 

Last but not Least Spybot S&D keeps on getting stuck on this file 'Zlob.ZipCodec'

have even put my system on safe mode and this did not fix this issue

and have reinstalled spybot and this did not fix the issue as well,

as such are there any suggestions fur me to fix this?

 

spybut.png

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Raiel (administrator) on GAMINGPC (06-03-2016 12:08:54)
Running from C:\Users\Raiel\Downloads
Loaded Profiles: Raiel (Available Profiles: Raiel)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Windows\System32\PnkBstrA.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Flux Software LLC) C:\Users\Raiel\AppData\Local\FluxSoftware\Flux\flux.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
() C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
() C:\Users\Raiel\Downloads\RogueKiller.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2016-02-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2014-02-13] (RealNetworks, Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe [3353472 2012-09-17] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EaseUS TB Tray Agent] => C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [253992 2014-12-15] ()
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-27] (Power Software Ltd)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3113168 2012-12-27] (DT Soft Ltd)
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [f.lux] => C:\Users\Raiel\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [Google Update] => C:\Users\Raiel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-07-28] (Google Inc.)
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [Upwork] => C:\Program Files (x86)\Upwork\upwork.exe
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Run: [GoogleChromeAutoLaunch_E3A7435AB1C2792E910E2113AA604E8F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-17] (Google Inc.)
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\RunOnce: [Uninstall C:\Users\Raiel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Raiel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\MountPoints2: {0c6ef48d-9509-11e3-8253-240a649fb020} - "J:\setup.exe" 
IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} =>  No File
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} =>  No File
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2016-02-10]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\Raiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_71167571.lnk [2014-03-19]
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{819c0541-4b91-4a62-b806-ad750c7e8e5b}: [DhcpNameServer] 10.1.0.1
Tcpip\..\Interfaces\{d7f72e0e-ac21-41b0-93fc-61bd3afc0c25}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e32c68b5-af17-4850-a195-714e185ee2e1}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1426893082-392233631-795411858-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKU\S-1-5-21-1426893082-392233631-795411858-1001 -> {FB097D5F-5884-4B29-BE13-9DA243EA7970} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-11] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-11] (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2014-02-13] (RealPlayer)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1426893082-392233631-795411858-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-11] (Adobe Systems Incorporated)
IE Session Restore: HKU\S-1-5-21-1426893082-392233631-795411858-1001 -> is enabled.
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-09-14] (Microsoft Corporation)
 
Edge: 
======
Edge Session Restore: HKU\S-1-5-21-1426893082-392233631-795411858-1001 -> is enabled.
 
FireFox:
========
FF ProfilePath: C:\Users\Raiel\AppData\Roaming\Mozilla\Firefox\Profiles\CpT9AeF0.default
FF DefaultSearchEngine.US: Yahoo Web
FF Homepage: hxxps://www.yahoo.com/?type=orcl_hpset
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-14] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-09-14] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-02-13] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2014-02-13] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2014-02-13] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2014-02-13] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-02-13] (RealPlayer)
FF Plugin-x32: @stamps.com/Web client plug-in,version=1.1.0.41 -> C:\Program Files (x86)\Stamps.com Web Postage Plug-in\npsdcwc.dll [2012-06-12] (Stamps.com, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [No File]
FF Plugin HKU\S-1-5-21-1426893082-392233631-795411858-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Raiel\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-10] (Citrix Online)
FF Plugin HKU\S-1-5-21-1426893082-392233631-795411858-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Raiel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1426893082-392233631-795411858-1001: @talk.google.com/O1DPlugin -> C:\Users\Raiel\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1426893082-392233631-795411858-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1426893082-392233631-795411858-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1426893082-392233631-795411858-1001: SkypePlugin -> C:\Users\Raiel\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1426893082-392233631-795411858-1001: SkypePlugin64 -> C:\Users\Raiel\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi-x64.dll [2015-08-02] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Users\Raiel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Raiel\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Raiel\AppData\Roaming\Mozilla\Firefox\Profiles\CpT9AeF0.default\searchplugins\yahoo-ysp.xml [2015-11-14]
FF Extension: Greasemonkey - C:\Users\Raiel\AppData\Roaming\Mozilla\Firefox\Profiles\CpT9AeF0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-02-23]
FF Extension: Avira Browser Safety - C:\Users\Raiel\AppData\Roaming\Mozilla\Firefox\Profiles\CpT9AeF0.default\Extensions\abs@avira.com [2016-02-23]
FF Extension: Facebook Activity Remover - C:\Users\Raiel\AppData\Roaming\Mozilla\Firefox\Profiles\CpT9AeF0.default\Extensions\jid1-UMoDIxlsdcI10g@jetpack.xpi [2015-08-20]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-02-13] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-09-19] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.dregol.com/?f=7&a=drg_camstd_15_27&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyC0B0AtBtD0E0EyC0B0B0EtN0D0Tzu0StCtByByCtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyE0D0ByDzzzyzz0BtGyEtA0BtAtGyDtDzytCtGyEtB0E0FtG0F0F0C0EtDzytCtB0F0DtD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyD0FtB0ByB0ByCtGyEtDyC0EtGyEzz0C0EtG0A0FyD0FtGtA0FyCzyzz0CyBtBtA0EzzyC2QtN0A0LzutB&cr=439256849&ir="
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2016-02-20]
CHR Extension: (Google Docs) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Viral Autobot Downloader) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcimbcopnpdidoifpjilchikkmihjhac [2015-12-21]
CHR Extension: (Skype Calling) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Webpage Screenshot) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-10]
CHR Extension: (FB Pixel Helper) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2016-01-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Unlimited Free VPN - Betternet) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-01-03]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2016-03-05]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-06]
CHR Extension: (Crowdfire) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgnbklefkgedfbpjebhjgibfnobjcbli [2016-02-24]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-02-04]
CHR Extension: (Invite All) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfiadggaijonhadndemaccnilcmnljah [2016-01-08]
CHR Extension: (Google Hangouts) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-03-01]
CHR Extension: (ShopifyFD Dashboard Tool) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lffljkleilfpjlmcdnoaghhcbnemelge [2016-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Facebook - Delete My Timeline) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olpgdigakalagbnckjmnhajofccbbeaf [2016-03-05]
CHR Extension: (Proxy SwitchyOmega) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\padekgcemlokbadohgkifijomclgjgif [2015-09-08]
CHR Extension: (SpeakIt!) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2016-03-01]
CHR Extension: (Gmail) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-04]
CHR Extension: (YouTube) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04]
CHR Extension: (Rapidshare Search) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnpknjpagfelehbhidjlncbeflglfigc [2015-02-04] [UpdateUrl: hxxp://alinovtrip.php5.com/chrome/updates.xml] <==== ATTENTION
CHR Extension: (Google Search) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-04]
CHR Extension: (Axure RP Extension for Chrome) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dogkpdfcklifaemcdfbildhcofnopogp [2015-02-04]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-20]
CHR Extension: (Google Sheets) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-02-04]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-02-04]
CHR Extension: (Google Wallet) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-04]
CHR Extension: (Gmail) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-02-13]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-07-31] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-02-13] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122888 2015-06-22] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-16] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-16] (Dropbox, Inc.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-08-04] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-05] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-14] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2016-02-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-10-28] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307576 2015-10-28] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-02-22] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2013-01-08] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R2 AsRamDisk; C:\Windows\system32\DRIVERS\asramdisk.sys [106296 2013-04-09] (Asus)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-13] ()
S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [27392 2013-03-28] (MCCI Corporation)
S3 asusvad_micarray; C:\Windows\system32\drivers\vmic_x64.sys [38712 2013-02-27] (ASUS SZ provider)
U5 ASUSxpsp; C:\Windows\System32\Drivers\ASUSxpsp.sys [28416 2013-03-28] (MCCI Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [260528 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S3 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [21456 2012-12-20] (Olof Lagerkvist)
S3 AX88179; C:\Windows\System32\drivers\ax88179_178a.sys [81576 2015-07-29] (ASIX Electronics Corp.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1074472 2015-06-22] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [42792 2015-06-22] (Creative Technology Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-02-13] (DT Soft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [38216 2016-02-10] (SoftEther Corporation)
S3 Neo_VPN2; C:\Windows\System32\drivers\Neo6_x64_VPN2.sys [38224 2016-02-10] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [51024 2016-02-10] (SoftEther Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-03-06] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-06 12:08 - 2016-03-06 12:09 - 00056053 _____ C:\Users\Raiel\Downloads\FRST.txt
2016-03-06 12:06 - 2016-03-06 12:08 - 00000000 ____D C:\FRST
2016-03-06 11:50 - 2016-03-06 11:50 - 00002409 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-03-06 11:50 - 2016-03-06 11:50 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\LavasoftStatistics
2016-03-06 11:50 - 2016-03-06 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-03-06 11:50 - 2016-03-06 11:50 - 00000000 ____D C:\Program Files\Lavasoft
2016-03-06 11:49 - 2016-03-06 11:49 - 00000000 ____D C:\ProgramData\Lavasoft
2016-03-06 11:49 - 2016-03-06 11:49 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2016-03-06 11:44 - 2016-03-06 11:44 - 00003073 _____ C:\Users\Raiel\Desktop\JRT.txt
2016-03-06 11:43 - 2016-03-06 11:51 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-03-06 11:43 - 2016-03-06 11:43 - 20956744 _____ C:\Users\Raiel\Downloads\RogueKiller.exe
2016-03-06 11:43 - 2016-03-06 11:43 - 01609216 _____ (Malwarebytes) C:\Users\Raiel\Downloads\JRT.exe
2016-03-06 11:43 - 2016-03-06 11:43 - 00000000 ____D C:\ProgramData\RogueKiller
2016-03-06 11:42 - 2016-03-06 11:45 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-06 11:42 - 2016-03-06 11:42 - 01524224 _____ C:\Users\Raiel\Downloads\AdwCleaner.exe
2016-03-06 11:39 - 2016-03-06 11:39 - 02374144 _____ (Farbar) C:\Users\Raiel\Downloads\FRST64.exe
2016-03-05 20:55 - 2016-03-05 20:55 - 00451385 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160305-205522.backup
2016-03-05 20:55 - 2016-01-15 23:52 - 00451152 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160305-205503.backup
2016-03-05 20:49 - 2016-03-05 20:49 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-03-05 20:49 - 2016-03-05 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-05 20:49 - 2016-03-05 20:47 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-03-05 20:49 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2016-03-05 20:46 - 2016-03-05 20:46 - 00252712 _____ C:\WINDOWS\ntbtlog.txt
2016-03-05 20:46 - 2016-03-05 20:46 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-03-05 20:46 - 2016-03-05 20:46 - 00000000 ___HD C:\OneDriveTemp
2016-03-05 14:14 - 2016-03-05 14:14 - 06947265 _____ C:\Users\Raiel\Downloads\kickingthehabit.zip
2016-03-05 06:18 - 2016-03-05 06:18 - 00031016 _____ C:\Users\Raiel\Downloads\PRODUCTS 1-18 Descriptions.xlsx
2016-03-04 21:05 - 2016-03-04 21:05 - 00000132 _____ C:\Users\Raiel\AppData\Roaming\Adobe GIF Format CS6 Prefs
2016-03-03 16:46 - 2016-03-03 16:46 - 00228614 _____ C:\Users\Raiel\Downloads\Luvurcats_1457041573.zip
2016-03-03 16:14 - 2016-03-04 21:10 - 00000000 ____D C:\Users\Raiel\Desktop\___
2016-03-03 15:12 - 2016-03-03 15:12 - 01311786 _____ C:\Users\Raiel\Downloads\listing.sample.zip
2016-03-03 15:12 - 2016-03-03 15:12 - 00000000 ____D C:\Users\Raiel\Downloads\listing.sample
2016-03-01 20:09 - 2016-03-01 20:09 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-03-01 20:09 - 2016-02-23 14:59 - 00111672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-03-01 20:08 - 2016-02-23 18:57 - 42983480 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 37616184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 24944064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 21201784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 20742072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 17631304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 17224472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 17117128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 02541504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436200.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436200.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00950328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00880576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00747064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00541184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00445912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00383424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00378968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00346560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-03-01 20:08 - 2016-02-23 18:57 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-03-01 17:54 - 2016-03-01 17:54 - 00298802 _____ C:\Users\Raiel\Downloads\portion_control_containers_-_ebook.pdf
2016-03-01 16:31 - 2016-02-23 06:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-01 16:31 - 2016-02-23 06:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-01 16:31 - 2016-02-23 06:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-01 16:31 - 2016-02-23 06:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 16:31 - 2016-02-23 06:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-01 16:31 - 2016-02-23 06:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-01 16:31 - 2016-02-23 06:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-01 16:31 - 2016-02-23 06:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-01 16:31 - 2016-02-23 06:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-01 16:31 - 2016-02-23 06:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-01 16:31 - 2016-02-23 06:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-01 16:31 - 2016-02-23 06:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-01 16:31 - 2016-02-23 05:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-01 16:31 - 2016-02-23 05:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-01 16:31 - 2016-02-23 05:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 16:31 - 2016-02-23 05:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 16:31 - 2016-02-23 05:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-01 16:31 - 2016-02-23 05:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 16:31 - 2016-02-23 05:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 16:31 - 2016-02-23 05:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 16:31 - 2016-02-23 05:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-01 16:31 - 2016-02-23 05:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 16:31 - 2016-02-23 05:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-01 16:31 - 2016-02-23 05:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 16:31 - 2016-02-23 05:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-01 16:31 - 2016-02-23 05:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 16:31 - 2016-02-23 05:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-01 16:31 - 2016-02-23 05:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-01 16:31 - 2016-02-23 05:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-01 16:31 - 2016-02-23 04:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-01 16:31 - 2016-02-23 04:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-01 16:31 - 2016-02-23 04:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-01 16:31 - 2016-02-23 04:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-01 16:31 - 2016-02-23 04:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-01 16:31 - 2016-02-23 04:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 16:31 - 2016-02-23 04:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-01 16:31 - 2016-02-23 04:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-01 16:31 - 2016-02-23 04:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-01 16:31 - 2016-02-23 04:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-01 16:31 - 2016-02-23 04:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-01 16:31 - 2016-02-23 04:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-01 16:31 - 2016-02-23 04:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 16:31 - 2016-02-23 04:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-01 16:31 - 2016-02-23 04:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-01 16:31 - 2016-02-23 04:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-01 16:31 - 2016-02-23 04:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 16:31 - 2016-02-23 04:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-01 16:31 - 2016-02-23 04:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 16:31 - 2016-02-23 04:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 16:31 - 2016-02-23 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-01 16:31 - 2016-02-23 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-01 16:31 - 2016-02-23 03:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 16:31 - 2016-02-23 03:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-01 16:31 - 2016-02-23 03:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 16:31 - 2016-02-23 03:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 16:31 - 2016-02-23 03:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 16:31 - 2016-02-23 03:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-01 16:31 - 2016-02-23 03:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 16:31 - 2016-02-23 03:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 16:31 - 2016-02-23 03:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 16:31 - 2016-02-23 03:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-01 16:31 - 2016-02-23 03:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 16:31 - 2016-02-23 03:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 16:31 - 2016-02-23 03:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-01 16:31 - 2016-02-23 03:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-01 16:31 - 2016-02-23 03:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 16:31 - 2016-02-23 03:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 16:31 - 2016-02-23 03:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 16:31 - 2016-02-23 03:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-01 16:31 - 2016-02-23 03:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 16:31 - 2016-02-23 03:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-01 16:31 - 2016-02-23 03:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 16:31 - 2016-02-23 03:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-01 16:31 - 2016-02-23 03:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-01 16:31 - 2016-02-23 03:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 16:31 - 2016-02-23 03:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-01 16:31 - 2016-02-23 03:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-01 16:31 - 2016-02-23 03:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 16:31 - 2016-02-23 03:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 16:31 - 2016-02-23 03:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-01 16:31 - 2016-02-23 03:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-01 16:31 - 2016-02-23 03:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-01 16:31 - 2016-02-23 03:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-01 16:31 - 2016-02-23 03:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 16:31 - 2016-02-23 03:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 16:31 - 2016-02-23 03:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 16:31 - 2016-02-23 03:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-01 16:31 - 2016-02-23 02:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 16:31 - 2016-02-23 02:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 16:31 - 2016-02-23 02:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 16:31 - 2016-02-23 02:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 16:31 - 2016-02-23 02:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-01 16:31 - 2016-02-23 02:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-01 16:31 - 2016-02-23 02:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-01 16:31 - 2016-02-23 02:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-01 16:31 - 2016-02-23 02:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-01 16:31 - 2016-02-23 02:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 16:31 - 2016-02-23 02:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-01 16:31 - 2016-02-23 02:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-01 16:31 - 2016-02-23 02:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-01 16:31 - 2016-02-23 02:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-01 16:31 - 2016-02-23 02:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-01 16:31 - 2016-02-23 02:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-01 16:31 - 2016-02-23 02:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 16:31 - 2016-02-23 02:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-01 16:31 - 2016-02-23 02:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-01 16:31 - 2016-02-23 02:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-01 16:31 - 2016-02-23 02:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 16:31 - 2016-02-23 02:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-01 16:31 - 2016-02-23 02:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-01 16:31 - 2016-02-23 02:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-01 16:31 - 2016-02-23 02:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-01 16:31 - 2016-02-23 02:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-01 16:31 - 2016-02-23 02:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 16:31 - 2016-02-23 02:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 16:31 - 2016-02-23 02:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 16:31 - 2016-02-23 02:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 16:31 - 2016-02-23 02:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-01 16:31 - 2016-02-23 01:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-01 16:31 - 2016-02-23 01:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-01 16:31 - 2016-02-23 01:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-01 16:31 - 2016-02-23 01:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-01 16:31 - 2016-02-23 01:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-01 16:31 - 2016-02-23 01:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-01 16:31 - 2016-02-23 01:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-01 16:31 - 2016-02-23 01:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-01 16:31 - 2016-02-23 01:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-01 16:31 - 2016-02-23 01:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 16:31 - 2016-02-23 01:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 16:31 - 2016-02-23 01:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-01 16:31 - 2016-02-23 01:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-01 16:31 - 2016-02-23 01:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 16:31 - 2016-02-23 01:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-01 16:31 - 2016-02-23 01:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-01 16:31 - 2016-02-23 01:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-01 16:31 - 2016-02-23 01:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-01 16:31 - 2016-02-23 01:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-01 16:31 - 2016-02-23 01:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-01 16:31 - 2016-02-23 01:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-01 16:31 - 2016-02-23 01:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-01 16:31 - 2016-02-23 01:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-01 16:31 - 2016-02-23 01:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-01 16:31 - 2016-02-23 01:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-01 16:31 - 2016-02-08 22:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 16:31 - 2016-02-08 22:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-01 16:31 - 2016-02-08 22:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-01 16:31 - 2016-02-08 22:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-01 16:30 - 2016-02-23 06:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-01 16:30 - 2016-02-23 06:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-01 16:30 - 2016-02-23 06:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-01 16:30 - 2016-02-23 05:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-01 16:30 - 2016-02-23 05:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-01 16:30 - 2016-02-23 05:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-01 16:30 - 2016-02-23 05:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-01 16:30 - 2016-02-23 04:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-01 16:30 - 2016-02-23 04:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-01 16:30 - 2016-02-23 04:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-01 16:30 - 2016-02-23 04:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-01 16:30 - 2016-02-23 04:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-01 16:30 - 2016-02-23 04:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-01 16:30 - 2016-02-23 04:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-01 16:30 - 2016-02-23 04:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-01 16:30 - 2016-02-23 04:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-01 16:30 - 2016-02-23 04:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 16:30 - 2016-02-23 04:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 16:30 - 2016-02-23 04:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 16:30 - 2016-02-23 04:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 16:30 - 2016-02-23 04:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 16:30 - 2016-02-23 04:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-01 16:30 - 2016-02-23 04:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 16:30 - 2016-02-23 04:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-01 16:30 - 2016-02-23 03:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-01 16:30 - 2016-02-23 03:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-01 16:30 - 2016-02-23 03:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-01 16:30 - 2016-02-23 03:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-01 16:30 - 2016-02-23 03:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-01 16:30 - 2016-02-23 03:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-01 16:30 - 2016-02-23 03:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-03-01 16:30 - 2016-02-23 03:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-01 16:30 - 2016-02-23 03:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 16:30 - 2016-02-23 03:51 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-03-01 16:30 - 2016-02-23 03:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 16:30 - 2016-02-23 03:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-01 16:30 - 2016-02-23 03:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 16:30 - 2016-02-23 03:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-01 16:30 - 2016-02-23 03:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 16:30 - 2016-02-23 03:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 16:30 - 2016-02-23 03:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 16:30 - 2016-02-23 03:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 16:30 - 2016-02-23 03:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 16:30 - 2016-02-23 03:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-01 16:30 - 2016-02-23 03:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-01 16:30 - 2016-02-23 03:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-01 16:30 - 2016-02-23 03:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-01 16:30 - 2016-02-23 03:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 16:30 - 2016-02-23 03:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 16:30 - 2016-02-23 03:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-01 16:30 - 2016-02-23 03:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-01 16:30 - 2016-02-23 03:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 16:30 - 2016-02-23 03:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 16:30 - 2016-02-23 03:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-01 16:30 - 2016-02-23 03:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-03-01 16:30 - 2016-02-23 03:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-01 16:30 - 2016-02-23 03:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-01 16:30 - 2016-02-23 03:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-01 16:30 - 2016-02-23 03:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-01 16:30 - 2016-02-23 03:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-01 16:30 - 2016-02-23 03:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-01 16:30 - 2016-02-23 02:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 16:30 - 2016-02-23 02:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 16:30 - 2016-02-23 02:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-01 16:30 - 2016-02-23 02:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-01 16:30 - 2016-02-23 02:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-01 16:30 - 2016-02-23 02:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-01 16:30 - 2016-02-23 02:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-01 16:30 - 2016-02-23 02:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-01 16:30 - 2016-02-23 02:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-01 16:30 - 2016-02-23 02:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 16:30 - 2016-02-23 02:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-01 16:30 - 2016-02-23 02:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-01 16:30 - 2016-02-23 02:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 16:30 - 2016-02-23 02:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-01 16:30 - 2016-02-23 02:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-01 16:30 - 2016-02-23 02:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-01 16:30 - 2016-02-23 01:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 16:30 - 2016-02-23 01:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-01 16:30 - 2016-02-08 23:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-01 16:30 - 2016-02-08 23:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-01 16:30 - 2016-02-08 22:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 16:30 - 2016-02-08 22:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-02-29 13:18 - 2016-02-29 13:18 - 00008010 _____ C:\Users\Raiel\Downloads\WishloopWP.zip
2016-02-29 13:13 - 2016-02-29 13:16 - 05259760 _____ C:\Users\Raiel\Downloads\KeywordResearchNinja.zip
2016-02-29 13:13 - 2016-02-29 13:13 - 00240832 _____ C:\Users\Raiel\Downloads\YourPerfectNiche.pdf
2016-02-29 13:08 - 2016-02-29 13:08 - 00001711 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2016-02-29 13:08 - 2016-02-29 13:08 - 00000000 ____D C:\Program Files\Shotcut
2016-02-29 13:03 - 2016-02-29 13:03 - 00001352 _____ C:\Users\Raiel\Desktop\SEO Harvester Jeet.lnk
2016-02-29 13:03 - 2016-02-29 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEO Harvester Jeet
2016-02-29 13:03 - 2016-02-29 13:03 - 00000000 ____D C:\Program Files (x86)\Teknikforce
2016-02-28 21:15 - 2016-02-28 21:15 - 00070718 _____ C:\Users\Raiel\Downloads\FlipClock-master.zip
2016-02-28 21:15 - 2016-02-28 21:15 - 00000000 ____D C:\Users\Raiel\Downloads\FlipClock-master
2016-02-27 15:40 - 2016-02-27 15:40 - 00031908 _____ C:\Users\Raiel\Downloads\LUVURCATS PRODUCT.xlsx
2016-02-27 15:15 - 2016-02-27 15:15 - 00001294 _____ C:\Users\Public\Desktop\Time Doctor Lite.lnk
2016-02-27 15:15 - 2016-02-27 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Time Doctor Lite
2016-02-27 15:15 - 2016-02-27 15:15 - 00000000 ____D C:\Program Files (x86)\TimeDoctorLite
2016-02-27 15:14 - 2016-02-27 15:14 - 27567112 _____ (Time Doctor LLC) C:\Users\Raiel\Downloads\setup-timedoctorlite-2.3.47-windows (1).exe
2016-02-27 13:47 - 2016-02-27 13:47 - 00000754 _____ C:\Users\Raiel\Documents\Downloads - Shortcut.lnk
2016-02-27 13:24 - 2016-02-27 13:24 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-02-23 17:22 - 2016-02-23 18:18 - 00441085 _____ C:\Users\Raiel\AppData\Roaming\result.txt
2016-02-23 17:21 - 2016-02-23 17:22 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\UBot Studio
2016-02-22 17:08 - 2016-02-22 17:08 - 00032424 _____ C:\Users\Raiel\Downloads\freebracelets_Leads_2016-02-14_2016-02-22.csv
2016-02-20 20:54 - 2016-02-20 20:54 - 00015468 _____ C:\Users\Raiel\Downloads\freebracelets_Leads_2016-02-14_2016-02-20.csv
2016-02-20 19:55 - 2016-02-20 19:55 - 03181131 _____ C:\Users\Raiel\Downloads\eComFinder.air
2016-02-20 19:55 - 2016-02-20 19:55 - 00000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eComFinder.lnk
2016-02-20 19:55 - 2016-02-20 19:55 - 00000960 _____ C:\Users\Public\Desktop\eComFinder.lnk
2016-02-20 19:55 - 2016-02-20 19:55 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\eComFinder
2016-02-20 19:55 - 2016-02-20 19:55 - 00000000 ____D C:\Program Files (x86)\eComFinder
2016-02-20 17:28 - 2016-02-20 17:28 - 00061524 _____ C:\Users\Raiel\Downloads\discount_export.zip
2016-02-20 17:28 - 2016-02-20 17:28 - 00000000 ____D C:\Users\Raiel\Downloads\discount_export
2016-02-20 13:50 - 2016-02-20 13:50 - 00007766 _____ C:\Users\Raiel\Downloads\FO12D878A524_rej.txt
2016-02-18 06:42 - 2016-02-18 06:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-17 16:31 - 2016-02-17 16:31 - 00007140 _____ C:\Users\Raiel\Downloads\freebracelets_Leads_2016-02-15_2016-02-15 (1).csv
2016-02-16 20:40 - 2016-02-16 20:40 - 00001325 _____ C:\Users\Public\Desktop\News Publisher.lnk
2016-02-16 20:40 - 2016-02-16 20:40 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\Soft Solutions
2016-02-16 20:40 - 2016-02-16 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft Solutions
2016-02-16 20:40 - 2016-02-16 20:40 - 00000000 ____D C:\Program Files (x86)\Soft Solutions
2016-02-16 20:39 - 2016-02-16 20:40 - 08272688 _____ (Soft Solutions ) C:\Users\Raiel\Downloads\news_publisher_setup.exe
2016-02-16 20:31 - 2016-02-16 20:31 - 09072640 _____ C:\Users\Raiel\Downloads\50-call-to-action-templates.ppt
2016-02-16 20:31 - 2016-02-16 20:31 - 00239199 _____ C:\Users\Raiel\Downloads\bonus-call-to-actions-in-photoshop.zip
2016-02-16 17:35 - 2016-02-16 17:35 - 00000000 ____D C:\ProgramData\Creative Labs
2016-02-16 17:07 - 2016-02-16 17:08 - 165440896 _____ (Creative Technology Ltd) C:\Users\Raiel\Downloads\SBZ_CD_L13_1_01_03.exe
2016-02-16 15:02 - 2016-02-16 15:02 - 00000000 ____D C:\Program Files\Western Digital
2016-02-16 14:37 - 2016-02-16 14:38 - 00004964 _____ C:\Users\Raiel\Downloads\freebracelets_Leads_2016-02-14_2016-02-16.csv
2016-02-16 14:37 - 2016-02-16 14:38 - 00001048 _____ C:\Users\Raiel\Downloads\cutecatnecklace_Leads_2016-02-15_2016-02-16.csv
2016-02-16 14:36 - 2016-02-16 14:36 - 00004298 _____ C:\Users\Raiel\Downloads\freebracelets_Leads_2016-02-14_2016-02-14.csv
2016-02-16 14:36 - 2016-02-16 14:36 - 00002642 _____ C:\Users\Raiel\Downloads\freebracelets_Leads_2016-02-15_2016-02-15.csv
2016-02-16 14:36 - 2016-02-16 14:36 - 00000640 _____ C:\Users\Raiel\Downloads\cutecatnecklace_Leads_2016-02-15_2016-02-15.csv
2016-02-15 21:26 - 2016-02-15 21:26 - 00352402 _____ C:\Users\Raiel\Downloads\VPN-router-config.zip
2016-02-15 21:22 - 2016-02-15 21:22 - 00001266 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2016-02-15 21:22 - 2016-02-15 21:22 - 00000000 ____D C:\Users\Raiel\Downloads\PopcornTime
2016-02-15 21:22 - 2016-02-15 21:22 - 00000000 ____D C:\Users\Raiel\AppData\Local\PopcornTimeDesktop
2016-02-15 21:22 - 2016-02-15 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2016-02-15 21:21 - 2016-02-15 21:22 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2016-02-15 21:19 - 2016-02-15 21:21 - 49032804 _____ (Popcorn Time ) C:\Users\Raiel\Downloads\PopcornTime-latest.exe
2016-02-15 17:38 - 2016-02-09 03:25 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-15 17:38 - 2016-02-09 03:25 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll
2016-02-15 16:24 - 2016-02-15 16:24 - 00003105 _____ C:\Users\Raiel\Desktop\SocialAutoBot.lnk
2016-02-15 16:24 - 2016-02-15 16:24 - 00003065 _____ C:\Users\Raiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SocialAutoBot.lnk
2016-02-15 13:53 - 2016-02-15 13:53 - 00003080 _____ C:\Users\Raiel\Downloads\freebracelets_Leads_2016-02-14_2016-02-15.csv
2016-02-14 19:51 - 2016-02-14 19:51 - 00000000 ____D C:\Users\Raiel\Downloads\discount_export10
2016-02-14 19:50 - 2016-02-14 19:50 - 00042082 _____ C:\Users\Raiel\Downloads\discount_export10.zip
2016-02-14 19:50 - 2016-02-14 19:50 - 00000000 ____D C:\Users\Raiel\Downloads\discount_export25
2016-02-14 19:49 - 2016-02-14 19:49 - 00000000 ____D C:\Users\Raiel\Downloads\discount_export5
2016-02-14 19:44 - 2016-02-14 19:44 - 00061894 _____ C:\Users\Raiel\Downloads\discount_export5.zip
2016-02-14 19:42 - 2016-02-14 19:42 - 00079809 _____ C:\Users\Raiel\Downloads\discount_export25.zip
2016-02-12 17:56 - 2016-03-02 13:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 19:50 - 2016-03-04 15:10 - 00005379 _____ C:\Users\Raiel\Documents\2-11-16.txt
2016-02-11 18:46 - 2016-02-11 18:46 - 00174223 _____ C:\Users\Raiel\Downloads\FO12D878A524_Tier_2.txt
2016-02-10 21:28 - 2016-02-10 21:28 - 00000000 ____D C:\Users\Raiel\AppData\LocalLow\uTorrent
2016-02-10 19:18 - 2016-02-10 19:18 - 00038224 _____ (SoftEther Corporation) C:\WINDOWS\system32\Drivers\Neo6_x64_VPN2.sys
2016-02-10 17:45 - 2016-02-10 17:45 - 08042797 _____ C:\Users\Raiel\Downloads\a-logo-4-1 (1).rar
2016-02-10 17:45 - 2016-02-10 17:45 - 03669513 _____ C:\Users\Raiel\Downloads\Traffic Tsunami (1).zip
2016-02-10 17:45 - 2016-02-10 17:45 - 00600225 _____ C:\Users\Raiel\Downloads\_700_Day_With_CPA (1).rar
2016-02-10 17:45 - 2016-02-10 17:45 - 00489078 _____ C:\Users\Raiel\Downloads\FB_ADS_COUPONS (1).pdf
2016-02-10 17:45 - 2016-02-10 17:45 - 00366905 _____ C:\Users\Raiel\Downloads\FB_ADS_COUPONS_Guide (1).pdf
2016-02-10 17:43 - 2016-02-10 17:43 - 522557090 _____ C:\Users\Raiel\Downloads\ImageBargainBlitz1111 (1).zip
2016-02-10 16:47 - 2016-02-10 16:47 - 00046714 _____ C:\Users\Raiel\Downloads\VPNetMon_W7_Basic.zip
2016-02-10 16:47 - 2016-02-10 16:47 - 00000000 ____D C:\Users\Raiel\Downloads\VPNetMon_W7_Basic
2016-02-10 16:40 - 2016-02-10 16:40 - 00038216 _____ (SoftEther Corporation) C:\WINDOWS\system32\Drivers\Neo6_x64_VPN.sys
2016-02-10 16:39 - 2016-02-10 16:39 - 00144104 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\WINDOWS\system32\vpncmd.exe
2016-02-10 16:39 - 2016-02-10 16:39 - 00001980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2016-02-10 16:39 - 2016-02-10 16:39 - 00001974 _____ C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2016-02-10 16:39 - 2016-02-10 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2016-02-10 16:38 - 2016-03-06 12:06 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-02-10 16:38 - 2016-02-10 16:38 - 45081832 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Users\Raiel\Downloads\vpngate-client-v4.19-9599-beta-2015.10.19.exe
2016-02-10 16:38 - 2016-02-10 16:38 - 00051024 _____ (SoftEther Corporation) C:\WINDOWS\system32\Drivers\SeLow_x64.sys
2016-02-10 16:38 - 2016-02-10 16:38 - 00000000 ____D C:\Users\Raiel\Downloads\vpngate-client-2016.02.10-build-9599.134726
2016-02-10 16:38 - 2016-02-10 05:53 - 05198848 ____N (University of Tsukuba) C:\Users\Raiel\Downloads\VpnGatePlugin_x64.dll
2016-02-10 16:38 - 2016-02-10 05:53 - 03921920 ____N (University of Tsukuba) C:\Users\Raiel\Downloads\VpnGatePlugin_x86.dll
2016-02-10 13:40 - 2016-02-10 14:12 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\Hubstaff
2016-02-10 13:40 - 2016-02-10 13:40 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\fltk.org
2016-02-10 13:40 - 2016-02-10 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hubstaff
2016-02-10 13:40 - 2016-02-10 13:40 - 00000000 ____D C:\ProgramData\fltk.org
2016-02-10 13:40 - 2016-02-10 13:40 - 00000000 ____D C:\Program Files\Hubstaff
2016-02-10 13:25 - 2016-02-10 13:40 - 09091240 _____ C:\Users\Raiel\Downloads\Hubstaff-1.2.4-5ef7bdb.exe
2016-02-09 15:52 - 2016-02-09 15:53 - 54288369 _____ C:\Users\Raiel\Downloads\vpngate-client-2016.02.10-build-9599.134726.zip
2016-02-09 15:12 - 2016-02-09 15:12 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
2016-02-09 15:12 - 2016-02-09 15:12 - 00001000 _____ C:\Users\Public\Desktop\Market Samurai.lnk
2016-02-09 15:12 - 2016-02-09 15:12 - 00000000 ____D C:\Program Files (x86)\Market Samurai
2016-02-09 14:59 - 2016-02-09 14:59 - 00110520 _____ C:\Users\Raiel\Downloads\FO12D878A524.html
2016-02-09 14:51 - 2016-01-29 01:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 14:51 - 2016-01-27 00:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 14:51 - 2016-01-26 23:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 14:51 - 2016-01-26 23:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 14:51 - 2016-01-26 23:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 14:51 - 2016-01-26 23:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 14:51 - 2016-01-26 23:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 14:50 - 2016-01-29 01:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 14:50 - 2016-01-27 01:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 14:50 - 2016-01-27 01:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 14:50 - 2016-01-27 00:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 14:50 - 2016-01-27 00:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 14:50 - 2016-01-27 00:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 14:50 - 2016-01-27 00:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 14:50 - 2016-01-27 00:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 14:50 - 2016-01-27 00:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 14:50 - 2016-01-27 00:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 14:50 - 2016-01-27 00:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 14:50 - 2016-01-27 00:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 14:50 - 2016-01-27 00:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 14:50 - 2016-01-27 00:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 14:50 - 2016-01-27 00:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 14:50 - 2016-01-27 00:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 14:50 - 2016-01-27 00:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 14:50 - 2016-01-27 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 14:50 - 2016-01-27 00:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 14:50 - 2016-01-27 00:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 14:50 - 2016-01-27 00:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 14:50 - 2016-01-27 00:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 14:50 - 2016-01-26 23:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 14:50 - 2016-01-26 23:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 14:50 - 2016-01-26 23:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 14:50 - 2016-01-26 23:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 14:50 - 2016-01-26 23:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-08 16:52 - 2016-02-08 16:52 - 00002655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SocialAutoBot.lnk
2016-02-08 16:52 - 2016-02-08 16:52 - 00002643 _____ C:\Users\Public\Desktop\SocialAutoBot.lnk
2016-02-08 16:52 - 2016-02-08 16:52 - 00000000 ____D C:\Users\Raiel\Downloads\SA3.2.7_28_1_16
2016-02-08 16:52 - 2016-02-08 16:52 - 00000000 ____D C:\Program Files (x86)\SocialAutoBot
2016-02-08 16:51 - 2016-02-08 16:51 - 03851748 _____ C:\Users\Raiel\Downloads\SA3.2.7_28_1_16.zip
2016-02-08 15:16 - 2016-02-08 15:16 - 00070557 _____ C:\Users\Raiel\Downloads\HAPPY_Landing_Page.zip
2016-02-08 15:15 - 2016-02-08 15:15 - 00062414 _____ C:\Users\Raiel\Downloads\FADE_Landing_Page.zip
2016-02-08 15:14 - 2016-02-08 15:14 - 00017609 _____ C:\Users\Raiel\Downloads\CHAMELEON_Landing_Page (1).zip
2016-02-07 21:10 - 2016-02-07 21:10 - 00012483 _____ C:\Users\Raiel\Downloads\-Blaze077-Dragon-Ball-Super---030-English-Subbed-DutchSaiyaman-720p-237.torrent
2016-02-07 21:10 - 2016-02-07 21:10 - 00012483 _____ C:\Users\Raiel\Downloads\-Blaze077-Dragon-Ball-Super---030-English-Subbed-DutchSaiyaman-720p-237 (1).torrent
2016-02-06 17:32 - 2012-06-19 20:48 - 00000630 _____ C:\WINDOWS\SysWOW64\Reg.reg
2016-02-05 22:22 - 2016-02-05 22:22 - 06565069 _____ C:\Users\Raiel\Downloads\Avatar6.zip
2016-02-05 22:22 - 2016-02-05 22:22 - 00000000 ____D C:\Users\Raiel\Downloads\Avatar6
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-06 12:09 - 2014-02-13 23:45 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\Skype
2016-03-06 12:07 - 2015-07-28 13:42 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1426893082-392233631-795411858-1001UA.job
2016-03-06 12:06 - 2014-02-13 18:37 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{44EF453C-AD1E-4C8B-907E-6227CE6BB4CF}
2016-03-06 12:05 - 2015-08-23 01:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2016-03-06 12:05 - 2014-02-13 18:40 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 11:52 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-06 11:52 - 2015-07-30 14:50 - 00879284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-06 11:52 - 2015-06-10 17:56 - 00000580 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1426893082-392233631-795411858-1001.job
2016-03-06 11:52 - 2014-02-13 18:59 - 00000000 _____ C:\WINDOWS\Path.idx
2016-03-06 11:49 - 2014-02-16 16:45 - 00000000 ____D C:\Program Files\Carbonite
2016-03-06 11:49 - 2014-02-14 13:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-06 11:47 - 2015-09-16 16:37 - 00000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-03-06 11:47 - 2015-07-30 14:59 - 00000000 ___RD C:\Users\Raiel\OneDrive
2016-03-06 11:47 - 2015-04-08 04:15 - 00000000 ____D C:\Users\Raiel\AppData\Local\CrashDumps
2016-03-06 11:47 - 2014-02-13 18:46 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2016-03-06 11:47 - 2014-02-13 18:40 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 11:46 - 2015-12-06 12:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-06 11:46 - 2015-12-06 12:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-06 11:46 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-06 11:42 - 2015-09-16 16:37 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-03-06 11:41 - 2015-06-11 13:56 - 00000676 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1426893082-392233631-795411858-1001.job
2016-03-06 11:39 - 2015-08-28 23:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-06 11:27 - 2014-11-08 20:08 - 00000000 ____D C:\ProgramData\MFAData
2016-03-06 11:11 - 2014-08-04 22:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-06 09:23 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-05 20:54 - 2014-04-29 02:19 - 00000796 _____ C:\WINDOWS\MB.idx
2016-03-05 20:51 - 2014-02-13 23:33 - 00004330 _____ C:\Users\Raiel\Desktop\PSWD.txt
2016-03-05 20:49 - 2015-08-28 23:06 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-05 07:53 - 2014-02-12 20:27 - 00000000 ____D C:\Users\Raiel\AppData\Local\Packages
2016-03-05 07:51 - 2014-02-14 12:16 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\vlc
2016-03-05 07:07 - 2015-07-28 13:42 - 00000874 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1426893082-392233631-795411858-1001Core.job
2016-03-05 05:52 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-04 21:46 - 2015-12-14 22:18 - 00000000 ____D C:\Users\Raiel\Downloads\chromepass
2016-03-04 21:07 - 2015-06-11 16:15 - 00000132 _____ C:\Users\Raiel\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-03-04 20:56 - 2014-02-16 13:52 - 00002440 _____ C:\Users\Raiel\Desktop\Adobe Photoshop CS6.lnk
2016-03-03 16:43 - 2014-12-25 21:44 - 00000000 ____D C:\Users\Raiel\AppData\Local\ElevatedDiagnostics
2016-03-03 05:51 - 2015-12-06 12:22 - 00000000 ____D C:\Users\Raiel
2016-03-03 05:51 - 2015-10-30 01:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-02 20:46 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-02 13:10 - 2014-02-13 23:45 - 00000000 ____D C:\ProgramData\Skype
2016-03-02 13:09 - 2015-12-06 12:20 - 00404080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-02 13:09 - 2015-07-30 14:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 13:09 - 2015-06-02 16:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-02 09:49 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-02 09:49 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-02 09:49 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 09:49 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 20:09 - 2015-12-06 12:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-01 19:59 - 2014-02-14 00:01 - 00000000 ____D C:\Users\Raiel\AppData\Local\NVIDIA Corporation
2016-03-01 19:59 - 2014-02-14 00:01 - 00000000 ____D C:\Users\Raiel\AppData\Local\NVIDIA
2016-03-01 19:59 - 2014-02-14 00:00 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-03-01 16:40 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-01 00:09 - 2014-07-05 10:14 - 00000000 ____D C:\Program Files\PeerBlock
2016-02-29 15:39 - 2015-11-17 22:12 - 00000000 ____D C:\Users\Raiel\Desktop\Tor Browser
2016-02-29 15:38 - 2015-08-07 19:25 - 00001110 _____ C:\Users\Raiel\Desktop\Betternet.lnk
2016-02-29 15:38 - 2015-08-07 19:24 - 00000000 ____D C:\Program Files (x86)\betternet
2016-02-29 15:38 - 2014-07-05 10:14 - 00001990 _____ C:\Users\Raiel\Desktop\PeerBlock.lnk
2016-02-25 14:23 - 2014-02-16 14:03 - 00001750 _____ C:\Users\Raiel\Desktop\Dreamweaver.lnk
2016-02-24 20:04 - 2015-11-19 19:08 - 12479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-02-23 18:57 - 2015-11-19 19:08 - 31120952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-02-23 18:57 - 2015-11-19 19:08 - 19779456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-02-23 18:57 - 2015-11-19 19:08 - 17175056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-02-23 18:57 - 2015-11-19 19:08 - 14115136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-02-23 18:57 - 2015-11-19 19:08 - 03649760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-02-23 18:57 - 2015-11-19 19:08 - 03231360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-23 18:57 - 2015-11-19 19:08 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-02-23 15:28 - 2016-01-28 01:04 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-23 15:28 - 2016-01-28 01:04 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-23 15:28 - 2015-12-06 12:21 - 06368824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-23 15:28 - 2015-12-06 12:21 - 06154909 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-23 15:28 - 2015-12-06 12:21 - 02993720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-23 15:28 - 2015-12-06 12:21 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-23 15:28 - 2015-12-06 12:21 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-23 15:28 - 2015-12-06 12:21 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-23 15:28 - 2015-12-06 12:21 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-23 06:13 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 06:13 - 2015-08-19 19:20 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-22 20:06 - 2015-09-10 18:42 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-02-22 20:05 - 2015-09-10 18:43 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-02-22 20:05 - 2014-11-08 20:11 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-02-20 19:56 - 2014-02-13 18:56 - 00000000 ____D C:\ProgramData\Adobe
2016-02-20 19:55 - 2014-08-04 22:38 - 00000000 ____D C:\Users\Raiel\AppData\Local\Adobe
2016-02-20 17:51 - 2015-06-11 13:56 - 00003828 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1426893082-392233631-795411858-1001
2016-02-20 17:51 - 2015-06-10 17:56 - 00003732 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1426893082-392233631-795411858-1001
2016-02-20 07:25 - 2014-02-13 18:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-02-20 07:25 - 2014-02-13 18:56 - 00002096 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2016-02-19 20:05 - 2014-02-13 18:41 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-18 06:42 - 2015-09-16 16:15 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-17 01:40 - 2015-11-19 18:53 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-02-17 01:40 - 2014-06-02 22:20 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-02-17 01:40 - 2014-06-02 22:20 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-02-17 01:40 - 2014-02-14 00:01 - 01903344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-02-17 01:40 - 2014-02-14 00:01 - 01571624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-02-16 17:35 - 2014-02-13 23:41 - 00000000 ____D C:\ProgramData\Creative
2016-02-16 17:35 - 2014-02-13 23:37 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-02-16 17:35 - 2014-02-13 23:37 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-02-16 17:35 - 2014-02-13 23:37 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-02-16 17:35 - 2014-02-13 23:37 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-02-16 17:35 - 2014-02-13 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-02-16 17:35 - 2014-02-13 23:34 - 00000078 ___RH C:\WINDOWS\ctfile.rfc
2016-02-16 17:35 - 2014-02-13 23:34 - 00000000 ____D C:\Users\Public\Creative
2016-02-16 17:35 - 2014-02-13 23:33 - 00000000 ____D C:\Program Files (x86)\Creative
2016-02-16 15:05 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-02-16 15:02 - 2014-02-14 14:11 - 00000000 ____D C:\ProgramData\Western Digital
2016-02-16 15:02 - 2014-02-14 14:11 - 00000000 ____D C:\Program Files\Common Files\Western Digital
2016-02-16 15:02 - 2014-02-14 14:11 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-02-15 19:49 - 2015-11-17 22:12 - 00000862 _____ C:\Users\Raiel\Desktop\Start Tor Browser.lnk
2016-02-15 19:45 - 2015-12-17 10:57 - 00048439 _____ C:\Users\Raiel\Desktop\AllExceptionLoggerFiletext.txt
2016-02-14 12:34 - 2015-11-28 23:22 - 01369088 _____ C:\Users\Raiel\Documents\cats.msam
2016-02-13 17:47 - 2015-04-08 04:03 - 00000000 ____D C:\Users\Raiel\Documents\Camtasia Studio
2016-02-12 23:17 - 2014-02-14 01:26 - 00000000 ____D C:\Users\Raiel\AppData\Roaming\uTorrent
2016-02-11 23:21 - 2015-12-17 12:09 - 00000000 ____D C:\Users\Raiel\Desktop\SocialAutoBot
2016-02-11 10:47 - 2015-10-30 02:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-11 10:47 - 2015-10-25 11:06 - 00001009 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-02-11 10:47 - 2015-03-30 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-10 18:09 - 2015-04-08 04:15 - 00001249 _____ C:\Users\Public\Desktop\Snagit 12 Editor.lnk
2016-02-10 18:09 - 2015-04-08 04:15 - 00001205 _____ C:\Users\Public\Desktop\Snagit 12.lnk
2016-02-10 18:09 - 2015-04-08 03:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2016-02-09 15:00 - 2014-02-14 00:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 14:55 - 2014-02-14 00:55 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 14:24 - 2015-11-14 18:09 - 00000000 ____D C:\Users\Raiel\.oracle_jre_usage
2016-02-09 14:24 - 2014-11-01 00:08 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-09 14:24 - 2014-11-01 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 14:24 - 2014-11-01 00:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-09 14:24 - 2014-03-19 22:21 - 00000000 ____D C:\ProgramData\Oracle
2016-02-05 06:07 - 2015-07-30 14:59 - 00002363 _____ C:\Users\Raiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
 
==================== Files in the root of some directories =======
 
2016-03-04 21:05 - 2016-03-04 21:05 - 0000132 _____ () C:\Users\Raiel\AppData\Roaming\Adobe GIF Format CS6 Prefs
2015-06-11 16:15 - 2016-03-04 21:07 - 0000132 _____ () C:\Users\Raiel\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-06-30 13:11 - 2015-06-30 13:11 - 0000046 _____ () C:\Users\Raiel\AppData\Roaming\Camdata.ini
2015-06-30 13:11 - 2015-06-30 13:11 - 0000408 _____ () C:\Users\Raiel\AppData\Roaming\CamLayout.ini
2015-06-30 13:11 - 2015-06-30 13:11 - 0000408 _____ () C:\Users\Raiel\AppData\Roaming\CamShapes.ini
2015-06-30 13:11 - 2015-06-30 13:11 - 0004536 _____ () C:\Users\Raiel\AppData\Roaming\CamStudio.cfg
2016-02-23 17:22 - 2016-02-23 18:18 - 0441085 _____ () C:\Users\Raiel\AppData\Roaming\result.txt
2015-06-30 13:08 - 2015-06-30 13:08 - 0000096 _____ () C:\Users\Raiel\AppData\Roaming\version2.xml
2014-02-24 01:33 - 2015-06-28 00:02 - 0001057 _____ () C:\Users\Raiel\AppData\Roaming\vso_ts_preview.xml
2015-06-30 14:05 - 2015-06-30 14:05 - 0000043 _____ () C:\Users\Raiel\AppData\Roaming\WB.CFG
2015-08-08 14:42 - 2015-08-08 14:44 - 0003584 _____ () C:\Users\Raiel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-01 01:20 - 2015-06-01 01:20 - 0635544 _____ (DivX, LLC) C:\Users\Raiel\AppData\Local\Tempdivx50cb.exe
 
Some files in TEMP:
====================
C:\Users\Raiel\AppData\Local\Temp\avguirn_081588453822.exe
C:\Users\Raiel\AppData\Local\Temp\avguirn_081714167006.exe
C:\Users\Raiel\AppData\Local\Temp\avguirn_081945804983.exe
C:\Users\Raiel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Raiel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppv1yvo.dll
C:\Users\Raiel\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Raiel\AppData\Local\Temp\nvStInst.exe
C:\Users\Raiel\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-02 13:24
 
==================== End of FRST.txt ============================

 

 



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:09 PM

Posted 06 March 2016 - 08:42 PM

Greetings raielschwartz and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

When you ran FRST there should have been an Addition.txt file placed on your Desktop. Please copy and paste the contents of that report in your reply.

Please consider and do this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Click Format and check Word Wrap
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
CreateRestorePoint:
CloseProcesses:
IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} =>  No File
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} =>  No File
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} =>  No File
Startup: C:\Users\Raiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_71167571.lnk [2014-03-19]
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.dregol.com/?f=7&a=drg_camstd_15_27&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyC0B0AtBtD0E0EyC0B0B0EtN0D0Tzu0StCtByByCtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyE0D0ByDzzzyzz0BtGyEtA0BtAtGyDtDzytCtGyEtB0E0FtG0F0F0C0EtDzytCtB0F0DtD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyD0FtB0ByB0ByCtGyEtDyC0EtGyEzz0C0EtG0A0FyD0FtGtA0FyCzyzz0CyBtBtA0EzzyC2QtN0A0LzutB&cr=439256849&ir="
CHR Extension: (Viral Autobot Downloader) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcimbcopnpdidoifpjilchikkmihjhac [2015-12-21]
CHR Extension: (Rapidshare Search) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnpknjpagfelehbhidjlncbeflglfigc [2015-02-04] [UpdateUrl: hxxp://alinovtrip.php5.com/chrome/updates.xml] <==== ATTENTION
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
C:\Users\Raiel\AppData\Local\Temp\avguirn_081588453822.exe
C:\Users\Raiel\AppData\Local\Temp\avguirn_081714167006.exe
C:\Users\Raiel\AppData\Local\Temp\avguirn_081945804983.exe
C:\Users\Raiel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Raiel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppv1yvo.dll
C:\Users\Raiel\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Raiel\AppData\Local\Temp\nvStInst.exe
C:\Users\Raiel\AppData\Local\Temp\sqlite3.dll
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Addition.txt
  • Fixlog
  • System Summary Information
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 raielschwartz

raielschwartz
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 07 March 2016 - 12:09 AM

hi gARy,
 
a few stuff,
 
ouR fixlog.txt is beLuw,
 
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Raiel (2016-03-06 22:54:18) Run:1
Running from C:\Users\Raiel\Downloads
Loaded Profiles: Raiel (Available Profiles: Raiel)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} =>  No File
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} =>  No File
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} =>  No File
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} =>  No File
Startup: C:\Users\Raiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_71167571.lnk [2014-03-19]
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.dregol.com/?f=7&a=drg_camstd_15_27&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyC0B0AtBtD0E0EyC0B0B0EtN0D0Tzu0StCtByByCtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyE0D0ByDzzzyzz0BtGyEtA0BtAtGyDtDzytCtGyEtB0E0FtG0F0F0C0EtDzytCtB0F0DtD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyD0FtB0ByB0ByCtGyEtDyC0EtGyEzz0C0EtG0A0FyD0FtGtA0FyCzyzz0CyBtBtA0EzzyC2QtN0A0LzutB&cr=439256849&ir="
CHR Extension: (Viral Autobot Downloader) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcimbcopnpdidoifpjilchikkmihjhac [2015-12-21]
CHR Extension: (Rapidshare Search) - C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnpknjpagfelehbhidjlncbeflglfigc [2015-02-04] [UpdateUrl: hxxp://alinovtrip.php5.com/chrome/updates.xml] <==== ATTENTION
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
C:\Users\Raiel\AppData\Local\Temp\avguirn_081588453822.exe
C:\Users\Raiel\AppData\Local\Temp\avguirn_081714167006.exe
C:\Users\Raiel\AppData\Local\Temp\avguirn_081945804983.exe
C:\Users\Raiel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Raiel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppv1yvo.dll
C:\Users\Raiel\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Raiel\AppData\Local\Temp\nvStInst.exe
C:\Users\Raiel\AppData\Local\Temp\sqlite3.dll
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adwcleaner_5.005.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Carbonite.Green" => key removed successfully
HKCR\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Carbonite.Partial" => key removed successfully
HKCR\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Carbonite.Yellow" => key removed successfully
HKCR\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A} => key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Carbonite.Green" => key removed successfully
HKCR\Wow6432Node\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68} => key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Carbonite.Partial" => key removed successfully
HKCR\Wow6432Node\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015} => key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Carbonite.Yellow" => key removed successfully
HKCR\Wow6432Node\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A} => key not found. 
C:\Users\Raiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_71167571.lnk => moved successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c9ab6446-7efc-47fe-966c-dc54324eff9f}" => key removed successfully
HKCR\CLSID\{c9ab6446-7efc-47fe-966c-dc54324eff9f} => key not found. 
Chrome StartupUrls => removed successfully
C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcimbcopnpdidoifpjilchikkmihjhac => moved successfully
C:\Users\Raiel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnpknjpagfelehbhidjlncbeflglfigc <==== ATTENTION => not found
BCM42RLY => service removed successfully
C:\Users\Raiel\AppData\Local\Temp\avguirn_081588453822.exe => moved successfully
C:\Users\Raiel\AppData\Local\Temp\avguirn_081714167006.exe => moved successfully
C:\Users\Raiel\AppData\Local\Temp\avguirn_081945804983.exe => moved successfully
"C:\Users\Raiel\AppData\Local\Temp\dllnt_dump.dll" => not found.
C:\Users\Raiel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppv1yvo.dll => moved successfully
C:\Users\Raiel\AppData\Local\Temp\jre-8u73-windows-au.exe => moved successfully
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI.dll => moved successfully
C:\Users\Raiel\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully
C:\Users\Raiel\AppData\Local\Temp\nvStInst.exe => moved successfully
C:\Users\Raiel\AppData\Local\Temp\sqlite3.dll => moved successfully
 
 
The system needed a reboot.
 
==== End of Fixlog 22:54:29 ====

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Raiel (2016-03-06 22:27:14)
Running from C:\Users\Raiel\Downloads
Windows 10 Pro Version 1511 (X64) (2015-12-06 17:30:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1426893082-392233631-795411858-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1426893082-392233631-795411858-503 - Limited - Disabled)
Guest (S-1-5-21-1426893082-392233631-795411858-501 - Limited - Disabled)
Raiel (S-1-5-21-1426893082-392233631-795411858-1001 - Administrator - Enabled) => C:\Users\Raiel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Ad-Aware Antivirus (Enabled - Up to date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Ad-Aware Antivirus (Enabled - Up to date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Ad-Aware Antivirus (HKLM\...\{50E2E8FE-1F8B-4F21-BE9F-F9152D3EA5B1}_AdAwareUpdater) (Version: 11.10.767.8917 - Lavasoft)
AdAwareInstaller (Version: 11.10.767.8917 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.10.767.8917 - Lavasoft) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
Amazon Kindle (HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Amazon Kindle) (Version: - Amazon)
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.11.125 - ASUS Cloud Corporation)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 33489584.1637756.4759644.48 - Audible, Inc.)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4537 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.6.552 - AVG Technologies)
Azon Product Inspector (HKLM-x32\...\Azon Product Inspector3.0.0.4) (Version: 3.0.0.4 - InnAnTech Industries Inc.)
BacklinkBeast (HKLM-x32\...\BacklinkBeast_is1) (Version: 1.0.49.0 - )
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Betternet (HKLM-x32\...\Betternet) (Version: - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.31.223.1 - Broadcom Corporation)
calibre (HKLM-x32\...\{54F80F38-62F8-46B3-AD7C-5B86D6A1B4CC}) (Version: 2.50.0 - Kovid Goyal)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - Infinity Ward)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Creative Music Server (HKLM-x32\...\Music Server) (Version: 1.01 - Creative Technology Limited)
CuteFTP 8 Professional (HKLM-x32\...\{91F34319-08DE-457a-99C0-0BCDFAC145B9}) (Version: 8.3.4 - GlobalSCAPE)
CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.5 - Globalscape)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0350 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Ball Xenoverse - Bundle Edition (HKLM-x32\...\Dragon Ball Xenoverse - Bundle Edition_is1) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
EaseUS Todo Backup Free 8.9 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.9 - CHENGDU YIWO Tech Development Co., Ltd)
EasyVSL (HKLM-x32\...\com.searchcreatively.EasyVSL) (Version: 1.3.2 - PayKickstart, LLC)
EasyVSL (x32 Version: 1.3.2 - PayKickstart, LLC) Hidden
eCom Finder (HKLM-x32\...\eComFinder) (Version: 1.0.2 - Rapid Web Solutions LTD)
eCom Finder (x32 Version: 1.0.2 - Rapid Web Solutions LTD) Hidden
EVGA OC Scanner X 3.4.0 (64-bit) (HKLM\...\{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version: - EVGA)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
Explaindio Video Creator 2a version 2.108 (HKLM-x32\...\{62E156B8-9689-4D67-9429-3AF84B6025E3}_is1) (Version: 2.108 - Explaindio LLC)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.002 - Ezvid, inc.)
f.lux (HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\Flux) (Version: - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.75 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoToMeeting 7.13.0.4542 (HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\GoToMeeting) (Version: 7.13.0.4542 - CitrixOnline)
hide.me VPN version 1.0.7 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.0.7 - eVenture Limited)
Hubstaff (HKLM-x32\...\Hubstaff) (Version: 1.2.4 - Netsoft Holdings, LLC.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios)
LinkChecker 9.3 (HKLM-x32\...\LinkChecker_is1) (Version: - )
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.85 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.85 - Alliance Software Pty Ltd) Hidden
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.00.01 - ASUSTeK Computer Inc.)
Metal Gear Solid V Phantom Pain, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Metal Gear Solid V Phantom Pain_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat X Premium Edition v.1.0.24399.3 (HKLM-x32\...\Mortal Kombat X Premium Edition_is1) (Version: - )
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Naruto Shippuden Ultimate Ninja Storm Revolution version 1.0 (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version: 1.0 - GMT-MAX.ORG)
NBA 2K16 (HKLM-x32\...\NBA 2K16_is1) (Version: - )
News Publisher 1.0 (HKLM-x32\...\{F512A66C-EE26-47DF-B1BA-9BC753AB7DD4}_is1) (Version: 1.0 - Soft Solutions)
NovaBench 3.0.4 (HKLM-x32\...\{88603FC0-6B3C-442D-981E-E3D49F083548}_is1) (Version: - Novawave Inc.)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - )
OpenVPN 2.3.8-I601 (HKLM\...\OpenVPN) (Version: 2.3.8-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.5.0 - Popcorn Time)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.2 - Power Software Ltd)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RivaTuner Statistics Server 5.2.0 (HKLM-x32\...\RTSS) (Version: 5.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
SEO Harvester Jeet (HKLM-x32\...\SEO Harvester Jeet_is1) (Version: 1.0 - Teknikforce)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Skype Web Plugin (HKLM-x32\...\{F7C13D74-E0FD-4A76-896A-E8687769767D}) (Version: 7.5.0.127 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Snagit 12 (HKLM-x32\...\{e8720e7e-08a2-4a30-9bce-70aa27c2a3dc}) (Version: 12.2.2.2107 - TechSmith Corporation)
Snagit 12 (x32 Version: 12.2.2 - TechSmith Corporation) Hidden
SocialAutoBotSetup (HKLM-x32\...\{B186984B-713E-4ADD-B765-112607918168}) (Version: 3.2.4 - SocialAutoBot)
SocialAutoBotSetup (HKLM-x32\...\{E2F12C0A-51A3-4AEA-8541-8CAEDF3BBE7E}) (Version: 3.2.8 - SocialAutoBot)
Socialite Eye (HKLM-x32\...\socialite) (Version: 1.0.0 - UNKNOWN)
Socialite Eye (x32 Version: 1.0.0 - UNKNOWN) Hidden
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.19.9599 - SoftEther VPN Project)
Sound Blaster Z-Series (HKLM-x32\...\{9E61ABC7-B276-46F1-808F-A8A4EF0D57DF}) (Version: 1.01.03 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Stamps.com Web Postage Plug-in (HKLM-x32\...\Stamps.com Web Postage Plug-in) (Version: - Stamps.com, Inc.)
Stamps.com Web Postage Plug-in (x32 Version: 1.1.0.41 - Stamps.com) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
Time Doctor Lite (HKLM-x32\...\Time Doctor Lite 2.3.47) (Version: 2.3.47 - Time Doctor LLC)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.05) (Version: 1.05 - Webvati)
VideoMakerFX (x32 Version: 1.05 - Webvati) Hidden
VideoMakerFX ProThemes May Addon 1.1 (HKLM-x32\...\{4753C1C3-821E-429F-8ED1-19B3DC37FECE}) (Version: 1.1 - Webvati)
VideoMakerFX VideoProfitFX Add On 1.0 (HKLM-x32\...\{8F99303E-4E46-45DC-964D-649DBC72B717}) (Version: 1.0 - Webvati)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WD Drive Utilities (HKLM-x32\...\{2F540611-6560-470F-924A-5F52EFA9156F}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{5AEBFB66-61FE-4833-ACE3-E966980E40D5}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{739778ED-D095-4725-BF78-ADFF96004C52}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{e72369b3-306a-4d10-a766-3433a65e8dc2}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6200 - Broadcom Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{0825CC0E-34BD-4FE4-B78D-EF6582A94B6A}\InprocServer32 -> C:\Users\Raiel\AppData\Local\SkypePlugin\7.5.0.127\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Raiel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Citrix\GoToMeeting\4431\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{8E00BFA9-1C7B-4E45-BF2F-0FAEA236E1CC}\localserver32 -> C:\Users\Raiel\AppData\Local\SkypePlugin\7.5.0.127\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Raiel\AppData\Local\SkypePlugin\7.5.0.127\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D287AA0-F9BC-4187-9EB0-A672A53B4577} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1179A5BF-A552-4B94-BF5C-785860CA24FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1426893082-392233631-795411858-1001Core => C:\Users\Raiel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {1772D9C3-1CEC-4F3A-B211-979CA5A1F20A} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {18B96852-A2AF-4A91-912D-D8360529BEF1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {269470B3-0687-470B-A62C-AD8AE4D1E2CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2F332937-F06C-4E03-8CD6-28FB5BAB3458} - System32\Tasks\G2MUploadTask-S-1-5-21-1426893082-392233631-795411858-1001 => C:\Users\Raiel\AppData\Local\Citrix\GoToMeeting\4542\g2mupload.exe [2016-03-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {2F97E837-16E3-4143-B9FB-D6FC3D7D7A1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {32F7DDF8-4EB7-495C-880C-0BFFEB246871} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {34295F34-2AF5-49E3-9C45-EFA171E4CC97} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] ()
Task: {3DC77433-BE0B-4AC8-BA7D-AAF4392885C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {41835D41-3B95-4130-8555-0D02A12274FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {43B2B4CE-BE29-4AFA-95CD-2B2F4F4902AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {49B56567-AE28-4239-8F16-C34031B536C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {5E36ECB4-A4B9-489F-9132-18E50EF95184} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {60B48AB2-374C-4811-A6D2-7A16551B5187} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {62044B4E-9FBF-4E96-BACE-10A3F12E9EFC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {63A71F94-39A6-4827-A4AB-1CEA319C2770} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-08-29] (ASUSTeK Computer Inc.)
Task: {736D9008-91C1-4495-ACF2-B737137182B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75E6664F-7766-4C6A-9497-2F8756CBADEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {781F4DF3-12EF-47C4-B127-B66D3AD2273B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)
Task: {7BAD369B-EE2E-4EC9-AF77-605A1910AC9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {7CF9FBE1-15D4-4BB3-A8A0-F264382D2AE0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {83EF0AC6-065E-46FF-84EA-2CF3BAB6BECF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {878F48CA-4B12-4D01-94E5-E3166C7D60D4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {892C6450-CAD7-4D40-98F6-6BE1930A4144} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {8D13C618-BF50-4501-8FE9-2157E3E2CB06} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-07-31] (TechSmith Corporation)
Task: {9D302AC4-5478-42F4-B6DF-0048AC696B8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9DCD83DD-757D-4C88-90B1-BE37F9257B83} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {A2D6792C-3F87-48F1-A0F9-AE62F58103C3} - System32\Tasks\AdobeAAMUpdater-1.0-GamingPC-Raiel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {A57F114B-0601-4E99-842A-EF850A51CA80} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {A6041030-B5E5-483E-876A-C4496EC9F297} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {AB86C0E2-C4B7-4D06-9D54-867B08C8E7C1} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {B440BAB0-325E-4CBC-BA72-E84481034594} - System32\Tasks\G2MUpdateTask-S-1-5-21-1426893082-392233631-795411858-1001 => C:\Users\Raiel\AppData\Local\Citrix\GoToMeeting\4542\g2mupdate.exe [2016-03-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {BF307A2A-E57C-4384-B98E-EC10B4583763} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C510123A-DE82-44BE-B650-421B7CEBC0A2} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe [2015-04-03] ()
Task: {D07946BC-4FCC-4CA1-AB03-0CFF9B5F0D08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D8E71088-82A6-4E8A-B3BC-0ED47A6E7853} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {DB9586AF-A7B1-4C61-A060-4DCA02580D07} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {DDB8616D-6B00-427E-9A7D-40558B9C0CE3} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: {DFD709C5-2334-4ECD-A98F-A328E2677D87} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E1DE38F4-DDC0-4300-B633-FEC9F94CBAB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1426893082-392233631-795411858-1001UA => C:\Users\Raiel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {E487ADB2-80F0-4D16-96A2-273995871501} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E976705F-5EA6-48AC-852A-08AFA86B407C} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2013-04-12] ()
Task: {EC2076A2-D31A-497A-9EE7-1EB6388B23E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F0314839-9F7F-4C6D-8D0B-9C120575C6AF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-02-23] (Microsoft Corporation)
Task: {FC726323-F4A5-453E-9AA0-21F2BEE334D3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1426893082-392233631-795411858-1001.job => C:\Users\Raiel\AppData\Local\Citrix\GoToMeeting\4542\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1426893082-392233631-795411858-1001.job => C:\Users\Raiel\AppData\Local\Citrix\GoToMeeting\4542\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1426893082-392233631-795411858-1001Core.job => C:\Users\Raiel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1426893082-392233631-795411858-1001UA.job => C:\Users\Raiel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-09-10 18:42 - 2016-02-22 20:05 - 01215560 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-12-06 12:21 - 2016-02-23 15:28 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-13 18:49 - 2010-10-21 04:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2015-12-06 12:20 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-08-19 19:20 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-01-28 16:44 - 2016-01-28 16:44 - 00712432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
2016-01-28 16:48 - 2016-01-28 16:48 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_system-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_date_time-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_filesystem-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 11674360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareServiceKernel.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\RCF.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00911616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_regex-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_thread-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_chrono-vc120-mt-1_57.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 00973040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareActivation.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00561920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareApplicationUpdater.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00847600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareGamingMode.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00101096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareReset.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00123104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTime.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01030912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdater.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00905488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdaterScheduler.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01146608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIgnoreList.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00243440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareQuarantine.dll
2016-01-28 16:47 - 2016-01-28 16:47 - 01594624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiMalwareEngine.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00206080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiRootkitEngine.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01210616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerHistory.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01373928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScanner.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00036096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_timer-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01019640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerScheduler.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01190656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtection.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 02547448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIncompatibles.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01489640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiSpam.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01437424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiPhishing.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 03263736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareParentalControl.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 03107576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareWebProtection.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01325816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareEmailProtection.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00059656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_iostreams-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01878784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNetworkProtection.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01024744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePromo.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00457448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareFeedback.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 02958592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareThreatWorkAlliance.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01310952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePinCode.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01027304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNotice.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01563888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAvcEngine.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 01222416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtectionHistory.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00519920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareStatistics.dll
2016-03-01 19:59 - 2016-02-17 01:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-21 22:39 - 2016-02-17 01:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 19:59 - 2016-02-17 01:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-11-04 19:11 - 2015-11-04 19:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-08-04 19:15 - 2014-08-04 21:49 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-03-19 19:12 - 2015-11-03 07:18 - 00249384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2016-03-01 16:31 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-01 16:31 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-03-24 20:03 - 2013-08-08 13:34 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2015-03-24 20:03 - 2013-07-24 09:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-02-13 18:49 - 2013-04-12 13:07 - 01985848 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2016-01-13 11:28 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-22 07:39 - 2016-01-22 07:39 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 01:39 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 16:31 - 2016-02-23 03:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 11:28 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 11:28 - 2016-01-04 20:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-28 12:54 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 12:54 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-24 21:56 - 2015-06-24 21:56 - 00118592 _____ () C:\WINDOWS\SYSTEM32\AcpiServiceVnA64.dll
2015-06-24 21:57 - 2015-06-24 21:57 - 00105312 _____ () C:\WINDOWS\SYSTEM32\audioLibVc.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 09581280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
2016-01-28 16:48 - 2016-01-28 16:48 - 00492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_locale-vc120-mt-1_57.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 02266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\HtmlFramework.dll
2016-01-28 16:48 - 2016-01-28 16:48 - 00868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTrayDefaultSkin.dll
2015-03-19 19:12 - 2014-12-15 00:04 - 00253992 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
2016-02-23 06:12 - 2016-02-23 06:12 - 00402624 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2016-02-23 06:11 - 2016-02-23 06:11 - 00402624 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream64.dll
2015-03-24 20:03 - 2013-08-08 13:34 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2016-01-28 16:48 - 2016-01-28 16:48 - 02794744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareShellExtension.dll
2015-12-06 12:20 - 2016-03-06 22:18 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-06 12:20 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-19 19:12 - 2015-09-21 12:00 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-10-10 22:09 - 2015-11-02 21:45 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2015-10-10 22:09 - 2015-11-02 21:45 - 00186408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2015-10-10 22:09 - 2015-11-02 21:45 - 00165416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2015-10-10 22:09 - 2015-11-02 21:45 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2015-10-10 22:09 - 2015-11-02 21:45 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2015-03-19 19:12 - 2015-06-22 11:58 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-03-19 19:12 - 2015-09-23 11:58 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-03-19 19:12 - 2015-09-23 11:58 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-03-19 19:12 - 2014-12-14 11:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-03-19 19:12 - 2015-03-13 22:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-03-19 19:12 - 2015-09-23 11:58 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-03-19 19:12 - 2015-09-23 11:58 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-03-19 19:12 - 2015-06-22 11:58 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-03-19 19:12 - 2015-11-02 17:03 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-03-19 19:12 - 2015-06-22 11:58 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-12-06 00:46 - 2015-11-03 07:18 - 00111656 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2015-10-22 14:27 - 2015-11-02 17:03 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2015-10-22 14:27 - 2015-11-10 05:07 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2015-03-19 19:12 - 2015-06-22 11:58 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-03-19 19:12 - 2015-08-01 02:10 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-03-19 19:12 - 2015-09-23 11:58 - 00201768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-03-19 19:12 - 2015-06-22 11:58 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-03-19 19:12 - 2015-09-23 11:58 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-03-19 19:12 - 2015-09-23 11:58 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-08-28 23:06 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-28 23:06 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-05 20:49 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-05 20:49 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-19 19:12 - 2014-12-14 23:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2015-03-24 20:04 - 2012-05-02 17:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
2015-03-24 20:04 - 2013-08-07 17:43 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
2015-03-24 20:04 - 2010-12-14 16:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2015-03-24 20:04 - 2013-06-11 11:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL
2015-03-24 20:04 - 2010-10-29 17:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL
2015-03-24 20:04 - 2013-08-06 19:04 - 02502656 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL
2015-03-24 20:04 - 2013-08-29 16:48 - 00610304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGOInsHelp.dll
2015-03-24 20:04 - 2013-01-31 21:59 - 00515072 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HelpWin8.dll
2015-03-24 20:04 - 2012-01-12 15:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2015-03-24 20:05 - 2013-06-13 16:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
2015-03-24 20:04 - 2013-03-21 18:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2015-03-24 20:04 - 2012-04-25 13:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
2015-03-24 20:03 - 2013-08-08 13:34 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-03-24 20:03 - 2013-08-08 13:34 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-03-24 20:03 - 2013-08-08 13:34 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-03-24 20:03 - 2013-08-08 13:34 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-03-24 20:03 - 2013-08-08 13:34 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
2015-03-24 20:03 - 2013-08-07 18:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-03-24 20:03 - 2013-03-13 16:12 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2015-03-24 20:03 - 2013-08-08 13:41 - 02747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-03-24 20:03 - 2013-08-29 14:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2015-03-24 20:04 - 2013-06-24 14:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
2015-03-24 20:04 - 2013-09-05 14:46 - 02064384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
2015-03-24 20:03 - 2013-08-07 18:11 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\aaHMLib.dll
2015-03-24 20:03 - 2013-08-07 18:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2015-03-24 20:03 - 2013-08-08 13:35 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2015-03-24 20:04 - 2012-01-19 08:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2015-03-24 20:03 - 2013-08-07 18:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2015-03-24 20:03 - 2013-08-07 18:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2015-03-24 20:05 - 2013-06-24 12:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
2015-03-24 20:04 - 2010-09-23 10:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2015-03-24 20:04 - 2010-02-25 13:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2015-03-24 20:03 - 2013-07-31 19:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2015-03-24 20:03 - 2010-06-21 14:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-02-13 18:49 - 2013-03-07 13:43 - 00179712 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsusService.dll
2014-02-13 18:49 - 2013-03-07 17:37 - 00470016 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccHelper.dll
2016-01-22 07:39 - 2016-01-22 07:39 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 07:39 - 2016-01-22 07:39 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-03-30 19:23 - 2016-02-17 02:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-03-06 12:26 - 2016-03-01 23:47 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libglesv2.dll
2016-03-06 12:26 - 2016-03-01 23:47 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libegl.dll
2016-01-05 20:11 - 2016-01-05 20:11 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-03-19 19:12 - 2014-12-15 00:04 - 00223272 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\traynet.dll
2015-03-19 19:12 - 2014-12-15 00:04 - 00275496 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\libcurl.dll
2015-03-19 19:12 - 2014-12-15 00:04 - 00118328 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\zlib1.dll
2015-03-19 19:12 - 2015-03-14 11:05 - 00249896 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\uexper.dll
2015-03-24 20:04 - 2012-02-06 20:08 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\pngio.dll
2015-12-12 22:43 - 2016-01-12 13:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-02-18 06:42 - 2016-01-12 13:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-12 22:43 - 2016-01-12 13:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 22:43 - 2016-01-12 13:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 22:43 - 2016-01-12 13:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 22:43 - 2016-01-12 13:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-12 22:43 - 2016-01-12 13:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 22:43 - 2016-02-16 13:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 22:43 - 2016-01-12 13:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-02-18 06:42 - 2016-02-16 13:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 22:43 - 2016-01-12 13:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-02-18 06:42 - 2016-02-16 13:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-02-18 06:42 - 2016-02-16 13:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 22:43 - 2016-01-12 13:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 22:43 - 2016-01-12 13:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 22:43 - 2016-01-12 13:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 22:43 - 2016-01-12 13:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 22:43 - 2016-01-12 13:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 22:43 - 2016-01-12 13:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 22:43 - 2016-01-12 13:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 22:43 - 2016-01-12 13:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 22:43 - 2016-01-12 13:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 22:43 - 2016-01-12 13:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 22:43 - 2016-01-12 13:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 22:43 - 2016-01-12 13:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-02-18 06:42 - 2016-02-16 13:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-02-18 06:42 - 2016-01-12 13:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-02-18 06:42 - 2016-02-16 13:39 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-02-18 06:42 - 2015-11-04 19:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-12 22:43 - 2016-02-16 13:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 22:43 - 2016-01-12 13:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-12 22:43 - 2016-01-12 13:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-02-18 06:42 - 2016-01-12 13:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-02-18 06:42 - 2016-02-16 13:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 22:43 - 2016-01-12 13:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-12 22:43 - 2016-02-16 13:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 22:43 - 2016-01-12 13:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-12 22:43 - 2016-02-16 13:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-02-18 06:42 - 2016-02-16 13:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-02-18 06:42 - 2016-01-12 13:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-02-18 06:42 - 2016-01-12 13:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-12-12 22:43 - 2016-02-16 13:39 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-10-25 11:06 - 2015-10-25 11:05 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7872 more sites.

IE trusted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\screenr.com -> hxxps://www.screenr.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1426893082-392233631-795411858-1001\...\123simsen.com -> www.123simsen.com

There are 7873 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2016-03-05 20:55 - 00451385 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 updater.techsmith.com
127.0.0.1 camtasiatudi.techsmith.com
127.0.0.1 tsccloud.cloudapp.net
127.0.0.1 assets.cloud.techsmith.com127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 69.167.144.18127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info

There are 15480 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1426893082-392233631-795411858-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8383BB80-B7D6-4F27-9279-8D671C104F6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDC02041-B9C8-48FF-8071-6CC2B145341D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CF179C8-0C65-49DE-9B4F-892E9EEC507C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1E622B98-DC5F-4C02-909E-EF53C57D77FC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{3EF10501-7CA6-4516-975F-9ABDDDAA7C26}] => (Block) D:\Games\Fallout 4\Fallout4.exe
FirewallRules: [{5ABEDEC0-E560-4523-A1CA-C97A368DC5DC}] => (Block) D:\Games\Fallout 4\Fallout4.exe
FirewallRules: [{CC5C4E74-C3B2-41A6-AA50-FF95E40682BE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{CE6354E1-CA80-409A-B829-4BAB79008BCF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F2B25E8F-144F-462F-86F5-E0E56E0E761C}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
FirewallRules: [{59465EAC-1549-4DCA-8382-2ADED6A5F449}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
FirewallRules: [UDP Query User{F033FEE2-4E50-45F8-B2AE-4948A6E476EE}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{93795344-5956-4148-A008-5B639875D509}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D7C5B210-2D57-4313-98D1-901E60CB0D3E}C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Allow) C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [TCP Query User{5822B0BA-FF7C-4890-B713-F11376A17954}C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Allow) C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [UDP Query User{B4ED03D7-52FE-49C6-8604-6186D6DCC26B}D:\games\grand theft auto v\gta5.exe] => (Block) D:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{540505D0-F2D3-4D9D-B61A-7057E3D2735A}D:\games\grand theft auto v\gta5.exe] => (Block) D:\games\grand theft auto v\gta5.exe
FirewallRules: [{E3031F80-3310-446E-A919-AC02216F12D9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2F380023-ACB8-41B8-A263-9E1AD3F6B8E4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{9EFAA009-E3A6-4F28-BBBD-26A6151D5F3F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [UDP Query User{F756198D-7ECA-4BC8-A758-4B17320C588D}C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Allow) C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [TCP Query User{BE6409D7-0B9E-489E-BB74-C6803E6ECAE8}C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Allow) C:\users\raiel\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [{397867F2-85DB-40B1-8AB9-74B312658561}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{332ECC50-1913-403E-A19B-1F87518CC939}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{A6E90764-4032-4716-B1DD-1B22A57B38BB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{20942ED7-571B-428B-9748-CCE0BF2C57A7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{E5571030-559F-41D0-8707-91A9130F4B17}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{35180A8C-7BDC-4EDF-9CB3-E6E83512CD6B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{1365573B-A498-48E5-9F5B-5B1248377845}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{643EA8FA-91BC-40B4-808D-0E47339551C5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{A4D4AB27-1550-4E11-B072-44CA5E06CF27}] => (Allow) LPort=80
FirewallRules: [{78EAFB29-92EF-44E7-9BCE-7A3868512F4B}] => (Allow) LPort=80
FirewallRules: [{9E6A7D37-9647-4393-BB3A-79846460CEDD}] => (Allow) LPort=2869
FirewallRules: [{44DF7E2A-934D-483E-9911-220DDB4734E9}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{9C633FAC-2F6A-4429-87A7-F7367DD7B453}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5503E9C4-0179-41C8-9C54-B9F1F2A0FE25}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9FF73113-D1FA-480F-86D0-AF4094009E78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F180329B-58D5-43A9-BD12-91612F81CD64}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F19AA4BE-400F-468C-9A79-74C38C810413}] => (Allow) C:\Users\Raiel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7DA02835-2E5A-4558-950D-10EA00F5A218}] => (Allow) C:\Users\Raiel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B27F30C0-C8DF-49A5-B09C-4E50710D0749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9ED8D008-08E7-4527-9CD8-DCA97B220BC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{62F8947C-B0F3-4BD8-9B2D-2CF15811C821}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{7545B1F3-93CB-40B2-B144-FBC9FBD56A4A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{DD74B16B-1526-437D-A9E9-947599A5053D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B248F6E4-4DD9-4D09-A525-C6F0D9200022}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CFFF2DC8-9655-4EFA-A5A0-80F811BF3849}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{08D093A9-233A-4E34-90B7-CB3CD30630AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C65ED6C3-F22B-47A1-98A6-F439E47DF07A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{28B06EF7-35AC-47A5-8A25-F1CA4D7688EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A68E564F-987A-48FA-BE11-5A7D6BCDFCCF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{8A8F7F7E-8A1C-4449-A654-C2B191EE7C01}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{8A532246-6B66-47B5-9DED-9EAC0F3E0608}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{ED1F2E91-1149-4A6F-AEB2-9C5E435D62DC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [TCP Query User{A407BEAC-E559-48B8-A690-B0D9658F85AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C91F4537-0490-4DE3-AE4F-53C6765BC324}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{69DB9BA8-92EC-46B7-ABA0-5A6E528B5FE0}] => (Allow) LPort=2869
FirewallRules: [{F70EAED3-DE3D-499E-B8C2-FA42B08C95C6}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{A82032EF-77E6-442B-9B2E-5D46BE9965DE}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [UDP Query User{9D755DE4-91BF-4E4C-9A68-47BE07B46132}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [TCP Query User{669C434D-FB30-48D7-8FF5-F1926A3EE701}C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iv black flag\ac4bfsp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iv black flag\ac4bfsp.exe
FirewallRules: [UDP Query User{01AA3B3D-73FA-4BF8-9F7F-BB15A99464D2}C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iv black flag\ac4bfsp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iv black flag\ac4bfsp.exe
FirewallRules: [{DC59C316-F3EA-41F2-8CC3-1EABF74BC845}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{240D8646-7A48-4E41-AB4C-77BEBDBCF0C7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{582A0102-D30F-4F38-8CA5-3B9B2B63077F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{4DDD9D32-D3EF-4AF9-B160-2C9BB06CA752}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{C46F326C-925D-4E50-9DA6-ACA28AA622BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{553B9A7C-558E-4DD4-B100-F3803002581A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{F931214D-5A29-47DD-8730-BD07F10165EA}] => (Allow) C:\Users\Raiel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6BDEC68C-19EB-427C-BC25-B377159897C2}] => (Allow) C:\Users\Raiel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{53698370-BBC0-4F2C-B598-6041BEC2572E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DA0D7251-FC81-4C93-AB4D-4D618A1772F9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FA17136D-5887-4C21-B6EF-07A88C9BF19B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{D4A55D2B-D467-496D-9967-43BB66053756}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{704D25F8-881E-4980-A7FF-619FF94CC370}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{67AE8628-F2B8-4742-B628-7EBF9192C212}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{F5D6651E-DDC9-49F2-AC71-C40630F5A437}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{59E13EE5-1810-452B-A52C-C7D66821A2D2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{23A2A484-B4FD-4EC9-9152-D48C45AC4469}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{6E2D893F-547A-4E39-A7F1-1B98AF26E01D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{456ABF36-A584-446F-A49B-B6E389D8D414}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{80AB39E1-1A51-4323-BDC9-6E88180AF5C1}] => (Allow) LPort=8298
FirewallRules: [{2C18F31C-8C35-4149-B480-406055A05787}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{91902E59-30A3-448C-85AA-09A6A70E9CED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF84C860-4030-47C1-ADD7-1BF84E1CF5D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1BA593A0-1295-49E8-897D-6D2310BF256F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F5FF5F81-A809-4EAC-8284-686FB007BCE8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73841683-80B4-4DCB-8C22-3523762E5A71}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A7A47F3A-1EA3-4BA1-BC07-41EE8F2E2976}] => (Allow) C:\Program Files (x86)\BacklinkBeast\BacklinkBeast.exe
FirewallRules: [{DA7F6056-6B0C-43F3-BDB6-0E9DE083C837}] => (Allow) C:\Program Files (x86)\BacklinkBeast\BacklinkBeast.exe
FirewallRules: [TCP Query User{19C51972-CAAA-4C55-B985-2940337D6EC8}D:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) D:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{2381073E-2B12-4F5C-966C-7398FA5CB050}D:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) D:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
FirewallRules: [{D3BB74C6-A9F5-4869-9F23-C257BE29A528}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1A727EC6-50AB-4106-A898-DBEF9DC3A1D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{352818E6-268B-468C-A770-07E607EC95B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{80F251A3-AFA1-4203-9AE7-0342A76994FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B1E094B4-AB0B-4FEE-9E92-43079E552BE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C6912B5B-D941-4E42-8D52-29CDD54F772E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D3AC6CBB-930D-48A0-AE9D-3D037A361E21}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{DA344961-936C-4BE6-B060-977F877B0DE2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A3D0F4DA-CFB1-4DCD-92B4-92A197C02BC2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{7D90A4C7-F733-4DAF-82F5-D62A7CB19A07}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{201285B6-68C2-4BED-A26A-F8B1D5E0B37C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{41D90858-0453-4C1C-8AFD-E1967A1DA8D2}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\Studio.exe
FirewallRules: [{35EC0DDE-ADAA-4A54-A591-932ECAAD260B}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\Studio.exe
FirewallRules: [TCP Query User{5E81A45E-7117-414C-B97A-CDA72339E34A}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [UDP Query User{208C7A63-BF3E-48DC-BEB1-B5702EF2B7FA}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [{AD893EE4-6FE0-4654-89C4-AE5ED556B7F8}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{B9C6A548-7463-4836-AE64-879BB50429FD}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{E3C17360-5188-4D7D-972D-BCCCE3699AE5}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{EC3A7BE9-52D3-4562-B2E5-250FD9E2A6A1}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{8ADCD33C-E346-4A9E-B9A2-AFC7E55AA365}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{5C2ED85D-E8A3-435B-86EC-E4232B33BC62}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{E000FDA6-9758-4D58-911F-21C53BB8F4F1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{46DB5C83-ED98-4ECB-8CBB-101E9748F6C3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{574F2A5B-6D1D-4E73-BF8C-D2A155429F32}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{2093D300-DC8E-490E-9DCC-C13C1311DF7A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{7AC1411D-B24C-472B-90CC-A71CB3FA9497}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{90058899-0807-4F89-B3E2-07823A5309A7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{B06BD7F5-316E-4C33-89D0-DB656383A184}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{4754A279-8788-4C58-B8FF-D177F4703502}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{C898486B-7733-4602-B1CA-982692B27FA7}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{C878BEDD-9AC0-42F2-B90A-404E12D2F047}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{E9335C57-BE92-499F-ACB8-17B3EE9AC2A3}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{9258D002-639C-4B6C-B96D-B8C2A23C611C}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{D0D61DD7-8742-44D7-9B74-1A2EFE769B0A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8D86419F-342C-4D19-9711-720F84B0E67F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D642F3DB-4583-4D9D-A754-005B25DA7E03}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{BAC5E9CC-C092-4517-9C24-7A9288A2AE99}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{0C00F24A-ADEA-49C4-A2DA-19B85ABE3D89}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe
FirewallRules: [{9508D19B-2379-4C06-B3A1-FD0CED9C0D11}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

06-03-2016 22:54:20 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2016 10:19:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 10.0.10586.103, time stamp: 0x56a853fe
Exception code: 0xc0000409
Fault offset: 0x000bd928
Faulting process id: 0x2028
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (03/06/2016 10:54:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/06/2016 10:54:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6712c0ca-6d68-46df-8457-2ca154a14c76}

Error: (03/06/2016 10:25:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 10.0.10586.103, time stamp: 0x56a853fe
Exception code: 0xc0000409
Fault offset: 0x000bd928
Faulting process id: 0x388
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (03/06/2016 10:18:58 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/06/2016 10:18:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (03/06/2016 11:54:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 10.0.10586.0, time stamp: 0x5632d8f4
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000005
Fault offset: 0x000000000002fe34
Faulting process id: 0x918
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5

Error: (03/06/2016 11:47:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 10.0.10586.103, time stamp: 0x56a853fe
Exception code: 0xc0000409
Fault offset: 0x000bd928
Faulting process id: 0x1c44
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (03/06/2016 11:45:51 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler4

Error: (03/06/2016 11:43:22 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (03/06/2016 10:19:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BCM42RLY service failed to start due to the following error:
%%2

Error: (03/06/2016 10:54:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_17cc29 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/06/2016 10:54:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_17cc29 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/06/2016 10:54:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_17cc29 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/06/2016 10:54:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_17cc29 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/06/2016 10:54:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/06/2016 10:54:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/06/2016 10:54:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ad-Aware Service 11 service terminated unexpectedly. It has done this 1 time(s).

Error: (03/06/2016 10:54:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Virtual Disk service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/06/2016 10:54:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Network Service service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2016-03-02 13:09:25.238
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-01 16:40:42.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-28 20:48:26.830
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-10 16:40:36.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-10 05:54:24.084
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-09 18:09:19.043
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-02 06:03:28.722
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-29 09:25:35.733
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-14 11:56:46.754
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 23:05:50.430
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 24%
Total physical RAM: 32705.15 MB
Available physical RAM: 24562.21 MB
Total Virtual: 37569.15 MB
Available Virtual: 27986.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.32 GB) (Free:194.45 GB) NTFS
Drive d: (Data) (Fixed) (Total:2794.39 GB) (Free:860.87 GB) NTFS
Drive i: (ESD-USB) (Removable) (Total:31.99 GB) (Free:10.5 GB) FAT32
Drive j: (Fallout 4) (CDROM) (Total:24.47 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: D22AD852)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 59.9 GB) (Disk ID: 0A12A424)
Partition 1: (Active) - (Size=32 GB) - (Type=0C)

==================== End of Addition.txt ============================
 
next,
 
1) since fRst wasn't in our Desktup we HaD 2 PLace uR fixlist.txt in the same DiRectuRy As our fRSt execution fiLe
 
2) u ask us tuu zip our system summary n so we have sent it out as an attachment in this zip fuRmat
 
3) our kumputur time isn't kuRRect stiLL (Addition.txt is sent out as an attachment)
 
4) we R gunna bacc up the kuntent uff our HDDS, Run AD-AwaRe, n re-set our CMOS batteRy tuu see if that HELPS (but we R tuLD re-settin our CMOS wunt fix a voltage issue)
 
ur thoughtS?????
 
URS TRULY,
RAiEL SCHWARtS

Attached Files


Edited by Oh My!, 07 March 2016 - 11:26 AM.


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:09 PM

Posted 07 March 2016 - 12:21 PM

Greetings,

Please hold off on any actions except for the ones I post.

Please do this.

===================================================

Multiple Antivirus Programs

-------------------

I do not recommend that you have more than one anti virus product installed on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please remove all but one of the Antivirus programs currently on your computer, even if only one is running. You can uninstall the program(s) via Add/Remove Programs, or Programs and Features in the Control Panel.

AVG AntiVirus Free Edition
Ad-Aware Antivirus


===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {269470B3-0687-470B-A62C-AD8AE4D1E2CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {41835D41-3B95-4130-8555-0D02A12274FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5E36ECB4-A4B9-489F-9132-18E50EF95184} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {736D9008-91C1-4495-ACF2-B737137182B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75E6664F-7766-4C6A-9497-2F8756CBADEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7CF9FBE1-15D4-4BB3-A8A0-F264382D2AE0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {83EF0AC6-065E-46FF-84EA-2CF3BAB6BECF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9D302AC4-5478-42F4-B6DF-0048AC696B8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {AB86C0E2-C4B7-4D06-9D54-867B08C8E7C1} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {D07946BC-4FCC-4CA1-AB03-0CFF9B5F0D08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E487ADB2-80F0-4D16-96A2-273995871501} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FC726323-F4A5-453E-9AA0-21F2BEE334D3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
emptytemp:
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
  • Rerun Spybot and check to see if it completes
===================================================

Manually Determining Service Startup Type

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type services.msc and hit Enter.
  • Locate Windows Time
  • Note the information under the Startup Type column and include that information in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did you uninstall an antivirus program?
  • ESET report
  • Does Spybot run properly
  • Windows Time Startup Type

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 raielschwartz

raielschwartz
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 08 March 2016 - 07:12 AM

FRST fix ResULt

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Raiel (2016-03-07 16:56:05) Run:2
Running from C:\Users\Raiel\Desktop
Loaded Profiles: Raiel (Available Profiles: Raiel)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Raiel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {269470B3-0687-470B-A62C-AD8AE4D1E2CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {41835D41-3B95-4130-8555-0D02A12274FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5E36ECB4-A4B9-489F-9132-18E50EF95184} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {736D9008-91C1-4495-ACF2-B737137182B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75E6664F-7766-4C6A-9497-2F8756CBADEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7CF9FBE1-15D4-4BB3-A8A0-F264382D2AE0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {83EF0AC6-065E-46FF-84EA-2CF3BAB6BECF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9D302AC4-5478-42F4-B6DF-0048AC696B8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {AB86C0E2-C4B7-4D06-9D54-867B08C8E7C1} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {D07946BC-4FCC-4CA1-AB03-0CFF9B5F0D08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E487ADB2-80F0-4D16-96A2-273995871501} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FC726323-F4A5-453E-9AA0-21F2BEE334D3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
emptytemp:
*****************
 
"HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => key removed successfully
"HKU\S-1-5-21-1426893082-392233631-795411858-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{269470B3-0687-470B-A62C-AD8AE4D1E2CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{269470B3-0687-470B-A62C-AD8AE4D1E2CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41835D41-3B95-4130-8555-0D02A12274FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41835D41-3B95-4130-8555-0D02A12274FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E36ECB4-A4B9-489F-9132-18E50EF95184}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E36ECB4-A4B9-489F-9132-18E50EF95184}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{736D9008-91C1-4495-ACF2-B737137182B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{736D9008-91C1-4495-ACF2-B737137182B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75E6664F-7766-4C6A-9497-2F8756CBADEF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75E6664F-7766-4C6A-9497-2F8756CBADEF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CF9FBE1-15D4-4BB3-A8A0-F264382D2AE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CF9FBE1-15D4-4BB3-A8A0-F264382D2AE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83EF0AC6-065E-46FF-84EA-2CF3BAB6BECF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83EF0AC6-065E-46FF-84EA-2CF3BAB6BECF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D302AC4-5478-42F4-B6DF-0048AC696B8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D302AC4-5478-42F4-B6DF-0048AC696B8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB86C0E2-C4B7-4D06-9D54-867B08C8E7C1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB86C0E2-C4B7-4D06-9D54-867B08C8E7C1}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D07946BC-4FCC-4CA1-AB03-0CFF9B5F0D08}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D07946BC-4FCC-4CA1-AB03-0CFF9B5F0D08}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E487ADB2-80F0-4D16-96A2-273995871501}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E487ADB2-80F0-4D16-96A2-273995871501}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC726323-F4A5-453E-9AA0-21F2BEE334D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC726323-F4A5-453E-9AA0-21F2BEE334D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
EmptyTemp: => 5.1 GB temporary data Removed.
 
 
The system needed a reboot.
 

 

==== End of Fixlog 16:58:08 ====

 

Antivirus AD-Aware as taken out but we just put that on two days ago after our issue had begun anyway

 

ESet 

 

C:\Program Files (x86)\EaseUS\Todo Backup\bin\PxeServer.dll a variant of Win32/TFTPD32.A potentially unsafe application cleaned by deleting

C:\Program Files (x86)\EaseUS\Todo Backup\BUILDPE\EaseUS\tb\bin\PxeServer.dll a variant of Win32/TFTPD32.A potentially unsafe application cleaned by deleting
C:\Users\Raiel\AppData\LocalLow\Sun\Java\jre1.8.0_40\java_sp.dll a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting
C:\Users\Raiel\AppData\Roaming\uTorrent\updates\3.3.2_30586.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
C:\Users\Raiel\Downloads\dfsetup219.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
C:\Users\Raiel\Downloads\spsetup127.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
C:\Users\Raiel\Downloads\spsetup128 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
C:\Users\Raiel\Downloads\spsetup128 (2).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
C:\Users\Raiel\Downloads\spsetup128.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
C:\Users\Raiel\Downloads\tb_free (1).exe a variant of Win32/TFTPD32.A potentially unsafe application deleted
C:\Users\Raiel\Downloads\uTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
C:\Windows\Installer\17d43.msi a variant of Win32/Systweak.L potentially unwanted application deleted
D:\Business\Viral Autobots Bonuses\backlink bandit Software\Software\bl.exe a variant of MSIL/Ubot.D potentially unsafe application deleted
D:\Business\WP Tweet Machine\ReGuLAR Bonuses\com-poster-setup\com-poster-setup.exe a variant of MSIL/Ubot.D potentially unsafe application deleted
D:\Business\WP Tweet Machine\ReGuLAR Bonuses\fb-quotemaster-setup\fb-quotemaster-setup.exe a variant of MSIL/Ubot.D potentially unsafe application deleted
D:\Business\WP Tweet Machine\ReGuLAR Bonuses\spin-article-pro-setup\spin-article-pro-setup.exe a variant of MSIL/Ubot.D potentially unsafe application deleted
D:\File Recovery\Lost Files\Lost Files\$Dir51\2df15.msi a variant of Win32/Systweak.L potentially unwanted application deleted
D:\File Recovery\Lost Files\Lost Files\$Dir626\ccsetup409.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
D:\File Recovery\Lost Files\Lost Files\uTorrent\updates\3.3.2_30416.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
D:\File Recovery\Raw Files\RAW Files\CAB File\301~600\file305.cab a variant of Win32/Systweak.L potentially unwanted application deleted
M:\7 Data Recovery\1 NTFS\LostFiles\#Dir52\2df15.msi a variant of Win32/Systweak.L potentially unwanted application deleted
M:\7 Data Recovery\1 NTFS\LostFiles\#Dir899\ccsetup409.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
M:\7 Data Recovery\1 NTFS\LostFiles\uTorrent\updates\3.3.2_30416.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\ccsetup323 (1).exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\ccsetup323.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\ccsetup328.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\ccsetup400.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\content professor final video.mp4 Win32/InstallMate.A potentially unwanted application cleaned by deleting
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\dfsetup210.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\dfsetup211.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted
M:\HDD Backup\Desktop HDD1\Raiel\Downloads\zafwSetupWeb_102_081_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted
M:\HDD Backup\Laptop HDD\Raiel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx a variant of Win32/SweetIM.L potentially unwanted application deleted
M:\My Backups\Lost Files\$Dir51\2df15.msi a variant of Win32/Systweak.L potentially unwanted application deleted
M:\My Backups\Lost Files\$Dir626\ccsetup409.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
M:\My Backups\Lost Files\uTorrent\updates\3.3.2_30416.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting

 

Spybot - it ran succesfully this time thanks,

 

Windows time staRt-up type - manual (trigger staRt)

 

Othur Kumments - my time issue peRsists,

will eset mess up any non_virus suftwaRe with faLse_pusitiffs?

 

uRS tRuLY,

RaieL SchwARtS



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:09 PM

Posted 08 March 2016 - 10:09 AM

Greetings,

Everything listed in the ESET report was removed. I apologize but you will need to reinstall whatever was removed by mistake.

Please do this.

===================================================

Modifying Service StartState Windows 8/7/Vista

-------------------
  • Click Start, All Programs, Accessories, right click on cmd, then select Run as Administrator
  • Windows 8 users click the Windows key + X at the same time then click Command Prompt (Admin)
  • Type sc config W32Time start= auto and press Enter
  • You should receive confirmation the commands were successful
  • Reboot your computer and check the time
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Is your time correct?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 raielschwartz

raielschwartz
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 08 March 2016 - 02:01 PM

we executuD ur CMD kummanD n wen the pc was bacc on the time was
one hour and two mins behin (it is 1:58pm on my phone wen it says
12:56pm on my kumputur)
 
as such we synchroniSuD our time with time.nist.gov since it
wuLD time out wen the WinDuws seRvurs was put on,
 
but UNLY time wiLL teLL if my time is RLY fix in ReaLity,
 
Duu u think that this kan B a CMOS BatteRy issue gaRy,
 
if nutthin ELSe fixes it????
 
URS TRULY,
RAiEL SCHWARtS


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:09 PM

Posted 08 March 2016 - 04:19 PM

Yes, it could be the battery. Let me know if the time is wrong again.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 raielschwartz

raielschwartz
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 08 March 2016 - 05:28 PM

Aftur synchin with the kuRRect time seRvur it seems Like we R stiLL at the REAL time

since the Last mument fRum wen we hav syncuD our time Last  

 

(which seems Like an impRuvement fur us As in the past at this puint in

time the kumputuR time wuLD most LikeLy wuLD hav MessuD up anuthur time)

 

but Lets see if this kumputur time stays kURRect Aftur Anuthur RestaRt uff the PC,

 

n then we kan upDate u aftur that,

 

n if the time is inkuRRect

 

we kan see if theRe R Any othur pussibuLities fur that happenin,

 

n if it isn't MALWARE RELAtuD,

 

we kan switch the CMOS batteRy At sum puint in time tuu,

 

tuu see if that wuRks out in my kase,

 

n thank u fur ur suppuRt gaRy,

 

URS TRULY,

RAiEL SCHWARtS


Edited by raielschwartz, 08 March 2016 - 05:31 PM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:09 PM

Posted 08 March 2016 - 08:32 PM

:thumbsup2:
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 raielschwartz

raielschwartz
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 09 March 2016 - 06:30 AM

hi gaRy,

 

the kumputur's time went out uff whacc again as soon as

it was re-buutuD aftur a shut Duwn,

 

C-Mos it is then u BLeaf??????

 

URS TRULY,

RAiEL SCHWARtS



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:09 PM

Posted 09 March 2016 - 10:24 AM

Yes, it is time to change the battery and see if that helps.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 raielschwartz

raielschwartz
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 09 March 2016 - 11:51 AM

hi gaRy, thank u we kan upDate u n Let u knuw if that fixes it wen we hav a chance tuu switch batteRies, URS TRULy, RAiEL SCHWARtS



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:09 PM

Posted 09 March 2016 - 12:08 PM

No problem at all. I hope it works.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 raielschwartz

raielschwartz
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:05:09 PM

Posted 09 March 2016 - 12:17 PM

is theRe anyway fur me to see what cmos batteRy my MB uses?

 

Sumwun tuLD me it is most LikeLy CR2032, 3V,

 

but if theRe is anyway fur me tuu get a DiRect kunfirmaixun,

 

that this is kuRRect,

 

then that wuLD B puRRfect,

 

so that in this way a new batteRy kan B bought by me,

 

without me havin tuu upen up my kumputur tuwur fiRst,

 

n thank u fur ur suppuRt gaRy,

 

URS TRuLy,

RAiEL SCHWARtS


Edited by raielschwartz, 09 March 2016 - 12:17 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users